Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / sap

sap

1,568 tracked vulnerabilities.

CVE-2019-0375 MEDIUM

SAP BusinessObjects Business Intelligence Platform - Reflected Cross-Site Scripting in Export Dialog Box

CVE-2019-0374 MEDIUM

SAP BusinessObjects Business Intelligence Platform - Reflected Cross-Site Scripting in Chart Title

CVE-2019-0370 MEDIUM

SAP Financial Consolidation <10.0-10.1 - XPath Injection

CVE-2019-0369 MEDIUM

SAP Financial Consolidation - Reflected Cross-Site Scripting via File Upload

CVE-2019-0368 MEDIUM

SAP Customer Relationship Management BBPCRM < 7.14 and S4CRM < 2.0 - Cross-Site Scripting in Email Management

CVE-2019-0367 MEDIUM

SAP NetWeaver Process Integration - Missing Authorization Check for B2B Table Content Import

CVE-2019-0365 HIGH

SAP Kernel < 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, 7.73, 7.76 - Denial of Service

CVE-2019-0364 MEDIUM

SAP HANA Extended Application Services - Info Disclosure

CVE-2019-0363 HIGH

SAP HANA Extended Application Services - DoS

CVE-2019-0361 MEDIUM

SAP Supplier Relationship Management < 3.73, 7.31, 7.32 - Cross-Site Scripting

CVE-2019-0357 MEDIUM

SAP HANA <2.0 - Privilege Escalation

CVE-2019-0356 MEDIUM

SAP NetWeaver <7.31-7.50 - Info Disclosure

CVE-2019-0355 HIGH

SAP NetWeaver Application Server Java Web Container < 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 - Code Injection

CVE-2019-0353 LOW

SAP Business One <9.2-9.3 - Info Disclosure

CVE-2019-0352 HIGH

SAP BusinessObjects Business Intelligence Platform - Exposure of Sensitive Information via Cached Dynamic Pages

CVE-2019-0349 HIGH

SAP Kernel (ABAP Debugger) - Missing Authorization Check for 'Go to statement'

CVE-2019-0351 HIGH

SAP NetWeaver UDDI Server 7.10-7.50 - Remote Code Execution

CVE-2019-0348 MEDIUM

SAP BusinessObjects Business Intelligence Platform 4.1-4.2 - Cleartext Transmission of Sensitive Database Information

CVE-2019-0346 MEDIUM

SAP BusinessObjects Business Intelligence Platform 4.2 - Cleartext Transmission of Sensitive Information

CVE-2019-0345 CRITICAL

SAP NetWeaver Application Server Java 7.30, 7.31, 7.40, 7.50 - Unauthenticated Server-Side Request Forgery via XML File

CVE-2019-0344 CRITICAL KEV

SAP Commerce Cloud 6.4-6.7, 1808-1905 - Remote Code Execution via Unsafe Deserialization in virtualjdbc Extension

CVE-2019-0343 HIGH

SAP Commerce Cloud 6.4-6.7, 1808-1905 - Authenticated Code Injection via Mediaconversion Extension

CVE-2019-0341 HIGH

SAP Enable Now 1902 - Session Cookie HttpOnly Flag Missing

CVE-2019-0340 MEDIUM

SAP Enable Now < 1902 - XML External Entity Injection via File Upload

CVE-2019-0338 MEDIUM

SAP Gateway 750-753 - Information Disclosure via Improper HTTP Header Handling

Previous Page 39 of 63 Next

Products

3d_visual_enterprise_viewer 131 netweaver 102 netweaver_application_server_abap 78 businessobjects_business_intelligence_platform 73 netweaver_application_server_java 68 businessobjects_business_intelligence 45 hana 38 solution_manager 33 business_one 31 internet_graphics_server 28 3d_visual_enterprise_author 27 businessobjects 23 netweaver_abap 21 netweaver_process_integration 21 netweaver_enterprise_portal 20 business_objects_business_intelligence_platform 18 commerce_cloud 18 hana_extended_application_services 18 sap_basis 18 s\/4hana 17 disclosure_management 16 host_agent 15 adaptive_server_enterprise 14 enable_now 14 s4core 13 abap_platform 12 customer_relationship_management_webclient_ui 12 netweaver_as_abap 12 sap_db 12 sap_kernel 11

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy