sap

1,577 tracked vulnerabilities.

CVE-2018-2380 MEDIUM KEV
SAP CRM 7.01-7.02, 7.30-7.31, 7.33, 7.54 - Path Traversal
Mar 01, 2018
CVSS 6.6
EPSS 0.29
CVE-2018-2368 CRITICAL
SAP NetWeaver System Landscape Directory LM-CORE 7.10-7.40 - Missing Authentication for Critical Function
Mar 01, 2018
CVSS 9.8
EPSS 0.03
CVE-2018-2367 HIGH
SAP BASIS 7.00-7.02, 7.10-7.11, 7.30, 7.31, 7.40, 7.50-7.52 - Path Traversal in ABAP File Interface
Mar 01, 2018
CVSS 8.8
EPSS 0.02
CVE-2018-2365 MEDIUM
SAP NetWeaver Portal 7.30, 7.31, 7.40, 7.50 - Cross-Site Scripting
Mar 01, 2018
CVSS 6.1
EPSS 0.01
CVE-2018-2396 MEDIUM
SAP Internet Graphics Server 7.20 7.20EXT 7.45 7.49 7.53 - Denial of Service via IGS Interpreter Service
Feb 14, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-2395 HIGH
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Information Disclosure and Arbitrary File Write
Feb 14, 2018
CVSS 8.8
EPSS 0.02
CVE-2018-2394 MEDIUM
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Unauthenticated Denial of Service
Feb 14, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-2393 HIGH
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - XML External Entity Injection
Feb 14, 2018
CVSS 7.5
EPSS 0.18
CVE-2018-2392 HIGH NUCLEI
SAP Internet Graphics Server (IGS) XMLCHART XXE
Feb 14, 2018
CVSS 7.5
EPSS 0.41
CVE-2018-2391 MEDIUM
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Denial of Service via IGS Portwatcher Service
Feb 14, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-2390 MEDIUM
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Denial of Service via IGS Chart Service
Feb 14, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-2389 MEDIUM
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Log File Injection
Feb 14, 2018
CVSS 5.7
EPSS 0.01
CVE-2018-2388 MEDIUM
SAP Internet Graphics Server 7.20 7.20EXT 7.45 7.49 7.53 - Stored Cross-Site Scripting
Feb 14, 2018
CVSS 6.1
EPSS 0.01
CVE-2018-2387 MEDIUM
SAP Internet Graphics Server - Info Disclosure
Feb 14, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-2386 MEDIUM
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Denial of Service via Buffer Overflow
Feb 14, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-2385 MEDIUM
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Denial of Service via Divide By Zero
Feb 14, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-2384 MEDIUM
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Denial of Service via Null Pointer Dereference
Feb 14, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-2383 MEDIUM
SAP Internet Graphics Server 7.20 7.20EXT 7.45 7.49 7.53 - Reflected Cross-Site Scripting
Feb 14, 2018
CVSS 6.1
EPSS 0.01
CVE-2018-2382 MEDIUM
SAP internet Graphics Server <7.53 - Info Disclosure
Feb 14, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-2381 HIGH
SAP ERP Financials SAP_APPL 6.00-6.06,6.16 SAP_FIN 6.17-6.18,7.00,7.20,7.30 S4CORE 1.00-1.02 - Privilege Escalation
Feb 14, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-2379 MEDIUM
SAP HANA Extended Application Services 1.0 - Sensitive Information Exposure via Username Validation
Feb 14, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-2378 MEDIUM
SAP HANA Extended Application Services 1.0 - Info Disclosure
Feb 14, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-2377 MEDIUM
SAP HANA Extended Application Services 1.0 - Info Disclosure
Feb 14, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-2376 HIGH
SAP HANA Extended Application Services 1.0 - Info Disclosure
Feb 14, 2018
CVSS 8.1
EPSS 0.01
CVE-2018-2375 HIGH
SAP HANA Extended Application Services 1.0 - Info Disclosure
Feb 14, 2018
CVSS 8.1
EPSS 0.01