sap

1,577 tracked vulnerabilities.

CVE-2020-6284 CRITICAL
SAP NetWeaver Knowledge Management 7.30, 7.31, 7.40, 7.50 - Stored Cross-Site Scripting
Aug 12, 2020
CVSS 9.0
EPSS 0.02
CVE-2020-6273 MEDIUM
SAP S/4 HANA Fiori UI for General Ledger Accounting 103, 104 - Missing Authorization Check in Attachment Service
Aug 12, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-6292 HIGH
SAP Disclosure Mgmt <10.1 - Info Disclosure
Jul 14, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6291 HIGH
SAP Disclosure Mgmt <10.1 - Insufficient Session Expiration
Jul 14, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6290 MEDIUM
SAP Disclosure Mgmt <10.1 - Session Fixation
Jul 14, 2020
CVSS 6.3
EPSS 0.01
CVE-2020-6289 HIGH
SAP Disclosure Management 10.1 - Cross-Site Request Forgery
Jul 14, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-6287 CRITICAL KEVNUCLEI
SAP NetWeaver AS JAVA - Missing Authentication Check
Jul 14, 2020
CVSS 10.0
EPSS 0.95
CVE-2020-6286 MEDIUM
SAP NetWeaver AS JAVA <7.50 - Path Traversal
Jul 14, 2020
CVSS 5.3
EPSS 0.28
CVE-2020-6285 MEDIUM
SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) <7.50 - Info Discl...
Jul 14, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6282 MEDIUM
SAP NetWeaver AS JAVA 7.10-7.50 - Server-Side Request Forgery via IIOP Service
Jul 14, 2020
CVSS 5.8
EPSS 0.01
CVE-2020-6281 MEDIUM
SAP Business Objects BI Launchpad <4.2 - XSS
Jul 14, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-6280 LOW
SAP NetWeaver <750 - Info Disclosure
Jul 14, 2020
CVSS 2.7
EPSS 0.01
CVE-2020-6278 MEDIUM
SAP BusinessObjects Business Intelligence Platform 4.1-4.2 - Stored Cross-Site Scripting via Image Upload
Jul 14, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-6276 MEDIUM
SAP BusinessObjects Business Intelligence Platform 4.2 - Cross-Site Scripting
Jul 14, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-6267 MEDIUM
SAP Disclosure Mgmt <10.1 - Info Disclosure
Jul 14, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-6261 MEDIUM
SAP Solution Manager <7.20 - Info Disclosure
Jul 01, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-6275 CRITICAL
SAP NetWeaver AS ABAP 700-754 - Server-Side Request Forgery via Session Import/Export
Jun 10, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-6271 HIGH
SAP Solution Manager <7.2 - Memory Corruption
Jun 10, 2020
CVSS 8.2
EPSS 0.01
CVE-2020-6270 MEDIUM
SAP NetWeaver AS ABAP - Privilege Escalation
Jun 10, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6269 MEDIUM
SAP Business Objects Business Intelligence Platform <4.2 - Info Dis...
Jun 10, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6268 HIGH
SAP ERP - Missing Authorization Check
Jun 10, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-6266 MEDIUM
SAP Fiori for SAP S/4HANA - Open Redirect
Jun 10, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-6264 HIGH
SAP Commerce <6.7-1905 - Info Disclosure
Jun 10, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-6263 CRITICAL
SAP NetWeaver AS Java - Auth Bypass
Jun 10, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-6260 MEDIUM
SAP Solution Manager <7.20 - Info Disclosure
Jun 10, 2020
CVSS 5.3
EPSS 0.01