sap
1,577 tracked vulnerabilities.
CVE-2012-1290
SAP NetWeaver 7.0 - Cross-Site Scripting via _loadPage Parameter in b2b/auction/container.jsp
Feb 23, 2012
EPSS 0.01
CVE-2012-1289
SAP NetWeaver 7.0 - Authenticated Path Traversal via Logfilename Parameter
Feb 23, 2012
EPSS 0.02
CVE-2011-1517
CRITICAL
SAP NetWeaver 7.0 - Remote Code Execution and Denial of Service via DiagTraceHex() Function
Feb 05, 2020
CVSS 9.8
EPSS 0.04
CVE-2011-5263
SAP NetWeaver < 7.30 - Cross-Site Scripting via RetrieveMailExamples Server Parameter
Feb 12, 2013
EPSS 0.01
CVE-2011-5260
SAP NetWeaver - Cross-Site Scripting via Page Parameter
Feb 12, 2013
EPSS 0.01
CVE-2011-5154
SAP GUI <7.2 - Privilege Escalation
Sep 06, 2012
EPSS 0.00
CVE-2011-4805
SAP Crystal Reports Server 2008 - Cross-Site Scripting via pubDBLogon.jsp Service Parameter
Dec 14, 2011
EPSS 0.01
CVE-2011-4707
SAP NetWeaver - Cross-Site Scripting via VsiTestScan and VsiTestServlet Parameters
Dec 08, 2011
EPSS 0.01
CVE-2010-5326
CRITICAL
KEV
SAP NetWeaver Application Server Java <7.3 - RCE
May 13, 2016
CVSS 10.0
EPSS 0.17
CVE-2010-2590
SAP Crystal Reports 2008 SP3 Fix Pack 3.2 - Remote Code Execution via Long ServerResourceVersion Property
Dec 22, 2010
EPSS 0.47
CVE-2010-4556
SAP NetWeaver Business Client - Stack-Based Buffer Overflow via SapThemeRepository ActiveX Control
Dec 17, 2010
EPSS 0.06
CVE-2010-3983
SAP BusinessObjects Enterprise XI 3.2 - Authenticated Privilege Escalation via Program Job Server
Oct 18, 2010
EPSS 0.02
CVE-2010-3982
SAP BusinessObjects Enterprise XI 3.2 - Exposure of Sensitive Information via CrystalReports apstoken Parameter
Oct 18, 2010
EPSS 0.01
CVE-2010-3981
SAP BusinessObjects Enterprise XI 3.2 - Cross-Site Scripting via ServiceClass Field
Oct 18, 2010
EPSS 0.01
CVE-2010-3980
SAP BusinessObjects Enterprise XI 3.2 - Authenticated Denial of Service via Large numCuids in GenerateCuids SOAPAction
Oct 18, 2010
EPSS 0.01
CVE-2010-3979
SAP BusinessObjects Enterprise XI 3.2 - Unauthenticated Username Enumeration via Login SOAPAction Error Messages
Oct 18, 2010
EPSS 0.01
CVE-2010-0219
NUCLEI
Apache Axis2 - Remote Code Execution via Default Admin Credentials
Oct 18, 2010
EPSS 0.90
CVE-2010-3032
SAP Crystal Reports 2008 - Buffer Overflow
Aug 17, 2010
EPSS 0.06
CVE-2010-2904
SAP System Landscape Directory 6.4-7.02 - Cross-Site Scripting via action or helpstring Parameter
Jul 28, 2010
EPSS 0.01
CVE-2010-2347
SAP J2EE Engine Core 6.40-7.02 and Server Core 7.10-7.30 - Authenticated SMB Relay Attack via Telnet Interface
Jun 21, 2010
EPSS 0.01
CVE-2010-1609
SAP NetWeaver 2004 before SP21 and 2004s before SP13 - Cross-Site Scripting
Apr 29, 2010
EPSS 0.01
CVE-2010-1185
SAP MaxDB <7.6.07 - Buffer Overflow
Mar 29, 2010
EPSS 0.15
CVE-2009-4988
SAP Business One 2005 A - Stack-Based Buffer Overflow via GIOP Request
Aug 25, 2010
EPSS 0.66
CVE-2009-4603
SAP Kernel 6.40, 7.00, 7.01, 7.10, 7.11, 7.20 - Denial of Service via Crafted Request
Jan 12, 2010
EPSS 0.01
CVE-2009-3346
SAP Crystal Reports Server 2008 - RCE
Sep 24, 2009
EPSS 0.04
Products
3d_visual_enterprise_viewer 131
netweaver 102
netweaver_application_server_abap 86
businessobjects_business_intelligence_platform 73
netweaver_application_server_java 69
businessobjects_business_intelligence 45
hana 38
solution_manager 33
business_one 31
internet_graphics_server 28
3d_visual_enterprise_author 27
businessobjects 23
netweaver_abap 21
netweaver_process_integration 21
netweaver_enterprise_portal 20
business_objects_business_intelligence_platform 18
commerce_cloud 18
hana_extended_application_services 18
sap_basis 18
s\/4hana 17
disclosure_management 16
host_agent 15
adaptive_server_enterprise 14
enable_now 14
s4core 13
abap_platform 12
customer_relationship_management_webclient_ui 12
netweaver_as_abap 12
sap_db 12
sap_kernel 11
Quick Filters