Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / sap

sap

1,568 tracked vulnerabilities.

CVE-2024-21736 MEDIUM

SAP S/4HANA Finance for Advanced Payment Management - Incorrect Authorization in Function Import

CVE-2024-21735 HIGH

SAP LT Replication Server S4CORE 103-108 - Incorrect Authorization

CVE-2024-21734 LOW

SAP Marketing 160 - URL Redirection to Untrusted Site via Contacts App

CVE-2023-50424 CRITICAL

SAP BTP Security Services Integration Library < 0.17.0 - Privilege Escalation

CVE-2023-6542 HIGH

SAP Emarsys SDK for Android - Unauthenticated Arbitrary URL Navigation via Activity Invocation

CVE-2023-50423 CRITICAL

SAP XSSEC < 4.1.0 - Unauthenticated Privilege Escalation

CVE-2023-50422 CRITICAL

SAP BTP Security Services Integration Library <2.17.0 and 3.0.0-<3.3.0 - Privilege Escalation

CVE-2023-49587 MEDIUM

SAP Solution Manager 720 - Authenticated Remote Code Execution via Deprecated Function Modules

CVE-2023-49584 MEDIUM

SAP Fiori launchpad - HTTP Request Smuggling via POST on Read-Only Service

CVE-2023-49583 CRITICAL

SAP @sap/xssec < 3.6.0 - Unauthenticated Privilege Escalation

CVE-2023-49581 MEDIUM

SAP NetWeaver Application Server ABAP - Unauthenticated SQL Injection and Data Manipulation

CVE-2023-49580 HIGH

SAP GUI for Windows and SAP GUI for Java - Unauthenticated Information Disclosure and Layout Configuration Manipulation

CVE-2023-49578 LOW

SAP Cloud Connector 2.0 - Authenticated Denial of Service via Malicious Request

CVE-2023-49577 MEDIUM

SAP HCM SMART PAYE S4HCMCIE 100 SAP_HRCIE 600 604 608 - Cross-Site Scripting

CVE-2023-49058 LOW

SAP Master Data Governance File Upload - Path Traversal

CVE-2023-42481 HIGH

SAP Commerce Cloud HY_COM 1905-2205, COM_CLOUD 2211 - Weak Password Recovery

CVE-2023-42479 MEDIUM

SAP Biller Direct - Unauthenticated Cross-Site Scripting via URL Frame Injection

CVE-2023-42478 HIGH

SAP Business Objects Business Intelligence Platform - Stored Cross-Site Scripting via Agnostic Document Upload

CVE-2023-42476 MEDIUM

SAP BusinessObjects Web Intelligence 420 - Authenticated Stored Cross-Site Scripting

CVE-2023-42480 MEDIUM

SAP NetWeaver AS Java 7.50 - Unauthenticated User Enumeration via Login Brute Force

CVE-2023-41366 MEDIUM

SAP NetWeaver Application Server ABAP - Info Disclosure

CVE-2023-31403 CRITICAL

SAP Business One <10.0 - Auth Bypass

CVE-2023-36920 MEDIUM

SAP Enable Now - WPB_MANAGER <1.0-ENABLE_NOW_CONSUMP_DEL 1704 - XSS

CVE-2023-42477 MEDIUM

SAP NetWeaver AS Java 7.50 - Server-Side Request Forgery in GRMG Heartbeat Application

CVE-2023-42475 MEDIUM

SAP S/4HANA - Information Disclosure via Statutory Reporting File Storage

Previous Page 7 of 63 Next

Products

3d_visual_enterprise_viewer 131 netweaver 102 netweaver_application_server_abap 78 businessobjects_business_intelligence_platform 73 netweaver_application_server_java 68 businessobjects_business_intelligence 45 hana 38 solution_manager 33 business_one 31 internet_graphics_server 28 3d_visual_enterprise_author 27 businessobjects 23 netweaver_abap 21 netweaver_process_integration 21 netweaver_enterprise_portal 20 business_objects_business_intelligence_platform 18 commerce_cloud 18 hana_extended_application_services 18 sap_basis 18 s\/4hana 17 disclosure_management 16 host_agent 15 adaptive_server_enterprise 14 enable_now 14 s4core 13 abap_platform 12 customer_relationship_management_webclient_ui 12 netweaver_as_abap 12 sap_db 12 sap_kernel 11

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy