sap

1,577 tracked vulnerabilities.

CVE-2016-3975 MEDIUM
SAP NetWeaver AS Java 7.1-7.5 - Cross-Site Scripting via NavigationURLTester
Apr 07, 2016
CVSS 6.1
EPSS 0.02
CVE-2016-3974 CRITICAL
SAP NetWeaver Application Server Java 7.10-7.50 - XML External Entity Injection via ServerNodesWSService
Apr 07, 2016
CVSS 9.1
EPSS 0.15
CVE-2016-3973 MEDIUM
SAP NetWeaver Java AS <7.5 - Info Disclosure
Apr 07, 2016
CVSS 5.3
EPSS 0.02
CVE-2016-2536 HIGH
SAP 3D Visual Enterprise Viewer - Remote Code Execution via Crafted SketchUp Document
Feb 22, 2016
CVSS 8.8
EPSS 0.03
CVE-2016-2389 HIGH NUCLEI
SAP NetWeaver xMII 15.0 - Directory Traversal via GetFileList Path Parameter
Feb 16, 2016
CVSS 7.5
EPSS 0.41
CVE-2016-2388 MEDIUM KEV
SAP NetWeaver AS JAVA 7.10-7.50 - Exposure of Sensitive Information via Universal Worklist Configuration
Feb 16, 2016
CVSS 5.3
EPSS 0.52
CVE-2016-2387 MEDIUM
SAP NetWeaver 7.4 - Cross-Site Scripting via ProxyServer Servlet Parameters
Feb 16, 2016
CVSS 6.1
EPSS 0.02
CVE-2016-2386 CRITICAL KEV
SAP NetWeaver Application Server Java 7.40 - SQL Injection
Feb 16, 2016
CVSS 9.8
EPSS 0.71
CVE-2016-1929 CRITICAL
SAP HANA - Denial of Service via Log Spoofing in XS Engine
Jan 20, 2016
CVSS 9.3
EPSS 0.02
CVE-2016-1928 CRITICAL
SAP HANA - Buffer Overflow in XS Engine via JSON HTTP Request
Jan 20, 2016
CVSS 9.8
EPSS 0.06
CVE-2016-1911 MEDIUM
SAP NetWeaver 7.4 - Cross-Site Scripting via Runtime Workbench and Pmitest Servlet
Jan 15, 2016
CVSS 6.1
EPSS 0.01
CVE-2016-1910 MEDIUM
SAP NetWeaver 7.4 - Info Disclosure
Jan 15, 2016
CVSS 5.3
EPSS 0.07
CVE-2015-7731 MEDIUM
SAP Mobile Platform 3.0 SP05 - Info Disclosure
Aug 09, 2021
CVSS 5.5
EPSS 0.00
CVE-2015-2074 HIGH
SAP BusinessObjects Edge 4.0 - Unauthenticated Arbitrary File Write via File Repository Server CORBA Listener
Aug 09, 2021
CVSS 7.5
EPSS 0.03
CVE-2015-2073 HIGH
SAP BusinessObjects Edge 4.0 - Unauthenticated Path Traversal via File Repository Server CORBA Listener
Aug 09, 2021
CVSS 7.5
EPSS 0.04
CVE-2015-7968 MEDIUM
SAP NetWeaver AS < - XML External Entity
Mar 09, 2020
CVSS 4.3
EPSS 0.01
CVE-2015-7241 CRITICAL
SAP NetWeaver < 7.0 - XML External Entity Injection
Sep 06, 2017
CVSS 9.8
EPSS 0.12
CVE-2015-8840 HIGH
SAP NetWeaver AS Java - Missing Authorization in XML Data Archiving Service
Apr 08, 2016
CVSS 8.8
EPSS 0.01
CVE-2015-8753 CRITICAL
SAP Afaria 7.0.6001.5 - Authorization Bypass via Insecure Signature
Jan 08, 2016
CVSS 9.1
EPSS 0.02
CVE-2015-8600
SAP Mobile Platform - Authentication Bypass and Privilege Escalation via SysAdminWebTool Servlets
Dec 17, 2015
EPSS 0.01
CVE-2015-8330
SAP Plant Connectivity - Denial of Service via Crafted xMII Requests
Nov 24, 2015
EPSS 0.03
CVE-2015-8329
SAP Manufacturing Integration and Intelligence - Weak Encryption via Base64 and DES
Nov 24, 2015
EPSS 0.01
CVE-2015-7994
SAP HANA DB <1.00.73.00.389160 - RCE
Nov 10, 2015
EPSS 0.03
CVE-2015-7993
SAP HANA DB <1.00.73.00.389160 - RCE
Nov 10, 2015
EPSS 0.04
CVE-2015-7992
SAP HANA DB <1.00.73.00.389160 - DoS
Nov 10, 2015
EPSS 0.02