sap
1,577 tracked vulnerabilities.
CVE-2019-0385
MEDIUM
SAP Enable Now < 1908 - Cross-Site Scripting
Nov 13, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-0382
MEDIUM
SAP BusinessObjects BI Platform < 4.2 - Authenticated XSS in Web Intelligence
Nov 13, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-0350
HIGH
SAP HANA Database 1.0, 2.0 - Unauthenticated Denial of Service via Malformed Connection Request
Nov 04, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-0381
MEDIUM
SAP SQL Anywhere <17.0 - Info Disclosure
Oct 08, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-0380
MEDIUM
SAP Landscape Management < 3.0 - Information Disclosure via Log File Insertion
Oct 08, 2019
CVSS 4.9
EPSS 0.01
CVE-2019-0379
MEDIUM
SAP Process Integration 1.0, 2.0 - Missing Authentication for Critical Function
Oct 08, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-0378
MEDIUM
SAP BusinessObjects Business Intelligence Platform < 4.2 - Stored Cross-Site Scripting via Background Image Filename
Oct 08, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-0377
MEDIUM
SAP BusinessObjects BI Platform < 4.2 - Stored XSS in Web Intelligence HTML Interface
Oct 08, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-0376
MEDIUM
SAP BusinessObjects Business Intelligence Platform - Stored Cross-Site Scripting via Publication Name
Oct 08, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-0375
MEDIUM
SAP BusinessObjects Business Intelligence Platform - Reflected Cross-Site Scripting in Export Dialog Box
Oct 08, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-0374
MEDIUM
SAP BusinessObjects Business Intelligence Platform - Reflected Cross-Site Scripting in Chart Title
Oct 08, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-0370
MEDIUM
SAP Financial Consolidation <10.0-10.1 - XPath Injection
Oct 08, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-0369
MEDIUM
SAP Financial Consolidation - Reflected Cross-Site Scripting via File Upload
Oct 08, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-0368
MEDIUM
SAP Customer Relationship Management BBPCRM < 7.14 and S4CRM < 2.0 - Cross-Site Scripting in Email Management
Oct 08, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-0367
MEDIUM
SAP NetWeaver Process Integration - Missing Authorization Check for B2B Table Content Import
Oct 08, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-0365
HIGH
SAP Kernel < 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, 7.73, 7.76 - Denial of Service
Sep 10, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-0364
MEDIUM
SAP HANA Extended Application Services - Info Disclosure
Sep 10, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-0363
HIGH
SAP HANA Extended Application Services - DoS
Sep 10, 2019
CVSS 7.1
EPSS 0.01
CVE-2019-0361
MEDIUM
SAP Supplier Relationship Management < 3.73, 7.31, 7.32 - Cross-Site Scripting
Sep 10, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-0357
MEDIUM
SAP HANA <2.0 - Privilege Escalation
Sep 10, 2019
CVSS 6.7
EPSS 0.00
CVE-2019-0356
MEDIUM
SAP NetWeaver <7.31-7.50 - Info Disclosure
Sep 10, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-0355
HIGH
SAP NetWeaver Application Server Java Web Container < 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 - Code Injection
Sep 10, 2019
CVSS 7.2
EPSS 0.02
CVE-2019-0353
LOW
SAP Business One <9.2-9.3 - Info Disclosure
Sep 10, 2019
CVSS 3.3
EPSS 0.00
CVE-2019-0352
HIGH
SAP BusinessObjects Business Intelligence Platform - Exposure of Sensitive Information via Cached Dynamic Pages
Sep 10, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-0349
HIGH
SAP Kernel (ABAP Debugger) - Missing Authorization Check for 'Go to statement'
Aug 14, 2019
CVSS 7.2
EPSS 0.01
Products
3d_visual_enterprise_viewer 131
netweaver 102
netweaver_application_server_abap 86
businessobjects_business_intelligence_platform 73
netweaver_application_server_java 69
businessobjects_business_intelligence 45
hana 38
solution_manager 33
business_one 31
internet_graphics_server 28
3d_visual_enterprise_author 27
businessobjects 23
netweaver_abap 21
netweaver_process_integration 21
netweaver_enterprise_portal 20
business_objects_business_intelligence_platform 18
commerce_cloud 18
hana_extended_application_services 18
sap_basis 18
s\/4hana 17
disclosure_management 16
host_agent 15
adaptive_server_enterprise 14
enable_now 14
s4core 13
abap_platform 12
customer_relationship_management_webclient_ui 12
netweaver_as_abap 12
sap_db 12
sap_kernel 11
Quick Filters