VYPR

Vendor CVEs

SAP

All CVEs

1,818 total · sorted by risk
  • CVE-2025-42958CriSep 9, 2025
    risk 0.59cvss 9.1epss 0.01

    Due to a missing authentication check in the SAP NetWeaver application on IBM i-series, the application allows high privileged unauthorized users to read, modify, or delete sensitive information, as well as access administrative or privileged functionalities. This results in a…

  • CVE-2025-42980CriJul 8, 2025
    risk 0.59cvss 9.1epss 0.01

    SAP NetWeaver Enterprise Portal Federated Portal Network is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system.

  • CVE-2025-42966CriJul 8, 2025
    risk 0.59cvss 9.1epss 0.01

    SAP NetWeaver XML Data Archiving Service allows an authenticated attacker with administrative privileges to exploit an insecure Java deserialization vulnerability by sending a specially crafted serialized Java object. This could lead to high impact on confidentiality, integrity,…

  • CVE-2025-42964CriJul 8, 2025
    risk 0.59cvss 9.1epss 0.01

    SAP NetWeaver Enterprise Portal Administration is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system.

  • CVE-2025-42963CriJul 8, 2025
    risk 0.59cvss 9.1epss 0.01

    A critical vulnerability in SAP NetWeaver Application server for Java Log Viewer enables authenticated administrator users to exploit unsafe Java object deserialization. Successful exploitation can lead to full operating system compromise, granting attackers complete control…

  • CVE-2018-2437CriJul 10, 2018
    risk 0.59cvss 9.1epss 0.03

    The SAP Internet Graphics Service (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to externally trigger IGS command executions which can lead to: disclosure of information and malicious file insertion or modification.

  • CVE-2016-7435CriOct 5, 2016
    risk 0.59cvss 9.1epss 0.03

    The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and (3) SCTC_TMS_MAINTAIN_ALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with certain permissions to execute arbitrary commands via vectors involving a CALL…

  • CVE-2015-8753CriJan 8, 2016
    risk 0.59cvss 9.1epss 0.02

    SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization checks and wipe or lock mobile devices via a crafted request, related to "Insecure signature," aka SAP Security Note 2134905.

  • CVE-2026-23687HigFeb 10, 2026
    risk 0.57cvss 8.8epss 0.00

    SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information, unauthorized…

  • CVE-2025-42933HigSep 9, 2025
    risk 0.57cvss 8.8epss 0.00

    When a user logs in via SAP Business One native client, the SLD backend service fails to enforce proper encryption of certain APIs. This leads to exposure of sensitive credentials within http response body. As a result, it has a high impact on the confidentiality, integrity, and…

  • CVE-2025-42951HigAug 12, 2025
    risk 0.57cvss 8.8epss 0.00

    Due to broken authorization, SAP Business One (SLD) allows an authenticated attacker to gain administrator privileges of a database by invoking the corresponding API.�As a result , it has a high impact on the confidentiality, integrity, and availability of the application.

  • CVE-2025-42982HigJun 10, 2025
    risk 0.57cvss 8.8epss 0.00

    SAP GRC allows a non-administrative user to access and initiate transaction which could allow them to modify or control the transmitted system credentials. This causes high impact on confidentiality, integrity and availability of the application.

  • CVE-2025-27434HigMar 11, 2025
    risk 0.57cvss 8.8epss 0.00

    Due to insufficient input validation, SAP Commerce (Swagger UI) allows an unauthenticated attacker to inject the malicious code from remote sources, which can be leveraged by an attacker to execute a cross-site scripting (XSS) attack. This could lead to a high impact on the…

  • CVE-2025-26661HigMar 11, 2025
    risk 0.57cvss 8.8epss 0.00

    Due to missing authorization check, SAP NetWeaver (ABAP Class Builder) allows an attacker to gain higher access levels than they should have, resulting in escalation of privileges. On successful exploitation, this could result in disclosure of highly sensitive information. It…

  • CVE-2024-27899HigApr 9, 2024
    risk 0.57cvss 8.8epss 0.00

    Self-Registration and Modify your own profile in User Admin Application of NetWeaver AS Java does not enforce proper security requirements for the content of the newly defined security answer. This can be leveraged by an attacker to cause profound impact on confidentiality and…

  • CVE-2018-2462HigSep 11, 2018
    risk 0.57cvss 8.8epss 0.02

    In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source.

  • CVE-2018-2461HigSep 11, 2018
    risk 0.57cvss 8.8epss 0.01

    Missing authorization check in SAP HCM Fiori "People Profile" (GBX01 HR version 6.0) for an authenticated user which may result in an escalation of privileges.

  • CVE-2018-2455HigSep 11, 2018
    risk 0.57cvss 8.8epss 0.01

    SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 (in business function EAFS_BCA_BUSOPR_SEPA) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

  • CVE-2018-2454HigSep 11, 2018
    risk 0.57cvss 8.8epss 0.01

    SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 (in business function EAFS_BCA_BUSOPR_2) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

  • CVE-2018-2442HigAug 14, 2018
    risk 0.57cvss 8.8epss 0.01

    In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad, the user session details captured by an HTTP analysis tool could be reused in a HTML page while the user session is still valid.

  • CVE-2018-2436HigJul 10, 2018
    risk 0.57cvss 8.8epss 0.01

    Executing transaction WRCK in SAP R/3 Enterprise Retail (EHP6) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

  • CVE-2018-2427HigJul 10, 2018
    risk 0.57cvss 8.8epss 0.02

    SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the…

  • CVE-2018-2367HigMar 1, 2018
    risk 0.57cvss 8.8epss 0.02

    ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed…

  • CVE-2018-2395HigFeb 14, 2018
    risk 0.57cvss 8.8epss 0.02

    Under certain conditions a malicious user may retrieve information on SAP Internet Graphic Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, overwrite existing image or corrupt other type of files.

  • CVE-2018-2381HigFeb 14, 2018
    risk 0.57cvss 8.8epss 0.01

    SAP ERP Financials Information System (SAP_APPL 6.00, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16; SAP_FIN 6.17, 6.18, 7.00, 7.20, 7.30 S4CORE 1.00, 1.01, 1.02) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

  • CVE-2018-2363HigJan 9, 2018
    risk 0.57cvss 8.8epss 0.02

    SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user's choice. A malicious user can therefore control the behaviour of the system or can potentially…

  • CVE-2018-2361HigJan 9, 2018
    risk 0.57cvss 8.8epss 0.01

    In SAP Solution Manager 7.20, the role SAP_BPO_CONFIG gives the Business Process Operations (BPO) configuration user more authorization than required for configuring the BPO tools.

  • CVE-2017-16689HigDec 12, 2017
    risk 0.57cvss 8.8epss 0.01

    A Trusted RFC connection in SAP KERNEL 32NUC, SAP KERNEL 32Unicode, SAP KERNEL 64NUC, SAP KERNEL 64Unicode 7.21, 7.21EXT, 7.22, 7.22EXT; SAP KERNEL from 7.21 to 7.22, 7.45, 7.49, can be established to a different client or a different user on the same system, although no…

  • CVE-2017-15296HigOct 16, 2017
    risk 0.57cvss 8.8epss 0.01

    The Java component in SAP CRM has CSRF. This is SAP Security Note 2478964.

  • CVE-2017-8913HigMay 23, 2017
    risk 0.57cvss 8.8epss 0.01

    The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security…

  • CVE-2017-7717HigApr 14, 2017
    risk 0.57cvss 8.8epss 0.02

    SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP NetWeaver AS Java 7.4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2356504.

  • CVE-2015-8840HigApr 8, 2016
    risk 0.57cvss 8.8epss 0.01

    The XML Data Archiving Service (XML DAS) in SAP NetWeaver AS Java does not check authorization, which allows remote authenticated users to obtain sensitive information, gain privileges, or possibly have unspecified other impact via requests to (1) webcontent/cas/cas_enter.jsp,…

  • CVE-2016-2536HigFeb 22, 2016
    risk 0.57cvss 8.8epss 0.03

    Multiple use-after-free vulnerabilities in SAP 3D Visual Enterprise Viewer allow remote attackers to execute arbitrary code via a crafted SketchUp document. NOTE: the primary affected product may be SketchUp.

  • CVE-2025-25243HigFeb 11, 2025
    risk 0.56cvss 8.6epss 0.01

    SAP Supplier Relationship Management (Master Data Management Catalog) allows an unauthenticated attacker to use a publicly available servlet to download an arbitrary file over the network without any user interaction. This can reveal highly sensitive information with no impact…

  • CVE-2018-2463HigSep 11, 2018
    risk 0.56cvss 8.6epss 0.02

    The Omni Commerce Connect API (OCC) of SAP Hybris Commerce, versions 6.*, is vulnerable to server-side request forgery (SSRF) attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC.

  • CVE-2018-2449HigAug 14, 2018
    risk 0.56cvss 8.6epss 0.02

    SAP SRM MDM Catalog versions 3.73, 7.31, 7.32 in (SAP NetWeaver 7.3) - import functionality does not perform authentication checks for valid repository user. This is an unauthenticated functionality that you can use on windows machines to do SMB relaying.

  • CVE-2016-9563MedKEVNov 23, 2016
    risk 0.56cvss 6.5epss 0.24

    BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909.

  • CVE-2016-4014HigApr 14, 2016
    risk 0.56cvss 8.6epss 0.05

    XML external entity (XXE) vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote attackers to cause a denial of service (system hang) via a crafted DTD in an XML request to uddi/api/replication, aka SAP Security Note 2254389.

  • CVE-2026-0507HigJan 13, 2026
    risk 0.55cvss 8.4epss 0.01

    Due to an OS Command Injection vulnerability in SAP Application Server for ABAP and SAP NetWeaver RFCSDK, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the server. If processed by the application, this…

  • CVE-2025-42983HigJun 10, 2025
    risk 0.55cvss 8.5epss 0.00

    SAP Business Warehouse and SAP Plug-In Basis allows an authenticated attacker to drop arbitrary SAP database tables, potentially resulting in a loss of data or rendering the system unusable. On successful exploitation, an attacker can completely delete database entries but is…

  • CVE-2025-23186HigApr 8, 2025
    risk 0.55cvss 8.5epss 0.00

    In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited…

  • CVE-2024-54198HigDec 10, 2024
    risk 0.55cvss 8.5epss 0.01

    In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited…

  • CVE-2024-41961CriAug 1, 2024
    risk 0.55cvss 9.6epss 0.01

    Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found in the live search functionality of the Ruby on Rails based Elektra web application. An authenticated user can craft a search term containing…

  • CVE-2018-2475HigOct 9, 2018
    risk 0.55cvss 8.5epss 0.01

    Following the Gardener architecture, the Kubernetes apiserver of a Gardener managed shoot cluster resides in the corresponding seed cluster. Due to missing network isolation a shoot's apiserver can access services/endpoints in the private network of its corresponding seed…

  • CVE-2018-2425HigJun 12, 2018
    risk 0.55cvss 8.4epss 0.00

    Under certain conditions, SAP Business One, 9.2, 9.3, for SAP HANA backup service allows an attacker to access information which would otherwise be restricted.

  • CVE-2018-2392HigFeb 14, 2018
    risk 0.55cvss 7.5epss 0.41

    Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable.

  • CVE-2016-2389HigFeb 16, 2016
    risk 0.55cvss 7.5epss 0.41

    Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the Path parameter to /Catalog, aka SAP Security…

  • CVE-2025-43010HigMay 13, 2025
    risk 0.54cvss 8.3epss 0.00

    SAP S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL)) allows an authenticated attacker with SAP standard authorization to execute a certain function module remotely and replace arbitrary ABAP programs, including SAP standard programs. This is due to lack…

  • CVE-2017-8914HigMay 23, 2017
    risk 0.54cvss 8.3epss 0.01

    sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to hijack npm packages or host arbitrary files by leveraging an insecure user creation policy, aka SAP Security Note 2407694.

  • CVE-2017-8852HigMay 10, 2017
    risk 0.54cvss 7.8epss 0.03

    SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is…

Page 2 of 37