sap

1,568 tracked vulnerabilities.

CVE-2018-2472 MEDIUM
SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 - Cross-Site Scripting in Web Intelligence DHTML Client
Oct 09, 2018
CVSS 6.1
EPSS 0.00
CVE-2018-2471 HIGH
SAP BusinessObjects <4.10,4.20 - Info Disclosure
Oct 09, 2018
CVSS 7.5
EPSS 0.00
CVE-2018-2470 MEDIUM
SAP NetWeaver 7.0-7.02, 7.30, 7.31, 7.40, 7.50-7.53 - Cross-Site Scripting
Oct 09, 2018
CVSS 6.1
EPSS 0.00
CVE-2018-2469 HIGH
SAP Adaptive Server Enterprise 15.7 and 16.0 - Unauthorized Information Access
Oct 09, 2018
CVSS 7.5
EPSS 0.00
CVE-2018-2468 HIGH
SAP Adaptive Server Enterprise 15.7 and 16.0 - Unauthorized Information Access
Oct 09, 2018
CVSS 7.5
EPSS 0.00
CVE-2018-2467 MEDIUM
SAP BusinessObjects BI Platform <4.3 - Info Disclosure
Oct 09, 2018
CVSS 5.3
EPSS 0.00
CVE-2018-2466 MEDIUM
SAP Data Services 4.2 - Cross-Site Scripting in Management Console
Oct 09, 2018
CVSS 5.4
EPSS 0.00
CVE-2018-2465 HIGH
SAP HANA 1.0 and 2.0 - Denial of Service via OData Parser XML Validation Bypass
Sep 11, 2018
CVSS 7.5
EPSS 0.01
CVE-2018-2464 MEDIUM
SAP NetWeaver WebDynpro Java 7.20-7.50 - Stored Cross-Site Scripting
Sep 11, 2018
CVSS 6.1
EPSS 0.00
CVE-2018-2463 HIGH
SAP Hybris 6.0-6.7 - Server-Side Request Forgery via XML Parser Misconfiguration
Sep 11, 2018
CVSS 8.6
EPSS 0.00
CVE-2018-2462 HIGH
SAP NetWeaver BI 7.30-7.50 - XML External Entity Injection in BEx Web Java Runtime Export Web Service
Sep 11, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-2461 HIGH
SAP People Profile - Missing Authorization Check
Sep 11, 2018
CVSS 8.8
EPSS 0.00
CVE-2018-2460 MEDIUM
SAP Business One Android 1.2 - Improper Certificate Validation
Sep 11, 2018
CVSS 5.9
EPSS 0.00
CVE-2018-2459 HIGH
SAP Mobile Platform <3.0 - Info Disclosure
Sep 11, 2018
CVSS 7.5
EPSS 0.00
CVE-2018-2458 HIGH
SAP Business One <9.3 - Info Disclosure
Sep 11, 2018
CVSS 7.5
EPSS 0.00
CVE-2018-2457 MEDIUM
SAP Adaptive Server Enterprise <16.0 - Info Disclosure
Sep 11, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-2455 HIGH
SAP Enterprise Financial Services 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 - Authenticated Privilege Escalation
Sep 11, 2018
CVSS 8.8
EPSS 0.00
CVE-2018-2454 HIGH
SAP Enterprise Financial Services 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 - Authenticated Privilege Escalation
Sep 11, 2018
CVSS 8.8
EPSS 0.00
CVE-2018-2452 MEDIUM
SAP NetWeaver AS Java 7.10-7.11, 7.20, 7.30-7.31, 7.40, 7.50 - Cross-Site Scripting in Logon Application
Sep 11, 2018
CVSS 6.1
EPSS 0.01
CVE-2018-2451 MEDIUM
SAP HANA Extended Application Services - Insufficient Session Expiration
Aug 14, 2018
CVSS 6.6
EPSS 0.00
CVE-2018-2450 HIGH
SAP MaxDB 7.8-7.9 - Authenticated SQL Injection
Aug 14, 2018
CVSS 7.2
EPSS 0.01
CVE-2018-2449 HIGH
SAP SRM MDM Catalog 3.73, 7.31, 7.32 - Unauthenticated Improper Authentication in Import Functionality
Aug 14, 2018
CVSS 8.6
EPSS 0.01
CVE-2018-2448 MEDIUM
SAP SRM-MDM Catalog 3.0, 7.01, 7.02 - Information Disclosure of User Existence
Aug 14, 2018
CVSS 5.3
EPSS 0.00
CVE-2018-2447 MEDIUM
SAP BusinessObjects Business Intelligence 4.2 - SQL Injection via Crafted InfoObject Queries
Aug 14, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-2446 HIGH
SAP BusinessObjects Business Intelligence 4.1 4.2 - Unauthenticated Information Disclosure
Aug 14, 2018
CVSS 7.5
EPSS 0.01
Products
3d_visual_enterprise_viewer 131 netweaver 102 netweaver_application_server_abap 78 businessobjects_business_intelligence_platform 73 netweaver_application_server_java 68 businessobjects_business_intelligence 45 hana 38 solution_manager 33 business_one 31 internet_graphics_server 28 3d_visual_enterprise_author 27 businessobjects 23 netweaver_abap 21 netweaver_process_integration 21 netweaver_enterprise_portal 20 business_objects_business_intelligence_platform 18 commerce_cloud 18 hana_extended_application_services 18 sap_basis 18 s\/4hana 17 disclosure_management 16 host_agent 15 adaptive_server_enterprise 14 enable_now 14 s4core 13 abap_platform 12 customer_relationship_management_webclient_ui 12 netweaver_as_abap 12 sap_db 12 sap_kernel 11
Quick Filters
Critical CVEs With Exploits In CISA KEV