sap
1,577 tracked vulnerabilities.
CVE-2018-2425
HIGH
SAP Business One <9.3 - Info Disclosure
Jun 12, 2018
CVSS 8.4
EPSS 0.00
CVE-2018-2424
CRITICAL
SAP UI5 - Cross-Site Scripting via DOM Injection
Jun 12, 2018
CVSS 9.8
EPSS 0.02
CVE-2018-11415
MEDIUM
SAP Internet Transaction Server 6200.X.X - Reflected Cross-Site Scripting via wgate URIs
May 24, 2018
CVSS 6.1
EPSS 0.08
CVE-2018-2423
MEDIUM
SAP Internet Graphics Server 7.20 7.20EXT 7.45 7.49 7.53 - Denial of Service
May 09, 2018
CVSS 5.3
EPSS 0.03
CVE-2018-2422
MEDIUM
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Denial of Service
May 09, 2018
CVSS 5.3
EPSS 0.02
CVE-2018-2421
MEDIUM
SAP Internet Graphics Server 7.20 7.20EXT 7.45 7.49 7.53 - Denial of Service via Portwatcher
May 09, 2018
CVSS 5.3
EPSS 0.03
CVE-2018-2420
MEDIUM
SAP Internet Graphics Server 7.20 7.20EXT 7.45 7.49 7.53 - Unrestricted Upload of File with Dangerous Type
May 09, 2018
CVSS 6.5
EPSS 0.02
CVE-2018-2419
LOW
SAP Enterprise Financial Services - Missing Authorization
May 09, 2018
CVSS 3.7
EPSS 0.01
CVE-2018-2418
MEDIUM
SAP MaxDB ODBC Driver < 7.9.09.07 - Code Injection
May 09, 2018
CVSS 5.5
EPSS 0.02
CVE-2018-2417
MEDIUM
SAP Identity Management 8.0 - Info Disclosure
May 09, 2018
CVSS 5.3
EPSS 0.01
CVE-2018-2416
MEDIUM
SAP Identity Management 7.2 and 8.0 - XML External Entity Injection
May 09, 2018
CVSS 5.4
EPSS 0.01
CVE-2018-2415
MEDIUM
SAP NetWeaver Application Server Java Web Container - Content Spoofing
May 09, 2018
CVSS 4.7
EPSS 0.01
CVE-2018-2413
MEDIUM
SAP Disclosure Management 10.1 - Authenticated Missing Authorization
Apr 10, 2018
CVSS 5.4
EPSS 0.01
CVE-2018-2412
LOW
SAP Disclosure Management 10.1 - Authenticated Privilege Escalation
Apr 10, 2018
CVSS 3.8
EPSS 0.01
CVE-2018-2410
MEDIUM
SAP Business One 9.2, 9.3 - Cross-Site Scripting via Browser Access Input
Apr 10, 2018
CVSS 5.4
EPSS 0.01
CVE-2018-2409
MEDIUM
SAP Cloud Platform 2.0 - Info Disclosure
Apr 10, 2018
CVSS 6.3
EPSS 0.01
CVE-2018-2408
HIGH
SAP Business Objects <4.10-4.30 - Privilege Escalation
Apr 10, 2018
CVSS 7.3
EPSS 0.02
CVE-2018-2406
MEDIUM
SAP Crystal Reports Server 4.0-4.30 - Unquoted Search Path Vulnerability
Apr 10, 2018
CVSS 5.3
EPSS 0.00
CVE-2018-2405
MEDIUM
SAP Solution Manager 7.10, 7.20 - Stored Cross-Site Scripting via Incident Management Attachment Upload
Apr 10, 2018
CVSS 5.4
EPSS 0.01
CVE-2018-2404
MEDIUM
SAP Disclosure Management 10.1 - Unrestricted Upload of File with Dangerous Type
Apr 10, 2018
CVSS 4.3
EPSS 0.02
CVE-2018-2403
MEDIUM
SAP Disclosure Mgmt 10.1 - Info Disclosure
Apr 10, 2018
CVSS 5.4
EPSS 0.01
CVE-2018-2402
HIGH
SAP HANA 1.00 and 2.00 - Unauthorized Exposure of User Credentials in Indexserver Trace Files
Mar 14, 2018
CVSS 7.6
EPSS 0.02
CVE-2018-2399
MEDIUM
SAP Process Monitoring Infrastructure 7.10-7.11, 7.20, 7.30-7.31, 7.40, 7.50 - Cross-Site Scripting
Mar 14, 2018
CVSS 6.1
EPSS 0.01
CVE-2018-2398
HIGH
SAP Business Client 6.5 - Info Disclosure
Mar 14, 2018
CVSS 7.5
EPSS 0.01
CVE-2018-2397
MEDIUM
SAP BusinessObjects Business Intelligence Platform 4.00-4.30 - Cross-Site Scripting in Central Management Console
Mar 14, 2018
CVSS 5.4
EPSS 0.01
Products
3d_visual_enterprise_viewer 131
netweaver 102
netweaver_application_server_abap 86
businessobjects_business_intelligence_platform 73
netweaver_application_server_java 69
businessobjects_business_intelligence 45
hana 38
solution_manager 33
business_one 31
internet_graphics_server 28
3d_visual_enterprise_author 27
businessobjects 23
netweaver_abap 21
netweaver_process_integration 21
netweaver_enterprise_portal 20
business_objects_business_intelligence_platform 18
commerce_cloud 18
hana_extended_application_services 18
sap_basis 18
s\/4hana 17
disclosure_management 16
host_agent 15
adaptive_server_enterprise 14
enable_now 14
s4core 13
abap_platform 12
customer_relationship_management_webclient_ui 12
netweaver_as_abap 12
sap_db 12
sap_kernel 11
Quick Filters