sap

1,577 tracked vulnerabilities.

CVE-2016-4551 HIGH
SAP NetWeaver 7.00 SP Level 0031 - IP Address Spoofing in Security Audit Log
Oct 05, 2016
CVSS 7.5
EPSS 0.01
CVE-2016-6146 MEDIUM
SAP TREX 7.10- Revision 63 - Info Disclosure
Sep 27, 2016
CVSS 5.3
EPSS 0.02
CVE-2016-6137 CRITICAL
SAP TREX 7.10 Revision 63 - Remote Command Execution
Sep 27, 2016
CVSS 9.8
EPSS 0.05
CVE-2016-6142 HIGH
SAP HANA DB <1.00.73.00.389160 - Code Injection
Sep 26, 2016
CVSS 7.5
EPSS 0.03
CVE-2016-3639 MEDIUM
SAP HANA DB <1.00.091.00.1418659308 - Info Disclosure
Sep 26, 2016
CVSS 4.3
EPSS 0.02
CVE-2016-5847 MEDIUM
SAP SAPCAR Archive Tool - Arbitrary File Permission Change via Hard Link Attack
Aug 13, 2016
CVSS 5.8
EPSS 0.01
CVE-2016-5845 MEDIUM
SAP SAPCAR - Denial of Service via Invalid File Name in Archive
Aug 13, 2016
CVSS 5.5
EPSS 0.03
CVE-2016-6150 CRITICAL
SAP HANA - Improper Access Control via Unencrypted Communications
Aug 05, 2016
CVSS 9.8
EPSS 0.03
CVE-2016-6149 MEDIUM
SAP HANA SPS09 1.00.091.00.14186593 - Info Disclosure
Aug 05, 2016
CVSS 5.5
EPSS 0.01
CVE-2016-6148 HIGH
SAP HANA DB <1.00.73.00.389160 - DoS/RCE
Aug 05, 2016
CVSS 7.5
EPSS 0.04
CVE-2016-6147 CRITICAL
SAP TREX 7.10 Revision 63 - Remote Command Execution
Aug 05, 2016
CVSS 9.8
EPSS 0.05
CVE-2016-6145 MEDIUM
SAP HANA DB <1.00.091.00.1418659308 - SQL Injection
Aug 05, 2016
CVSS 5.3
EPSS 0.02
CVE-2016-6144 HIGH
SAP HANA <Revision 102 - SQL Injection
Aug 05, 2016
CVSS 8.1
EPSS 0.04
CVE-2016-6140 CRITICAL
SAP TREX 7.10 Revision 63 - Arbitrary File Write via RFC-Gateway
Aug 05, 2016
CVSS 9.8
EPSS 0.06
CVE-2016-6139 CRITICAL
SAP TREX 7.10- Revision 63 - Info Disclosure
Aug 05, 2016
CVSS 9.8
EPSS 0.04
CVE-2016-6138 CRITICAL
SAP TREX 7.10 Revision 63 - Path Traversal
Aug 05, 2016
CVSS 9.8
EPSS 0.06
CVE-2016-3640 MEDIUM
SAP HANA DB <1.00.091.00.1418659308 - Info Disclosure
Aug 05, 2016
CVSS 5.5
EPSS 0.00
CVE-2016-4018 HIGH
SAP HANA - Improper Access Control in Data Provisioning Agent
Apr 14, 2016
CVSS 7.3
EPSS 0.01
CVE-2016-4017 HIGH
SAP HANA - Denial of Service via Data Provisioning Agent
Apr 14, 2016
CVSS 7.5
EPSS 0.01
CVE-2016-4016 MEDIUM
SAP Manufacturing Integration and Intelligence 15 - Cross-Site Scripting via Title Parameter
Apr 14, 2016
CVSS 6.1
EPSS 0.01
CVE-2016-4015 HIGH
SAP NetWeaver JAVA AS 7.1-7.4 - Denial of Service via Crafted Request
Apr 14, 2016
CVSS 7.5
EPSS 0.03
CVE-2016-4014 HIGH
SAP NetWeaver JAVA AS 7.4 - XML External Entity Injection in UDDI Component
Apr 14, 2016
CVSS 8.6
EPSS 0.05
CVE-2016-3980 HIGH
SAP Application Server Java 7.2-7.4 - Denial of Service via Crafted HTTP Request
Apr 08, 2016
CVSS 7.5
EPSS 0.07
CVE-2016-3979 HIGH
SAP Java AS 7.2-7.4 - Denial of Service via IctParseCookies HTTP Request
Apr 08, 2016
CVSS 7.5
EPSS 0.06
CVE-2016-3976 HIGH KEV
SAP NetWeaver AS Java <7.6 - Path Traversal
Apr 07, 2016
CVSS 7.5
EPSS 0.47