sap

1,568 tracked vulnerabilities.

CVE-2019-0384 HIGH
SAP Treasury and Risk Management - Incorrect Authorization
Dec 17, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-0383 HIGH
SAP Treasury and Risk Management - Authenticated Privilege Escalation via Missing Authorization Check
Dec 17, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-0405 HIGH
SAP Enable Now < 1911 - User Enumeration and Information Disclosure
Dec 11, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-0404 HIGH
SAP Enable Now < 1911 - Information Disclosure via Server Error Messages
Dec 11, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-0403 CRITICAL
SAP Enable Now < 1911 - CSV Command Injection
Dec 11, 2019
CVSS 9.8
EPSS 0.06
CVE-2019-0402 MEDIUM
SAP Adaptive Server Enterprise < 15.7 and 16.0 - Information Disclosure
Dec 11, 2019
CVSS 4.4
EPSS 0.00
CVE-2019-0399 MEDIUM
SAP Portfolio and Project Management - Information Disclosure in Project Dashboard
Dec 11, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-0398 HIGH
SAP BusinessObjects Business Intelligence Platform - Cross-Site Request Forgery
Dec 11, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-0395 MEDIUM
SAP BusinessObjects Business Intelligence Platform < 4.2 - Stored Cross-Site Scripting in Fiori BI Launchpad Text Module
Dec 11, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-0396 HIGH
SAP BusinessObjects Business Intelligence Platform - XML External Entity Injection in Web Intelligence HTML Interface
Nov 13, 2019
CVSS 7.1
EPSS 0.00
CVE-2019-0388 MEDIUM
SAP UI5 - Content Manipulation via Insufficient URL Validation
Nov 13, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-0386 MEDIUM
SAP ERP Sales and S4HANA Sales - Missing Authorization in Order Processing
Nov 13, 2019
CVSS 6.3
EPSS 0.00
CVE-2019-0393 MEDIUM
SAP Quality Management - SQL Injection
Nov 13, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-0391 MEDIUM
SAP NetWeaver AS Java <7.10-7.50 - Info Disclosure
Nov 13, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-0390 MEDIUM
SAP Data Hub - Exposure of Sensitive Information via Connection Manager
Nov 13, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-0389 HIGH
SAP NetWeaver Application Server Java - Privilege Escalation
Nov 13, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-0385 MEDIUM
SAP Enable Now < 1908 - Cross-Site Scripting
Nov 13, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-0382 MEDIUM
SAP BusinessObjects BI Platform < 4.2 - Authenticated XSS in Web Intelligence
Nov 13, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-0350 HIGH
SAP HANA Database 1.0, 2.0 - Unauthenticated Denial of Service via Malformed Connection Request
Nov 04, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-0381 MEDIUM
SAP SQL Anywhere <17.0 - Info Disclosure
Oct 08, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-0380 MEDIUM
SAP Landscape Management < 3.0 - Information Disclosure via Log File Insertion
Oct 08, 2019
CVSS 4.9
EPSS 0.00
CVE-2019-0379 MEDIUM
SAP Process Integration 1.0, 2.0 - Missing Authentication for Critical Function
Oct 08, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-0378 MEDIUM
SAP BusinessObjects Business Intelligence Platform < 4.2 - Stored Cross-Site Scripting via Background Image Filename
Oct 08, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-0377 MEDIUM
SAP BusinessObjects BI Platform < 4.2 - Stored XSS in Web Intelligence HTML Interface
Oct 08, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-0376 MEDIUM
SAP BusinessObjects Business Intelligence Platform - Stored Cross-Site Scripting via Publication Name
Oct 08, 2019
CVSS 5.4
EPSS 0.00
Products
3d_visual_enterprise_viewer 131 netweaver 102 netweaver_application_server_abap 78 businessobjects_business_intelligence_platform 73 netweaver_application_server_java 68 businessobjects_business_intelligence 45 hana 38 solution_manager 33 business_one 31 internet_graphics_server 28 3d_visual_enterprise_author 27 businessobjects 23 netweaver_abap 21 netweaver_process_integration 21 netweaver_enterprise_portal 20 business_objects_business_intelligence_platform 18 commerce_cloud 18 hana_extended_application_services 18 sap_basis 18 s\/4hana 17 disclosure_management 16 host_agent 15 adaptive_server_enterprise 14 enable_now 14 s4core 13 abap_platform 12 customer_relationship_management_webclient_ui 12 netweaver_as_abap 12 sap_db 12 sap_kernel 11
Quick Filters
Critical CVEs With Exploits In CISA KEV