sap

1,568 tracked vulnerabilities.

CVE-2019-0266 HIGH
SAP HANA Extended Application Services 1.0 - Sensitive Information Disclosure in Trace File
Feb 15, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-0265 MEDIUM
SAP ABAP Platform Kernel 7.21-7.22 - Denial of Service via SLD Registration
Feb 15, 2019
CVSS 4.9
EPSS 0.01
CVE-2019-0262 MEDIUM
SAP BusinessObjects BI Platform 4.10, 4.20 - Cross-Site Scripting in HTML Report Generation
Feb 15, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-0261 CRITICAL
SAP Landscape Management - Missing Authentication for Critical Function
Feb 15, 2019
CVSS 9.8
EPSS 0.03
CVE-2019-0259 CRITICAL
SAP BusinessObjects 4.2-4.3 - Unrestricted Upload of File with Dangerous Type
Feb 15, 2019
CVSS 9.8
EPSS 0.01
CVE-2019-0258 HIGH
SAP Disclosure Management 10.01 - Authenticated Privilege Escalation
Feb 15, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-0257 HIGH
SAP Netweaver Application Server Abap < 7.02 - Missing Authorization
Feb 15, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-0256 MEDIUM
SAP Business One Mobile <1.2.12 - Info Disclosure
Feb 15, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-0255 HIGH
SAP NetWeaver AS ABAP Platform Kernel 7.73-7.75 - Privilege Escalation via Improper Installation Type Validation
Feb 15, 2019
CVSS 8.1
EPSS 0.00
CVE-2019-0254 MEDIUM
SAP Disclosure Management < 10.1 - Cross-Site Scripting
Feb 15, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-0251 MEDIUM
SAP BusinessObjects - Cross-Site Scripting in Fiori Launchpad
Feb 15, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-0249 HIGH
SAP Landscape Management - Info Disclosure
Jan 08, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-0248 MEDIUM
SAP NetWeaver - Information Disclosure
Jan 08, 2019
CVSS 5.9
EPSS 0.00
CVE-2019-0247 CRITICAL
SAP Cloud Connector < 2.11.3 - Code Injection
Jan 08, 2019
CVSS 9.8
EPSS 0.01
CVE-2019-0246 CRITICAL
SAP Cloud Connector < 2.11.3 - Missing Authentication for Critical Function
Jan 08, 2019
CVSS 9.8
EPSS 0.03
CVE-2019-0245 MEDIUM
SAP CRM WebClient UI - Cross-Site Scripting
Jan 08, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-0244 MEDIUM
SAP CRM WebClient UI - Cross-Site Scripting via User-Controlled Input
Jan 08, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-0243 HIGH
SAP BW/4HANA - Authenticated Privilege Escalation via Masterdata Maintenance
Jan 08, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-0241 HIGH
SAP Work and Inventory Manager <7.0, 7.1 - DoS
Jan 08, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-0240 HIGH
SAP Business Objects Mobile <6.3.5 - DoS
Jan 08, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-0238 MEDIUM
SAP Hybris < 6.7 - Cross-Site Scripting
Jan 08, 2019
CVSS 6.1
EPSS 0.00
CVE-2018-17865 MEDIUM
SAP J2EE Engine 7.01 - Cross-Site Scripting via wsdlPath Parameter
Aug 09, 2021
CVSS 6.1
EPSS 0.00
CVE-2018-17862 MEDIUM
SAP J2EE Engine 7.01 - Cross-Site Scripting via Fiori TestJDBC sys_jdbc Parameter
Aug 09, 2021
CVSS 6.1
EPSS 0.00
CVE-2018-17861 MEDIUM
SAP J2EE Engine/7.01/Portal/EPP - XSS
Aug 09, 2021
CVSS 6.1
EPSS 0.00
CVE-2018-2499 HIGH
SAP Financial Consolidation Cube Designer <8.0,10.1 - Info Disclosure
Jan 08, 2019
CVSS 7.5
EPSS 0.00
Products
3d_visual_enterprise_viewer 131 netweaver 102 netweaver_application_server_abap 78 businessobjects_business_intelligence_platform 73 netweaver_application_server_java 68 businessobjects_business_intelligence 45 hana 38 solution_manager 33 business_one 31 internet_graphics_server 28 3d_visual_enterprise_author 27 businessobjects 23 netweaver_abap 21 netweaver_process_integration 21 netweaver_enterprise_portal 20 business_objects_business_intelligence_platform 18 commerce_cloud 18 hana_extended_application_services 18 sap_basis 18 s\/4hana 17 disclosure_management 16 host_agent 15 adaptive_server_enterprise 14 enable_now 14 s4core 13 abap_platform 12 customer_relationship_management_webclient_ui 12 netweaver_as_abap 12 sap_db 12 sap_kernel 11
Quick Filters
Critical CVEs With Exploits In CISA KEV