sap

1,577 tracked vulnerabilities.

CVE-2014-8588
SAP HANA - SQL Injection in metadata.xsjs
Nov 04, 2014
EPSS 0.01
CVE-2014-8587
SAP CommonCryptoLib < 8.4.30 and SAPCryptoLib < 5.555.38 - Digital Signature Spoofing
Nov 04, 2014
EPSS 0.01
CVE-2014-8316
SAP BusinessObjects Explorer 14.0.5 - XML External Entity Injection via polestar_xml.jsp xmlParameter
Oct 16, 2014
EPSS 0.03
CVE-2014-8315
SAP BusinessObjects Explorer 14.0.5 - Port Scanning via polestar_xml.jsp cms Parameter
Oct 16, 2014
EPSS 0.02
CVE-2014-8314
SAP HANA Developer Edition Revision 70 - Cross-Site Scripting via DataGen.xsjs or multiply.xsjs
Oct 16, 2014
EPSS 0.02
CVE-2014-8313
SAP HANA - Remote Code Execution via XSJS Eval Injection
Oct 16, 2014
EPSS 0.02
CVE-2014-8312
SAP Netweaver AS ABAP 7.31 - Info Disclosure
Oct 16, 2014
EPSS 0.02
CVE-2014-8311
SAP BusinessObjects Edge 4.0 - Info Disclosure
Oct 16, 2014
EPSS 0.02
CVE-2014-8310
SAP BusinessObjects BI Edge 4.0 - Denial of Service via CORBA Listener
Oct 16, 2014
EPSS 0.03
CVE-2014-8309
SAP BusinessObjects 4.0 and XI R2/R3.1 - Username Enumeration via SecEnterprise Authentication Timing
Oct 16, 2014
EPSS 0.02
CVE-2014-8308
SAP BusinessObjects BI EDGE 4.0 - Stored Cross-Site Scripting via Send to Inbox Functionality
Oct 16, 2014
EPSS 0.02
CVE-2014-6252
SAP NetWeaver <7.20 - Buffer Overflow
Sep 05, 2014
EPSS 0.02
CVE-2014-5506
SAP Crystal Reports - Code Injection
Sep 04, 2014
EPSS 0.03
CVE-2014-5505
SAP Crystal Reports - Stack-based Buffer Overflow via Crafted RPT File Data Source String
Sep 04, 2014
EPSS 0.04
CVE-2014-5176
SAP FI Manager Self-Service - Info Disclosure
Jul 31, 2014
EPSS 0.02
CVE-2014-5175
SAP Solution Manager 7.1 - Authentication Bypass via Verb Tampering
Jul 31, 2014
EPSS 0.02
CVE-2014-5174
SAP NetWeaver Business Warehouse - Information Disclosure via BW-SYS-DB-DB4 Function Group
Jul 31, 2014
EPSS 0.02
CVE-2014-5173
SAP HANA Extended Application Services - Unauthenticated Access Restriction Bypass via Private IU5 SDK Application
Jul 31, 2014
EPSS 0.03
CVE-2014-5172
SAP HANA - Cross-Site Scripting in XS Administration Tools
Jul 31, 2014
EPSS 0.03
CVE-2014-5171
SAP HANA Extended Application Services - Unencrypted Credential Transmission via Form-Based Authentication
Jul 31, 2014
EPSS 0.02
CVE-2014-4161
SAP Supplier Relationship Management - Cross-Site Scripting via la/umTestSSO.jsp url Parameter
Jun 13, 2014
EPSS 0.01
CVE-2014-4160
SAP NetWeaver Business Client - XSS
Jun 13, 2014
EPSS 0.01
CVE-2014-4159
SAP Supplier Relationship Management - Open Redirect via la/umTestSSO.jsp URL Parameter
Jun 13, 2014
EPSS 0.01
CVE-2014-4012
SAP Open Hub Service - Info Disclosure
Jun 09, 2014
EPSS 0.01
CVE-2014-4011
SAP Capacity Leveling - Info Disclosure
Jun 09, 2014
EPSS 0.01