sap

1,577 tracked vulnerabilities.

CVE-2023-37489 MEDIUM
SAP BusinessObjects BI Platform 403 - Unauthenticated Info Disclosure via VMS
Sep 12, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-40306 MEDIUM
SAP S/4HANA - Open Redirect in Manage Catalog Items and Cross-Catalog Searches
Sep 08, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-39438 HIGH
SAP Contributor License Agreement Assistant < 2.13.1 - Authenticated Missing Authorization
Aug 15, 2023
CVSS 8.1
EPSS 0.00
CVE-2023-39440 MEDIUM
SAP BusinessObjects Business Intelligence 420 - Cleartext Storage of Sensitive Information
Aug 08, 2023
CVSS 4.4
EPSS 0.00
CVE-2023-39439 HIGH
SAP Commerce Cloud - Info Disclosure
Aug 08, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-39437 HIGH
SAP Business One 10.0 - Cross-Site Scripting
Aug 08, 2023
CVSS 7.6
EPSS 0.00
CVE-2023-39436 MEDIUM
SAP Supplier Relationship Management 600-606, 616-617 - Unauthenticated Information Disclosure
Aug 08, 2023
CVSS 5.8
EPSS 0.00
CVE-2023-37492 MEDIUM
SAP NetWeaver Application Server ABAP - Missing Authorization Checks
Aug 08, 2023
CVSS 4.9
EPSS 0.00
CVE-2023-37491 HIGH
SAP Message Server - Incorrect Authorization
Aug 08, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-37490 HIGH
SAP BusinessObjects Business Intelligence 420, 430 - Authenticated Uncontrolled Search Path Element
Aug 08, 2023
CVSS 7.6
EPSS 0.00
CVE-2023-37488 MEDIUM
SAP NetWeaver Process Integration - Cross-Site Scripting
Aug 08, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-37487 MEDIUM
SAP Business One (Service Layer) - version 10.0 - Info Disclosure
Aug 08, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-37486 MEDIUM
SAP Commerce Cloud - Information Disclosure via OCC API Endpoints
Aug 08, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-37484 MEDIUM
SAP PowerDesigner 16.7 - Use of a Broken or Risky Cryptographic Algorithm
Aug 08, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-37483 CRITICAL
SAP PowerDesigner 16.7 - Unauthenticated Arbitrary Database Query Execution via Proxy
Aug 08, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-36926 LOW
SAP Host Agent <7.22 - Info Disclosure
Aug 08, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-36923 HIGH
SAP PowerDesigner <16.7 SP06 PL03 - Code Injection
Aug 08, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-33993 HIGH
SAP Business One 10.0 - SQL Injection
Aug 08, 2023
CVSS 7.1
EPSS 0.00
CVE-2023-36925 HIGH
SAP Solution Manager 7.20 - Unauthenticated Server-Side Request Forgery
Jul 11, 2023
CVSS 7.2
EPSS 0.01
CVE-2023-36924 MEDIUM
SAP ERP Defense Forces and Public Security - Authenticated Privileg...
Jul 11, 2023
CVSS 4.9
EPSS 0.00
CVE-2023-36922 CRITICAL
SAP ECC/S/4HANA - Command Injection
Jul 11, 2023
CVSS 9.1
EPSS 0.01
CVE-2023-36921 HIGH
SAP Solution Manager (Diagnostics agent) -7.20 - SSRF
Jul 11, 2023
CVSS 7.2
EPSS 0.01
CVE-2023-36919 MEDIUM
SAP Enable Now - Unauthenticated Exposure of Sensitive Information via Missing Referrer-Policy Header
Jul 11, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-36918 MEDIUM
SAP Enable Now - Cross-Site Scripting via MIME Type Sniffing
Jul 11, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-36917 MEDIUM
SAP BusinessObjects Business Intelligence Platform - Password Bypass
Jul 11, 2023
CVSS 5.9
EPSS 0.01