sap

1,577 tracked vulnerabilities.

CVE-2019-0385 MEDIUM
SAP Enable Now < 1908 - Cross-Site Scripting
Nov 13, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-0382 MEDIUM
SAP BusinessObjects BI Platform < 4.2 - Authenticated XSS in Web Intelligence
Nov 13, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-0350 HIGH
SAP HANA Database 1.0, 2.0 - Unauthenticated Denial of Service via Malformed Connection Request
Nov 04, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-0381 MEDIUM
SAP SQL Anywhere <17.0 - Info Disclosure
Oct 08, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-0380 MEDIUM
SAP Landscape Management < 3.0 - Information Disclosure via Log File Insertion
Oct 08, 2019
CVSS 4.9
EPSS 0.01
CVE-2019-0379 MEDIUM
SAP Process Integration 1.0, 2.0 - Missing Authentication for Critical Function
Oct 08, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-0378 MEDIUM
SAP BusinessObjects Business Intelligence Platform < 4.2 - Stored Cross-Site Scripting via Background Image Filename
Oct 08, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-0377 MEDIUM
SAP BusinessObjects BI Platform < 4.2 - Stored XSS in Web Intelligence HTML Interface
Oct 08, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-0376 MEDIUM
SAP BusinessObjects Business Intelligence Platform - Stored Cross-Site Scripting via Publication Name
Oct 08, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-0375 MEDIUM
SAP BusinessObjects Business Intelligence Platform - Reflected Cross-Site Scripting in Export Dialog Box
Oct 08, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-0374 MEDIUM
SAP BusinessObjects Business Intelligence Platform - Reflected Cross-Site Scripting in Chart Title
Oct 08, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-0370 MEDIUM
SAP Financial Consolidation <10.0-10.1 - XPath Injection
Oct 08, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-0369 MEDIUM
SAP Financial Consolidation - Reflected Cross-Site Scripting via File Upload
Oct 08, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-0368 MEDIUM
SAP Customer Relationship Management BBPCRM < 7.14 and S4CRM < 2.0 - Cross-Site Scripting in Email Management
Oct 08, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-0367 MEDIUM
SAP NetWeaver Process Integration - Missing Authorization Check for B2B Table Content Import
Oct 08, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-0365 HIGH
SAP Kernel < 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, 7.73, 7.76 - Denial of Service
Sep 10, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-0364 MEDIUM
SAP HANA Extended Application Services - Info Disclosure
Sep 10, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-0363 HIGH
SAP HANA Extended Application Services - DoS
Sep 10, 2019
CVSS 7.1
EPSS 0.01
CVE-2019-0361 MEDIUM
SAP Supplier Relationship Management < 3.73, 7.31, 7.32 - Cross-Site Scripting
Sep 10, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-0357 MEDIUM
SAP HANA <2.0 - Privilege Escalation
Sep 10, 2019
CVSS 6.7
EPSS 0.00
CVE-2019-0356 MEDIUM
SAP NetWeaver <7.31-7.50 - Info Disclosure
Sep 10, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-0355 HIGH
SAP NetWeaver Application Server Java Web Container < 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 - Code Injection
Sep 10, 2019
CVSS 7.2
EPSS 0.02
CVE-2019-0353 LOW
SAP Business One <9.2-9.3 - Info Disclosure
Sep 10, 2019
CVSS 3.3
EPSS 0.00
CVE-2019-0352 HIGH
SAP BusinessObjects Business Intelligence Platform - Exposure of Sensitive Information via Cached Dynamic Pages
Sep 10, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-0349 HIGH
SAP Kernel (ABAP Debugger) - Missing Authorization Check for 'Go to statement'
Aug 14, 2019
CVSS 7.2
EPSS 0.01