sap

1,568 tracked vulnerabilities.

CVE-2018-2391 MEDIUM
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Denial of Service via IGS Portwatcher Service
Feb 14, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-2390 MEDIUM
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Denial of Service via IGS Chart Service
Feb 14, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-2389 MEDIUM
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Log File Injection
Feb 14, 2018
CVSS 5.7
EPSS 0.00
CVE-2018-2388 MEDIUM
SAP Internet Graphics Server 7.20 7.20EXT 7.45 7.49 7.53 - Stored Cross-Site Scripting
Feb 14, 2018
CVSS 6.1
EPSS 0.00
CVE-2018-2387 MEDIUM
SAP Internet Graphics Server - Info Disclosure
Feb 14, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-2386 MEDIUM
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Denial of Service via Buffer Overflow
Feb 14, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-2385 MEDIUM
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Denial of Service via Divide By Zero
Feb 14, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-2384 MEDIUM
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Denial of Service via Null Pointer Dereference
Feb 14, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-2383 MEDIUM
SAP Internet Graphics Server 7.20 7.20EXT 7.45 7.49 7.53 - Reflected Cross-Site Scripting
Feb 14, 2018
CVSS 6.1
EPSS 0.00
CVE-2018-2382 MEDIUM
SAP internet Graphics Server <7.53 - Info Disclosure
Feb 14, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-2381 HIGH
SAP ERP Financials SAP_APPL 6.00-6.06,6.16 SAP_FIN 6.17-6.18,7.00,7.20,7.30 S4CORE 1.00-1.02 - Privilege Escalation
Feb 14, 2018
CVSS 8.8
EPSS 0.00
CVE-2018-2379 MEDIUM
SAP HANA Extended Application Services 1.0 - Sensitive Information Exposure via Username Validation
Feb 14, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-2378 MEDIUM
SAP HANA Extended Application Services 1.0 - Info Disclosure
Feb 14, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-2377 MEDIUM
SAP HANA Extended Application Services 1.0 - Info Disclosure
Feb 14, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-2376 HIGH
SAP HANA Extended Application Services 1.0 - Info Disclosure
Feb 14, 2018
CVSS 8.1
EPSS 0.00
CVE-2018-2375 HIGH
SAP HANA Extended Application Services 1.0 - Info Disclosure
Feb 14, 2018
CVSS 8.1
EPSS 0.00
CVE-2018-2374 MEDIUM
SAP HANA Extended Application Services 1.0 - Info Disclosure
Feb 14, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-2373 HIGH
SAP HANA Extended Application Services 1.0 - Unauthenticated SQL Injection via Controller API Endpoint
Feb 14, 2018
CVSS 7.5
EPSS 0.01
CVE-2018-2372 MEDIUM
SAP HANA Extended Application Services 1.0 - Sensitive Information Disclosure in Log File
Feb 14, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-2371 MEDIUM
SAP NetWeaver AS Java Web Application 7.50 - Cross-Site Scripting in SAML 2.0 Service Provider
Feb 14, 2018
CVSS 6.1
EPSS 0.00
CVE-2018-2370 MEDIUM
SAP BI Launchpad 4.10, 4.20, 4.30 - Server-Side Request Forgery
Feb 14, 2018
CVSS 5.3
EPSS 0.00
CVE-2018-2369 MEDIUM
SAP HANA 1.00, 2.00 - Unauthenticated Information Disclosure via SQL Interface
Feb 14, 2018
CVSS 5.3
EPSS 0.01
CVE-2018-2364 MEDIUM
SAP CRM WebClient UI 7.01-8.01 and S4FND 1.02 - Cross-Site Scripting via Hidden Fields
Feb 14, 2018
CVSS 6.1
EPSS 0.00
CVE-2018-2363 HIGH
SAP NetWeaver 7.00-7.02, 7.10-7.11, 7.30-7.31, 7.40, 7.50-7.52 - Unauthenticated Remote Code Execution
Jan 09, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-2362 MEDIUM
SAP HANA 1.00 and 2.00 - Unauthenticated Information Disclosure via SOAP Request
Jan 09, 2018
CVSS 5.3
EPSS 0.00
Products
3d_visual_enterprise_viewer 131 netweaver 102 netweaver_application_server_abap 78 businessobjects_business_intelligence_platform 73 netweaver_application_server_java 68 businessobjects_business_intelligence 45 hana 38 solution_manager 33 business_one 31 internet_graphics_server 28 3d_visual_enterprise_author 27 businessobjects 23 netweaver_abap 21 netweaver_process_integration 21 netweaver_enterprise_portal 20 business_objects_business_intelligence_platform 18 commerce_cloud 18 hana_extended_application_services 18 sap_basis 18 s\/4hana 17 disclosure_management 16 host_agent 15 adaptive_server_enterprise 14 enable_now 14 s4core 13 abap_platform 12 customer_relationship_management_webclient_ui 12 netweaver_as_abap 12 sap_db 12 sap_kernel 11
Quick Filters
Critical CVEs With Exploits In CISA KEV