sap
1,568 tracked vulnerabilities.
CVE-2019-0337
MEDIUM
SAP NetWeaver Process Integration 7.10-7.50 - Reflected Cross-Site Scripting via URL Parameter
Aug 14, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-0335
MEDIUM
SAP BusinessObjects Business Intelligence Platform 4.1-4.3 - Stored Cross-Site Scripting in User Description Field
Aug 14, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-0334
MEDIUM
SAP BusinessObjects Business Intelligence Platform 4.1-4.3 - Stored Cross-Site Scripting in BI Workspace Module
Aug 14, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-0333
MEDIUM
SAP BusinessObjects Business Intelligence Platform 4.2, 4.3 - Information Disclosure via Query Cancellation
Aug 14, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-0332
MEDIUM
SAP BusinessObjects Business Intelligence Platform 4.1-4.3 - Cross-Site Scripting via Info View Search Keyword
Aug 14, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-0331
MEDIUM
SAP BusinessObjects Business Intelligence Platform 4.1-4.3 - Information Disclosure via Directory Structure Access
Aug 14, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-0330
CRITICAL
SAP Diagnostic Agent 7.2 - OS Command Injection via OS Command Plugin
Jul 10, 2019
CVSS 9.1
EPSS 0.01
CVE-2019-0329
MEDIUM
SAP Information Steward 4.2 - Cross-Site Scripting
Jul 10, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-0328
HIGH
SAP NetWeaver Process Integration - OS Command Injection
Jul 10, 2019
CVSS 7.2
EPSS 0.01
CVE-2019-0327
HIGH
SAP NetWeaver Application Server Java 7.1-7.5 - Unrestricted Upload of File with Dangerous Type
Jul 10, 2019
CVSS 7.2
EPSS 0.01
CVE-2019-0326
MEDIUM
SAP BusinessObjects Business Intelligence Platform 4.1-4.3 - Cross-Site Scripting
Jul 10, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-0325
MEDIUM
SAP ERP HCM 3 - Missing Authorization for Payroll Data Report
Jul 10, 2019
CVSS 4.2
EPSS 0.00
CVE-2019-0322
HIGH
SAP Commerce Cloud 6.3-6.7, 1808, 1811 - Denial of Service
Jul 10, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-0321
MEDIUM
SAP NetWeaver AS ABAP 7.31, 7.4, 7.5 - Cross-Site Scripting
Jul 10, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-0319
HIGH
SAP Gateway 7.5-7.53 - Content Spoofing via Error Message Injection
Jul 10, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-0318
MEDIUM
SAP NetWeaver Application Server for Java - Info Disclosure
Jul 10, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-0281
MEDIUM
SAP OpenUI5 < 1.38.39 - Cross-Site Scripting via Insufficient Input Encoding
Jul 10, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-0316
MEDIUM
SAP NetWeaver Process Integration - Authenticated Reflected Cross-Site Scripting via Servlet Injection
Jun 14, 2019
CVSS 4.8
EPSS 0.00
CVE-2019-0303
MEDIUM
SAP BusinessObjects BI Platform 4.2, 4.3 - XSS via BILogon/appService.jsp errMsg
Jun 14, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-0315
HIGH
SAP NetWeaver Process Integration - Information Disclosure via PI Integration Builder Web UI
Jun 12, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-0314
MEDIUM
SAP Work Manager 6.3-6.5 and Inventory Manager 4.3 - Denial of Service
Jun 12, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-0312
MEDIUM
SAP NetWeaver Process Integration - Unauthenticated Information Disclosure via Unprotected Web Pages
Jun 12, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-0311
MEDIUM
SAP R/3 Enterprise 600-606, 616-617 - Cross-Site Scripting in Automotive Dealer Portal
Jun 12, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-0308
MEDIUM
SAP E-Commerce 7.3, 7.31, 7.32, 7.33, 7.54 - Authenticated Stored Cross-Site Scripting
Jun 12, 2019
CVSS 6.8
EPSS 0.00
CVE-2019-0307
LOW
SAP Solution Manager 7.2 - Missing Encryption of Sensitive Data in Diagnostics Agent
Jun 12, 2019
CVSS 2.4
EPSS 0.06
Products
3d_visual_enterprise_viewer 131
netweaver 102
netweaver_application_server_abap 78
businessobjects_business_intelligence_platform 73
netweaver_application_server_java 68
businessobjects_business_intelligence 45
hana 38
solution_manager 33
business_one 31
internet_graphics_server 28
3d_visual_enterprise_author 27
businessobjects 23
netweaver_abap 21
netweaver_process_integration 21
netweaver_enterprise_portal 20
business_objects_business_intelligence_platform 18
commerce_cloud 18
hana_extended_application_services 18
sap_basis 18
s\/4hana 17
disclosure_management 16
host_agent 15
adaptive_server_enterprise 14
enable_now 14
s4core 13
abap_platform 12
customer_relationship_management_webclient_ui 12
netweaver_as_abap 12
sap_db 12
sap_kernel 11
Quick Filters