sap

1,577 tracked vulnerabilities.

CVE-2015-4157
SAP Content Server - Denial of Service
Jun 02, 2015
EPSS 0.01
CVE-2015-2282
SAP GUI - Stack-based Buffer Overflow in LZC Decompression
Jun 02, 2015
EPSS 0.04
CVE-2015-2278
SAP GUI - Denial of Service via LZH Decompression Out-of-Bounds Read
Jun 02, 2015
EPSS 0.02
CVE-2015-3995
SAP HANA DB 1.00.73.00.389160 - Authenticated Arbitrary File Read via IMPORT FROM SQL Statement
May 29, 2015
EPSS 0.01
CVE-2015-3994
SAP HANA - Authenticated Log Spoofing via grant.xsfunc Application
May 29, 2015
EPSS 0.01
CVE-2015-4092
SAP Afaria 7.00.6620.2 SP5 - Buffer Overflow in XComms Process
May 26, 2015
EPSS 0.03
CVE-2015-4091
SAP NetWeaver AS Java 7.4 - XML External Entity Injection via CIM UPLOAD
May 26, 2015
EPSS 0.03
CVE-2015-3981
SAP NetWeaver RFC SDK - Exposure of Sensitive Information
May 12, 2015
EPSS 0.02
CVE-2015-3980
SAP Customer Relationship Management - SQL Injection in Business Rules Framework
May 12, 2015
EPSS 0.01
CVE-2015-3979
SAP Customer Relationship Management - Remote Code Execution in Business Rules Framework
May 12, 2015
EPSS 0.02
CVE-2015-3978
SAP Sybase Unwired Platform - Info Disclosure
May 12, 2015
EPSS 0.00
CVE-2015-2820
SAP Afaria 7.0.6001.5 - Denial of Service via XcListener Buffer Overflow
Apr 01, 2015
EPSS 0.04
CVE-2015-2819
SAP Sybase SQL Anywhere 11 and 16 - Denial of Service via Crafted Request
Apr 01, 2015
EPSS 0.02
CVE-2015-2818
SAP Mobile Platform 3 - XML External Entity Injection
Apr 01, 2015
EPSS 0.01
CVE-2015-2817
SAP NetWeaver 7.40 - Exposure of Sensitive Information via ReadProfile Parameters
Apr 01, 2015
EPSS 0.02
CVE-2015-2816
SAP Afaria 7.0.6001.5 - Improper Access Control in XcListener
Apr 01, 2015
EPSS 0.03
CVE-2015-2815
SAP NetWeaver KERNEL 7.00 (7000.52.12.34966) and 7.40 (7400.12.21.30308) - Authenticated Buffer Overflow in C_SAPGPARAM
Apr 01, 2015
EPSS 0.04
CVE-2015-2814
SAP Clinical Task Tracker and EMR Unwired - Unauthenticated Backend URL Manipulation
Apr 01, 2015
EPSS 0.01
CVE-2015-2813
SAP Mobile Platform - XML External Entity Injection via Crafted XML
Apr 01, 2015
EPSS 0.02
CVE-2015-2812
SAP NetWeaver Enterprise Portal 7.31.201109172004 - XML External Entity Injection in XMLValidationComponent
Apr 01, 2015
EPSS 0.02
CVE-2015-2811
SAP NetWeaver Portal 7.31.201109172004 - XML External Entity Injection in ReportXmlViewer
Apr 01, 2015
EPSS 0.02
CVE-2015-2076
SAP BusinessObjects Edge 4.0 - Unauthenticated Exposure of Sensitive Audit Information
Feb 27, 2015
EPSS 0.02
CVE-2015-2075
SAP BusinessObjects Edge 4.0 - Unauthenticated Audit Event Deletion via CORBA clearData Operation
Feb 27, 2015
EPSS 0.03
CVE-2015-2072
SAP HANA - Cross-Site Scripting via Trace Detail Service
Feb 27, 2015
EPSS 0.02
CVE-2015-1312
SAP ERP Dealer Portal - Unauthenticated Information Disclosure and Privilege Escalation
Jan 22, 2015
EPSS 0.01