sap

1,568 tracked vulnerabilities.

CVE-2006-7220
SAP SAPLPD and SAPSPRINT - Denial of Service via Print Job Request
Jul 10, 2007
EPSS 0.01
CVE-2006-6345
SAP Internet Graphics Server < 6.40 Patch 16 - Directory Traversal & File Deletion
Dec 07, 2006
EPSS 0.01
CVE-2006-6346
SAP IGS <7.00.3 - DoS/Info Disclosure
Dec 07, 2006
EPSS 0.02
CVE-2006-6010
SAP Web Application Server - Information Disclosure via RFC_SYSTEM_INFO RfcCallReceive Request
Nov 21, 2006
EPSS 0.20
CVE-2006-6011
SAP Web Application Server - Denial of Service via UDP Packet to Port 64999
Nov 21, 2006
EPSS 0.01
CVE-2006-5784
SAP Web Application Server <7.00 - Info Disclosure
Nov 07, 2006
EPSS 0.07
CVE-2006-5785
SAP Web Application Server 6.40-7.00 - Denial of Service via UDP Port 64999
Nov 07, 2006
EPSS 0.01
CVE-2006-5114
SAP Internet Transaction Server 6.1-6.2 - Cross-Site Scripting via ~urlmime or ~command Parameter
Oct 03, 2006
EPSS 0.16
CVE-2006-4133
SAP Internet Graphics Service 6.40 and 7.00 - Remote Code Execution via ADM:GETLOGFILE Command
Aug 14, 2006
EPSS 0.18
CVE-2006-4134
SAP Internet Graphics Service 6.40 and earlier, 7.00 and earlier - Remote Denial of Service via HTTP Requests
Aug 14, 2006
EPSS 0.02
CVE-2006-2547
SAP sapdba - OS Command Injection via Environment Variable
May 23, 2006
EPSS 0.02
CVE-2006-1039
SAP Web Application Server - HTTP Response Injection via Encoded Headers
Mar 07, 2006
EPSS 0.06
CVE-2006-0731
SAP Business Connector Core Fix <7 - CSRF
Feb 16, 2006
EPSS 0.11
CVE-2006-0732
SAP Business Connector 4.6-4.7 - Directory Traversal via fullName Parameter
Feb 16, 2006
EPSS 0.03
CVE-2005-4815
SAP R/3 - Remote Code Execution via UDP Packet
Dec 31, 2005
EPSS 0.02
CVE-2005-3633
SAP Web Application Server 6.10-7.00 - HTTP Response Splitting via sap-exiturl Parameter
Nov 16, 2005
EPSS 0.01
CVE-2005-3634 NUCLEI
SAP Web Application Server 6.10-7.00 - Unauthenticated Session Termination and Open Redirect
Nov 16, 2005
EPSS 0.02
CVE-2005-3635
SAP Web Application Server 6.10-7.00 - Cross-Site Scripting via sap-syscmd and BspApplication Parameters
Nov 16, 2005
EPSS 0.23
CVE-2005-3636
SAP Web Application Server 6.10 - Cross-Site Scripting via Error Pages
Nov 16, 2005
EPSS 0.23
CVE-2005-1691
SAP R/3 < 6.30 - Directory Traversal via HTTP GET Request
Jul 26, 2005
EPSS 0.00
CVE-2003-1033
SAP DB Development Tools 7.x - Privilege Escalation
Apr 15, 2004
EPSS 0.00
CVE-2003-1035
SAP R/3 46C/D - Unauthenticated Account Lockout Bypass via RFC API
Apr 15, 2004
EPSS 0.00
CVE-2003-1036
SAP Internet Transaction Server < 4.6_pl463 - Remote Code Execution via AGate Component Buffer Overflow
Apr 15, 2004
EPSS 0.03
CVE-2003-1037
SAP Internet Transaction Server WGate - Format String Code Execution
Apr 15, 2004
EPSS 0.02
CVE-2003-1038
SAP Internet Transaction Server < 4.6_pl463 - Information Disclosure via AGate ~command Parameter
Apr 15, 2004
EPSS 0.00
Products
3d_visual_enterprise_viewer 131 netweaver 102 netweaver_application_server_abap 78 businessobjects_business_intelligence_platform 73 netweaver_application_server_java 68 businessobjects_business_intelligence 45 hana 38 solution_manager 33 business_one 31 internet_graphics_server 28 3d_visual_enterprise_author 27 businessobjects 23 netweaver_abap 21 netweaver_process_integration 21 netweaver_enterprise_portal 20 business_objects_business_intelligence_platform 18 commerce_cloud 18 hana_extended_application_services 18 sap_basis 18 s\/4hana 17 disclosure_management 16 host_agent 15 adaptive_server_enterprise 14 enable_now 14 s4core 13 abap_platform 12 customer_relationship_management_webclient_ui 12 netweaver_as_abap 12 sap_db 12 sap_kernel 11
Quick Filters
Critical CVEs With Exploits In CISA KEV