sap

1,568 tracked vulnerabilities.

CVE-2014-8309
SAP BusinessObjects 4.0 and XI R2/R3.1 - Username Enumeration via SecEnterprise Authentication Timing
Oct 16, 2014
EPSS 0.00
CVE-2014-8308
SAP BusinessObjects BI EDGE 4.0 - Stored Cross-Site Scripting via Send to Inbox Functionality
Oct 16, 2014
EPSS 0.00
CVE-2014-6252
SAP NetWeaver <7.20 - Buffer Overflow
Sep 05, 2014
EPSS 0.02
CVE-2014-5506
SAP Crystal Reports - Code Injection
Sep 04, 2014
EPSS 0.02
CVE-2014-5505
SAP Crystal Reports - Stack-based Buffer Overflow via Crafted RPT File Data Source String
Sep 04, 2014
EPSS 0.07
CVE-2014-5176
SAP FI Manager Self-Service - Info Disclosure
Jul 31, 2014
EPSS 0.02
CVE-2014-5175
SAP Solution Manager 7.1 - Authentication Bypass via Verb Tampering
Jul 31, 2014
EPSS 0.01
CVE-2014-5174
SAP NetWeaver Business Warehouse - Information Disclosure via BW-SYS-DB-DB4 Function Group
Jul 31, 2014
EPSS 0.00
CVE-2014-5173
SAP HANA Extended Application Services - Unauthenticated Access Restriction Bypass via Private IU5 SDK Application
Jul 31, 2014
EPSS 0.00
CVE-2014-5172
SAP HANA - Cross-Site Scripting in XS Administration Tools
Jul 31, 2014
EPSS 0.01
CVE-2014-5171
SAP HANA Extended Application Services - Unencrypted Credential Transmission via Form-Based Authentication
Jul 31, 2014
EPSS 0.00
CVE-2014-4161
SAP Supplier Relationship Management - Cross-Site Scripting via la/umTestSSO.jsp url Parameter
Jun 13, 2014
EPSS 0.00
CVE-2014-4160
SAP NetWeaver Business Client - XSS
Jun 13, 2014
EPSS 0.00
CVE-2014-4159
SAP Supplier Relationship Management - Open Redirect via la/umTestSSO.jsp URL Parameter
Jun 13, 2014
EPSS 0.00
CVE-2014-4012
SAP Open Hub Service - Info Disclosure
Jun 09, 2014
EPSS 0.00
CVE-2014-4011
SAP Capacity Leveling - Info Disclosure
Jun 09, 2014
EPSS 0.00
CVE-2014-4010
SAP Transaction Data Pool - Info Disclosure
Jun 09, 2014
EPSS 0.00
CVE-2014-4009
SAP CCMS Monitoring - Info Disclosure
Jun 09, 2014
EPSS 0.00
CVE-2014-4008
SAP Web Services Tool - Info Disclosure
Jun 09, 2014
EPSS 0.00
CVE-2014-4007
SAP Upgrade tools - Info Disclosure
Jun 09, 2014
EPSS 0.00
CVE-2014-4006
SAP Oil Industry Solution Traders and Schedulers Workbench - Hardcoded Credentials
Jun 09, 2014
EPSS 0.00
CVE-2014-4005
SAP Brazil add-on - Info Disclosure
Jun 09, 2014
EPSS 0.00
CVE-2014-4004
SAP Project System - Info Disclosure
Jun 09, 2014
EPSS 0.00
CVE-2014-4003
SAP NetWeaver - Information Tampering via System Landscape Directory
Jun 09, 2014
EPSS 0.01
CVE-2014-3787
SAP NetWeaver < 7.20 - Unauthenticated Exposure of Sensitive Information via SAP CUA Tables
May 19, 2014
EPSS 0.00
Products
3d_visual_enterprise_viewer 131 netweaver 102 netweaver_application_server_abap 78 businessobjects_business_intelligence_platform 73 netweaver_application_server_java 68 businessobjects_business_intelligence 45 hana 38 solution_manager 33 business_one 31 internet_graphics_server 28 3d_visual_enterprise_author 27 businessobjects 23 netweaver_abap 21 netweaver_process_integration 21 netweaver_enterprise_portal 20 business_objects_business_intelligence_platform 18 commerce_cloud 18 hana_extended_application_services 18 sap_basis 18 s\/4hana 17 disclosure_management 16 host_agent 15 adaptive_server_enterprise 14 enable_now 14 s4core 13 abap_platform 12 customer_relationship_management_webclient_ui 12 netweaver_as_abap 12 sap_db 12 sap_kernel 11
Quick Filters
Critical CVEs With Exploits In CISA KEV