sap

1,577 tracked vulnerabilities.

CVE-2012-1290
SAP NetWeaver 7.0 - Cross-Site Scripting via _loadPage Parameter in b2b/auction/container.jsp
Feb 23, 2012
EPSS 0.01
CVE-2012-1289
SAP NetWeaver 7.0 - Authenticated Path Traversal via Logfilename Parameter
Feb 23, 2012
EPSS 0.02
CVE-2011-1517 CRITICAL
SAP NetWeaver 7.0 - Remote Code Execution and Denial of Service via DiagTraceHex() Function
Feb 05, 2020
CVSS 9.8
EPSS 0.04
CVE-2011-5263
SAP NetWeaver < 7.30 - Cross-Site Scripting via RetrieveMailExamples Server Parameter
Feb 12, 2013
EPSS 0.01
CVE-2011-5260
SAP NetWeaver - Cross-Site Scripting via Page Parameter
Feb 12, 2013
EPSS 0.01
CVE-2011-5154
SAP GUI <7.2 - Privilege Escalation
Sep 06, 2012
EPSS 0.00
CVE-2011-4805
SAP Crystal Reports Server 2008 - Cross-Site Scripting via pubDBLogon.jsp Service Parameter
Dec 14, 2011
EPSS 0.01
CVE-2011-4707
SAP NetWeaver - Cross-Site Scripting via VsiTestScan and VsiTestServlet Parameters
Dec 08, 2011
EPSS 0.01
CVE-2010-5326 CRITICAL KEV
SAP NetWeaver Application Server Java <7.3 - RCE
May 13, 2016
CVSS 10.0
EPSS 0.17
CVE-2010-2590
SAP Crystal Reports 2008 SP3 Fix Pack 3.2 - Remote Code Execution via Long ServerResourceVersion Property
Dec 22, 2010
EPSS 0.47
CVE-2010-4556
SAP NetWeaver Business Client - Stack-Based Buffer Overflow via SapThemeRepository ActiveX Control
Dec 17, 2010
EPSS 0.06
CVE-2010-3983
SAP BusinessObjects Enterprise XI 3.2 - Authenticated Privilege Escalation via Program Job Server
Oct 18, 2010
EPSS 0.02
CVE-2010-3982
SAP BusinessObjects Enterprise XI 3.2 - Exposure of Sensitive Information via CrystalReports apstoken Parameter
Oct 18, 2010
EPSS 0.01
CVE-2010-3981
SAP BusinessObjects Enterprise XI 3.2 - Cross-Site Scripting via ServiceClass Field
Oct 18, 2010
EPSS 0.01
CVE-2010-3980
SAP BusinessObjects Enterprise XI 3.2 - Authenticated Denial of Service via Large numCuids in GenerateCuids SOAPAction
Oct 18, 2010
EPSS 0.01
CVE-2010-3979
SAP BusinessObjects Enterprise XI 3.2 - Unauthenticated Username Enumeration via Login SOAPAction Error Messages
Oct 18, 2010
EPSS 0.01
CVE-2010-0219 NUCLEI
Apache Axis2 - Remote Code Execution via Default Admin Credentials
Oct 18, 2010
EPSS 0.90
CVE-2010-3032
SAP Crystal Reports 2008 - Buffer Overflow
Aug 17, 2010
EPSS 0.06
CVE-2010-2904
SAP System Landscape Directory 6.4-7.02 - Cross-Site Scripting via action or helpstring Parameter
Jul 28, 2010
EPSS 0.01
CVE-2010-2347
SAP J2EE Engine Core 6.40-7.02 and Server Core 7.10-7.30 - Authenticated SMB Relay Attack via Telnet Interface
Jun 21, 2010
EPSS 0.01
CVE-2010-1609
SAP NetWeaver 2004 before SP21 and 2004s before SP13 - Cross-Site Scripting
Apr 29, 2010
EPSS 0.01
CVE-2010-1185
SAP MaxDB <7.6.07 - Buffer Overflow
Mar 29, 2010
EPSS 0.15
CVE-2009-4988
SAP Business One 2005 A - Stack-Based Buffer Overflow via GIOP Request
Aug 25, 2010
EPSS 0.66
CVE-2009-4603
SAP Kernel 6.40, 7.00, 7.01, 7.10, 7.11, 7.20 - Denial of Service via Crafted Request
Jan 12, 2010
EPSS 0.01
CVE-2009-3346
SAP Crystal Reports Server 2008 - RCE
Sep 24, 2009
EPSS 0.04