sap
1,577 tracked vulnerabilities.
CVE-2016-4551
HIGH
SAP NetWeaver 7.00 SP Level 0031 - IP Address Spoofing in Security Audit Log
Oct 05, 2016
CVSS 7.5
EPSS 0.01
CVE-2016-6146
MEDIUM
SAP TREX 7.10- Revision 63 - Info Disclosure
Sep 27, 2016
CVSS 5.3
EPSS 0.02
CVE-2016-6137
CRITICAL
SAP TREX 7.10 Revision 63 - Remote Command Execution
Sep 27, 2016
CVSS 9.8
EPSS 0.05
CVE-2016-6142
HIGH
SAP HANA DB <1.00.73.00.389160 - Code Injection
Sep 26, 2016
CVSS 7.5
EPSS 0.03
CVE-2016-3639
MEDIUM
SAP HANA DB <1.00.091.00.1418659308 - Info Disclosure
Sep 26, 2016
CVSS 4.3
EPSS 0.02
CVE-2016-5847
MEDIUM
SAP SAPCAR Archive Tool - Arbitrary File Permission Change via Hard Link Attack
Aug 13, 2016
CVSS 5.8
EPSS 0.01
CVE-2016-5845
MEDIUM
SAP SAPCAR - Denial of Service via Invalid File Name in Archive
Aug 13, 2016
CVSS 5.5
EPSS 0.03
CVE-2016-6150
CRITICAL
SAP HANA - Improper Access Control via Unencrypted Communications
Aug 05, 2016
CVSS 9.8
EPSS 0.03
CVE-2016-6149
MEDIUM
SAP HANA SPS09 1.00.091.00.14186593 - Info Disclosure
Aug 05, 2016
CVSS 5.5
EPSS 0.01
CVE-2016-6148
HIGH
SAP HANA DB <1.00.73.00.389160 - DoS/RCE
Aug 05, 2016
CVSS 7.5
EPSS 0.04
CVE-2016-6147
CRITICAL
SAP TREX 7.10 Revision 63 - Remote Command Execution
Aug 05, 2016
CVSS 9.8
EPSS 0.05
CVE-2016-6145
MEDIUM
SAP HANA DB <1.00.091.00.1418659308 - SQL Injection
Aug 05, 2016
CVSS 5.3
EPSS 0.02
CVE-2016-6144
HIGH
SAP HANA <Revision 102 - SQL Injection
Aug 05, 2016
CVSS 8.1
EPSS 0.04
CVE-2016-6140
CRITICAL
SAP TREX 7.10 Revision 63 - Arbitrary File Write via RFC-Gateway
Aug 05, 2016
CVSS 9.8
EPSS 0.06
CVE-2016-6139
CRITICAL
SAP TREX 7.10- Revision 63 - Info Disclosure
Aug 05, 2016
CVSS 9.8
EPSS 0.04
CVE-2016-6138
CRITICAL
SAP TREX 7.10 Revision 63 - Path Traversal
Aug 05, 2016
CVSS 9.8
EPSS 0.06
CVE-2016-3640
MEDIUM
SAP HANA DB <1.00.091.00.1418659308 - Info Disclosure
Aug 05, 2016
CVSS 5.5
EPSS 0.00
CVE-2016-4018
HIGH
SAP HANA - Improper Access Control in Data Provisioning Agent
Apr 14, 2016
CVSS 7.3
EPSS 0.01
CVE-2016-4017
HIGH
SAP HANA - Denial of Service via Data Provisioning Agent
Apr 14, 2016
CVSS 7.5
EPSS 0.01
CVE-2016-4016
MEDIUM
SAP Manufacturing Integration and Intelligence 15 - Cross-Site Scripting via Title Parameter
Apr 14, 2016
CVSS 6.1
EPSS 0.01
CVE-2016-4015
HIGH
SAP NetWeaver JAVA AS 7.1-7.4 - Denial of Service via Crafted Request
Apr 14, 2016
CVSS 7.5
EPSS 0.03
CVE-2016-4014
HIGH
SAP NetWeaver JAVA AS 7.4 - XML External Entity Injection in UDDI Component
Apr 14, 2016
CVSS 8.6
EPSS 0.05
CVE-2016-3980
HIGH
SAP Application Server Java 7.2-7.4 - Denial of Service via Crafted HTTP Request
Apr 08, 2016
CVSS 7.5
EPSS 0.07
CVE-2016-3979
HIGH
SAP Java AS 7.2-7.4 - Denial of Service via IctParseCookies HTTP Request
Apr 08, 2016
CVSS 7.5
EPSS 0.06
CVE-2016-3976
HIGH
KEV
SAP NetWeaver AS Java <7.6 - Path Traversal
Apr 07, 2016
CVSS 7.5
EPSS 0.47
Products
3d_visual_enterprise_viewer 131
netweaver 102
netweaver_application_server_abap 86
businessobjects_business_intelligence_platform 73
netweaver_application_server_java 69
businessobjects_business_intelligence 45
hana 38
solution_manager 33
business_one 31
internet_graphics_server 28
3d_visual_enterprise_author 27
businessobjects 23
netweaver_abap 21
netweaver_process_integration 21
netweaver_enterprise_portal 20
business_objects_business_intelligence_platform 18
commerce_cloud 18
hana_extended_application_services 18
sap_basis 18
s\/4hana 17
disclosure_management 16
host_agent 15
adaptive_server_enterprise 14
enable_now 14
s4core 13
abap_platform 12
customer_relationship_management_webclient_ui 12
netweaver_as_abap 12
sap_db 12
sap_kernel 11
Quick Filters