sap

1,568 tracked vulnerabilities.

CVE-2019-0306 MEDIUM
SAP HANA Extended Application Services - Authenticated Information Disclosure
Jun 12, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-0305 MEDIUM
SAP NetWeaver Process Integration <7.40 - XSS
Jun 12, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-0304 CRITICAL
SAP NetWeaver AS ABAP Platform - Remote Code Execution via FTP Function
Jun 12, 2019
CVSS 9.8
EPSS 0.01
CVE-2019-0301 HIGH
SAP Identity Management - Improper Privilege Management via REST Interface Version 2
May 14, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-0298 MEDIUM
SAP E-Commerce - Cross-Site Scripting
May 14, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-0293 MEDIUM
SAP Solution Manager System - Missing Authorization for RFC Destination Access
May 14, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-0291 MEDIUM
Solution Manager 7.2 - Info Disclosure
May 14, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-0289 HIGH
SAP BusinessObjects <4.3 - Info Disclosure
May 14, 2019
CVSS 7.1
EPSS 0.00
CVE-2019-0287 HIGH
SAP BusinessObjects <4.3 - Info Disclosure
May 14, 2019
CVSS 7.6
EPSS 0.00
CVE-2019-0280 HIGH
SAP Treasury and Risk Management - Missing Authorization for T_DEAL_DP and T_DEAL_PD
May 14, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-0285 CRITICAL
SAP Crystal Reports for Visual Studio - Cleartext Storage of Sensitive Database Credentials
Apr 10, 2019
CVSS 9.8
EPSS 0.07
CVE-2019-0284 MEDIUM
SAP HANA - XML External Entity Injection via SLDREG
Apr 10, 2019
CVSS 6.0
EPSS 0.00
CVE-2019-0283 HIGH
SAP NetWeaver Process Integration - Digital Signature Spoofing via PI Axis Adapter
Apr 10, 2019
CVSS 7.1
EPSS 0.00
CVE-2019-0282 MEDIUM
SAP NetWeaver Process Integration - Unauthenticated Information Disclosure in Runtime Workbench
Apr 10, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-0279 HIGH
SAP BASIS - Authenticated Privilege Escalation via ABAP Function Modules
Apr 10, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-0278 MEDIUM
SAP NetWeaver Process Integration - Information Disclosure via Monitoring Servlet
Apr 10, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-0277 MEDIUM
SAP HANA Extended Application Services 1 - Authenticated XML External Entity Injection
Mar 12, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-0276 HIGH
Banking services from SAP 9.0 and SAP S/4HANA Financial Products Subledger 1 - Incorrect Authorization
Mar 12, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-0275 MEDIUM
SAP NetWeaver AS Java 7.10-7.50 - XSS in SAML 1.1 SSO Demo App
Mar 12, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-0274 HIGH
SAP Mobile Platform SDK - Denial of Service
Mar 12, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-0271 MEDIUM
SAP ABAP Server and ABAP Platform - XML External Entity Injection via Untrusted XML Document
Mar 12, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-0270 HIGH
SAP ABAP Server and ABAP Platform - Missing Authorization
Mar 12, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-0269 MEDIUM
SAP BusinessObjects Business Intelligence Platform 4.10-4.20 - Cross-Site Scripting
Mar 12, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-0268 HIGH
SAP BusinessObjects <4.30 - Info Disclosure
Mar 12, 2019
CVSS 8.1
EPSS 0.01
CVE-2019-0267 HIGH
SAP Manufacturing Integration and Intelligence 15.0-15.2 - Cross-Site Request Forgery in Illuminator Servlet
Feb 15, 2019
CVSS 8.8
EPSS 0.00
Products
3d_visual_enterprise_viewer 131 netweaver 102 netweaver_application_server_abap 78 businessobjects_business_intelligence_platform 73 netweaver_application_server_java 68 businessobjects_business_intelligence 45 hana 38 solution_manager 33 business_one 31 internet_graphics_server 28 3d_visual_enterprise_author 27 businessobjects 23 netweaver_abap 21 netweaver_process_integration 21 netweaver_enterprise_portal 20 business_objects_business_intelligence_platform 18 commerce_cloud 18 hana_extended_application_services 18 sap_basis 18 s\/4hana 17 disclosure_management 16 host_agent 15 adaptive_server_enterprise 14 enable_now 14 s4core 13 abap_platform 12 customer_relationship_management_webclient_ui 12 netweaver_as_abap 12 sap_db 12 sap_kernel 11
Quick Filters
Critical CVEs With Exploits In CISA KEV