sap

1,577 tracked vulnerabilities.

CVE-2018-2425 HIGH
SAP Business One <9.3 - Info Disclosure
Jun 12, 2018
CVSS 8.4
EPSS 0.00
CVE-2018-2424 CRITICAL
SAP UI5 - Cross-Site Scripting via DOM Injection
Jun 12, 2018
CVSS 9.8
EPSS 0.02
CVE-2018-11415 MEDIUM
SAP Internet Transaction Server 6200.X.X - Reflected Cross-Site Scripting via wgate URIs
May 24, 2018
CVSS 6.1
EPSS 0.08
CVE-2018-2423 MEDIUM
SAP Internet Graphics Server 7.20 7.20EXT 7.45 7.49 7.53 - Denial of Service
May 09, 2018
CVSS 5.3
EPSS 0.03
CVE-2018-2422 MEDIUM
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Denial of Service
May 09, 2018
CVSS 5.3
EPSS 0.02
CVE-2018-2421 MEDIUM
SAP Internet Graphics Server 7.20 7.20EXT 7.45 7.49 7.53 - Denial of Service via Portwatcher
May 09, 2018
CVSS 5.3
EPSS 0.03
CVE-2018-2420 MEDIUM
SAP Internet Graphics Server 7.20 7.20EXT 7.45 7.49 7.53 - Unrestricted Upload of File with Dangerous Type
May 09, 2018
CVSS 6.5
EPSS 0.02
CVE-2018-2419 LOW
SAP Enterprise Financial Services - Missing Authorization
May 09, 2018
CVSS 3.7
EPSS 0.01
CVE-2018-2418 MEDIUM
SAP MaxDB ODBC Driver < 7.9.09.07 - Code Injection
May 09, 2018
CVSS 5.5
EPSS 0.02
CVE-2018-2417 MEDIUM
SAP Identity Management 8.0 - Info Disclosure
May 09, 2018
CVSS 5.3
EPSS 0.01
CVE-2018-2416 MEDIUM
SAP Identity Management 7.2 and 8.0 - XML External Entity Injection
May 09, 2018
CVSS 5.4
EPSS 0.01
CVE-2018-2415 MEDIUM
SAP NetWeaver Application Server Java Web Container - Content Spoofing
May 09, 2018
CVSS 4.7
EPSS 0.01
CVE-2018-2413 MEDIUM
SAP Disclosure Management 10.1 - Authenticated Missing Authorization
Apr 10, 2018
CVSS 5.4
EPSS 0.01
CVE-2018-2412 LOW
SAP Disclosure Management 10.1 - Authenticated Privilege Escalation
Apr 10, 2018
CVSS 3.8
EPSS 0.01
CVE-2018-2410 MEDIUM
SAP Business One 9.2, 9.3 - Cross-Site Scripting via Browser Access Input
Apr 10, 2018
CVSS 5.4
EPSS 0.01
CVE-2018-2409 MEDIUM
SAP Cloud Platform 2.0 - Info Disclosure
Apr 10, 2018
CVSS 6.3
EPSS 0.01
CVE-2018-2408 HIGH
SAP Business Objects <4.10-4.30 - Privilege Escalation
Apr 10, 2018
CVSS 7.3
EPSS 0.02
CVE-2018-2406 MEDIUM
SAP Crystal Reports Server 4.0-4.30 - Unquoted Search Path Vulnerability
Apr 10, 2018
CVSS 5.3
EPSS 0.00
CVE-2018-2405 MEDIUM
SAP Solution Manager 7.10, 7.20 - Stored Cross-Site Scripting via Incident Management Attachment Upload
Apr 10, 2018
CVSS 5.4
EPSS 0.01
CVE-2018-2404 MEDIUM
SAP Disclosure Management 10.1 - Unrestricted Upload of File with Dangerous Type
Apr 10, 2018
CVSS 4.3
EPSS 0.02
CVE-2018-2403 MEDIUM
SAP Disclosure Mgmt 10.1 - Info Disclosure
Apr 10, 2018
CVSS 5.4
EPSS 0.01
CVE-2018-2402 HIGH
SAP HANA 1.00 and 2.00 - Unauthorized Exposure of User Credentials in Indexserver Trace Files
Mar 14, 2018
CVSS 7.6
EPSS 0.02
CVE-2018-2399 MEDIUM
SAP Process Monitoring Infrastructure 7.10-7.11, 7.20, 7.30-7.31, 7.40, 7.50 - Cross-Site Scripting
Mar 14, 2018
CVSS 6.1
EPSS 0.01
CVE-2018-2398 HIGH
SAP Business Client 6.5 - Info Disclosure
Mar 14, 2018
CVSS 7.5
EPSS 0.01
CVE-2018-2397 MEDIUM
SAP BusinessObjects Business Intelligence Platform 4.00-4.30 - Cross-Site Scripting in Central Management Console
Mar 14, 2018
CVSS 5.4
EPSS 0.01