sap

1,577 tracked vulnerabilities.

CVE-2020-6184 MEDIUM
SAP NetWeaver <7.40 & SAP S/4HANA <7.54 - XSS
Feb 12, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-6183 MEDIUM
SAP Host Agent 7.21 - Info Disclosure
Feb 12, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6181 MEDIUM
SAP NetWeaver <753 - HTTP Response Splitting
Feb 12, 2020
CVSS 5.8
EPSS 0.01
CVE-2020-6177 MEDIUM
SAP Mobile Platform 3.0 - Denial of Service via XML Input Validation
Feb 12, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-6307 MEDIUM
SAP Basis - Incorrect Authorization in Automated Note Search Tool
Jan 14, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-6306 LOW
SAP Leasing <6.18 - Privilege Escalation
Jan 14, 2020
CVSS 2.7
EPSS 0.01
CVE-2020-6305 MEDIUM
SAP Process Integration <7.50 - XSS
Jan 14, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-6304 HIGH
SAP NetWeaver Internet Communication Manager <7.53 - DoS
Jan 14, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-6303 MEDIUM
SAP Disclosure Management < 10.1 - Cross-Site Scripting
Jan 14, 2020
CVSS 5.4
EPSS 0.01
CVE-2019-0384 HIGH
SAP Treasury and Risk Management - Incorrect Authorization
Dec 17, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-0383 HIGH
SAP Treasury and Risk Management - Authenticated Privilege Escalation via Missing Authorization Check
Dec 17, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-0405 HIGH
SAP Enable Now < 1911 - User Enumeration and Information Disclosure
Dec 11, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-0404 HIGH
SAP Enable Now < 1911 - Information Disclosure via Server Error Messages
Dec 11, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-0403 CRITICAL
SAP Enable Now < 1911 - CSV Command Injection
Dec 11, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-0402 MEDIUM
SAP Adaptive Server Enterprise < 15.7 and 16.0 - Information Disclosure
Dec 11, 2019
CVSS 4.4
EPSS 0.00
CVE-2019-0399 MEDIUM
SAP Portfolio and Project Management - Information Disclosure in Project Dashboard
Dec 11, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-0398 HIGH
SAP BusinessObjects Business Intelligence Platform - Cross-Site Request Forgery
Dec 11, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-0395 MEDIUM
SAP BusinessObjects Business Intelligence Platform < 4.2 - Stored Cross-Site Scripting in Fiori BI Launchpad Text Module
Dec 11, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-0396 HIGH
SAP BusinessObjects Business Intelligence Platform - XML External Entity Injection in Web Intelligence HTML Interface
Nov 13, 2019
CVSS 7.1
EPSS 0.01
CVE-2019-0388 MEDIUM
SAP UI5 - Content Manipulation via Insufficient URL Validation
Nov 13, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-0386 MEDIUM
SAP ERP Sales and S4HANA Sales - Missing Authorization in Order Processing
Nov 13, 2019
CVSS 6.3
EPSS 0.01
CVE-2019-0393 MEDIUM
SAP Quality Management - SQL Injection
Nov 13, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-0391 MEDIUM
SAP NetWeaver AS Java <7.10-7.50 - Info Disclosure
Nov 13, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-0390 MEDIUM
SAP Data Hub - Exposure of Sensitive Information via Connection Manager
Nov 13, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-0389 HIGH
SAP NetWeaver Application Server Java - Privilege Escalation
Nov 13, 2019
CVSS 8.8
EPSS 0.01