Vendor CVEs
SAP
All CVEs
1,818 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-2388 | Med | 0.54 | 5.3 | 0.52 | KEV | Feb 16, 2016 | The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846. | |
| CVE-2026-34259 | Hig | 0.53 | 8.2 | 0.00 | May 12, 2026 | Due to an OS Command Execution vulnerability in SAP Forecasting & Replenishment, an authenticated attacker with administrative authorizations could abuse a non-remote-enabled function to execute arbitrary operating system commands. Successful exploitation could allow the… | ||
| CVE-2026-0511 | Hig | 0.53 | 8.1 | 0.00 | Jan 13, 2026 | SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has high impact on confidentiality and integrity of the application ,availability is not impacted. | ||
| CVE-2025-42878 | Hig | 0.53 | 8.2 | 0.00 | Dec 9, 2025 | SAP Web Dispatcher and ICM may expose internal testing interfaces that are not intended for production. If enabled, unauthenticated attackers could exploit them to access diagnostics, send crafted requests, or disrupt services. This vulnerability has a high impact on… | ||
| CVE-2025-42976 | Hig | 0.53 | 8.1 | 0.00 | Aug 12, 2025 | SAP NetWeaver Application Server ABAP (BIC Document) allows an authenticated attacker to craft a request that, when submitted to a BIC Document application, could cause a memory corruption error. On successful exploitation, this results in the crash of the target component.… | ||
| CVE-2025-42953 | Hig | 0.53 | 8.1 | 0.00 | Jul 8, 2025 | SAP Netweaver System Configuration does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This could completely compromise the integrity and availability with no impact on confidentiality of the system. | ||
| CVE-2025-24876 | Hig | 0.53 | 8.1 | 0.00 | Feb 11, 2025 | The SAP Approuter Node.js package version v16.7.1 and before is vulnerable to Authentication bypass. When trading an authorization code an attacker can steal the session of the victim by injecting malicious payload causing High impact on confidentiality and integrity of the… | ||
| CVE-2024-37177 | Hig | 0.53 | 8.1 | 0.00 | Jun 11, 2024 | SAP Financial Consolidation allows data to enter a Web application through an untrusted source. These endpoints are exposed over the network and it allows the user to modify the content from the web site. On successful exploitation, an attacker can cause significant impact to… | ||
| CVE-2017-16349 | Hig | 0.53 | 8.1 | 0.01 | Aug 2, 2018 | An exploitable XML external entity vulnerability exists in the reporting functionality of SAP BPC. A specially crafted XML request can cause an XML external entity to be referenced, resulting in information disclosure and potential denial of service. An attacker can issue… | ||
| CVE-2018-2393 | Hig | 0.53 | 7.5 | 0.18 | Feb 14, 2018 | Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable. | ||
| CVE-2018-2376 | Hig | 0.53 | 8.1 | 0.01 | Feb 14, 2018 | In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve application environments within that space. | ||
| CVE-2018-2375 | Hig | 0.53 | 8.1 | 0.01 | Feb 14, 2018 | In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve application environments within that space. | ||
| CVE-2016-6144 | Hig | 0.53 | 8.1 | 0.04 | Aug 5, 2016 | The SQL interface in SAP HANA before Revision 102 does not limit the number of login attempts for the SYSTEM user when the password_lock_for_system_user is not supported or is configured as "False," which makes it easier for remote attackers to bypass authentication via a brute… | ||
| CVE-2017-7696 | Hig | 0.52 | 7.5 | 0.36 | Apr 14, 2017 | SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote attackers to cause a denial of service (memory consumption) via large values in the width and height parameters to otp_logon_ui_resources/qr, aka SAP Security Note 2389042. | ||
| CVE-2016-10079 | Hig | 0.52 | 7.5 | 0.07 | Feb 1, 2017 | SAPlpd through 7400.3.11.33 in SAP GUI 7.40 on Windows has a Denial of Service vulnerability (service crash) with a long string to TCP port 515. | ||
| CVE-2025-42874 | Hig | 0.51 | 7.9 | 0.00 | Dec 9, 2025 | SAP NetWeaver remote service for Xcelsius allows an attacker with network access and high privileges to execute arbitrary code on the affected system due to insufficient input validation and improper handling of remote method calls. Exploitation does not require user interaction… | ||
| CVE-2025-43000 | Hig | 0.51 | 7.9 | 0.00 | May 13, 2025 | Under certain conditions Promotion Management Wizard (PMW) allows an attacker to access information which would otherwise be restricted.This has High impact on Confidentiality with Low impact on Integrity and Availability of the application. | ||
| CVE-2025-0069 | Hig | 0.51 | 7.8 | 0.00 | Jan 14, 2025 | Due to DLL injection vulnerability in SAPSetup, an attacker with either local user privileges or with access to a compromised corporate user�s Windows account could gain higher privileges. With this, he could move laterally within the network and further compromise the active… | ||
| CVE-2017-16690 | Hig | 0.51 | 7.8 | 0.01 | Dec 12, 2017 | A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs like DWMAPI.dll (located in your Syswow64 / System32 folder) from the folder… | ||
| CVE-2016-3946 | Hig | 0.51 | 7.8 | 0.00 | Oct 13, 2016 | SAP Console (aka SAPConsole) 7.30 allows local users to discover SAP Server login credentials by reading the Windows registry, aka SAP Security Note 2121461. | ||
| CVE-2025-42952 | Hig | 0.50 | 7.7 | 0.00 | Jul 8, 2025 | SAP Business Warehouse and SAP Plug-In Basis allows an authenticated attacker to add fields to arbitrary SAP database tables and/or structures, potentially rendering the system unusable. On successful exploitation, an attacker can render the system unusable by triggering short… | ||
| CVE-2025-43011 | Hig | 0.50 | 7.7 | 0.00 | May 13, 2025 | Under certain conditions, SAP Landscape Transformation's PCL Basis module does not perform the necessary authorization checks, allowing authenticated users to access restricted functionalities or data. This can lead to a high impact on confidentiality with no impact on the… | ||
| CVE-2025-30014 | Hig | 0.50 | 7.7 | 0.01 | Apr 8, 2025 | SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation. This could allow an attacker with low privileges to read files from directory which they don�t have access to, hence causing a high impact on confidentiality. Integrity… | ||
| CVE-2025-27428 | Hig | 0.50 | 7.7 | 0.01 | Apr 8, 2025 | Due to directory traversal vulnerability, an authorized attacker could gain access to some critical information by using RFC enabled function module. Upon successful exploitation, they could read files from any managed system connected to SAP Solution Manager, leading to high… | ||
| CVE-2018-2402 | Hig | 0.50 | 7.6 | 0.02 | Mar 14, 2018 | In systems using the optional capture & replay functionality of SAP HANA, 1.00 and 2.00, (see SAP Note 2362820 for more information about capture & replay), user credentials may be stored in clear text in the indexserver trace files of the control system. An attacker with the… | ||
| CVE-2026-41039 | Hig | 0.49 | 7.5 | 0.00 | Apr 21, 2026 | This vulnerability exists in Quantum Networks router due to improper access control and insecure default configuration in the web-based management interface. An unauthenticated attacker could exploit this vulnerability by accessing exposed API endpoints on the targeted device. … | ||
| CVE-2025-42877 | Hig | 0.49 | 7.5 | 0.00 | Dec 9, 2025 | SAP Web Dispatcher, Internet Communication Manager (ICM), and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity… | ||
| CVE-2025-42940 | Hig | 0.49 | 7.5 | 0.00 | Nov 11, 2025 | SAP CommonCryptoLib does not perform necessary boundary checks during pre-authentication parsing of manipulated ASN.1 data over the network. This may result in memory corruption followed by an application crash, hence leading to a high impact on availability. There is no impact… | ||
| CVE-2025-42995 | Hig | 0.49 | 7.5 | 0.00 | Jun 10, 2025 | SAP MDM Server Read function allows an attacker to send specially crafted packets which could trigger a memory read access violation in the server process that would then fail and exit unexpectedly causing high impact on availability with no impact on confidentiality and… | ||
| CVE-2025-42994 | Hig | 0.49 | 7.5 | 0.00 | Jun 10, 2025 | SAP MDM Server ReadString function allows an attacker to send specially crafted packets which could trigger a memory read access violation in the server process that would then fail and exit unexpectedly causing high impact on availability with no impact on confidentiality and… | ||
| CVE-2025-42977 | Hig | 0.49 | 7.6 | 0.01 | Jun 10, 2025 | SAP NetWeaver Visual Composer contains a Directory Traversal vulnerability caused by insufficient validation of input paths provided by a high-privileged user. This allows an attacker to read or modify arbitrary files, resulting in a high impact on confidentiality and a low… | ||
| CVE-2018-2471 | Hig | 0.49 | 7.5 | 0.02 | Oct 9, 2018 | Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 allows an attacker to access information which would otherwise be restricted. | ||
| CVE-2018-2469 | Hig | 0.49 | 7.5 | 0.02 | Oct 9, 2018 | Under certain conditions SAP Adaptive Server Enterprise (ASE), versions 15.7 and 16.0, allows an attacker to access information which would otherwise be restricted. | ||
| CVE-2018-2468 | Hig | 0.49 | 7.5 | 0.02 | Oct 9, 2018 | Under certain conditions the backup server in SAP Adaptive Server Enterprise (ASE), versions 15.7 and 16.0, allows an attacker to access information which would otherwise be restricted. | ||
| CVE-2018-2465 | Hig | 0.49 | 7.5 | 0.03 | Sep 11, 2018 | SAP HANA (versions 1.0 and 2.0) Extended Application Services classic model OData parser does not sufficiently validate XML. By exploiting, an unauthorized hacker can cause the database server to crash. | ||
| CVE-2018-2459 | Hig | 0.49 | 7.5 | 0.02 | Sep 11, 2018 | Users of an SAP Mobile Platform (version 3.0) Offline OData application, which uses Offline OData-supplied delta tokens (which is on by default), occasionally receive some data values of a different user. | ||
| CVE-2018-2458 | Hig | 0.49 | 7.5 | 0.02 | Sep 11, 2018 | Under certain conditions, Crystal Report using SAP Business One, versions 9.2 and 9.3, connection type allows an attacker to access information which would otherwise be restricted. | ||
| CVE-2018-2446 | Hig | 0.49 | 7.5 | 0.02 | Aug 14, 2018 | Admin tools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allow an unauthenticated user to read sensitive information (server name), hence leading to an information disclosure. | ||
| CVE-2018-2438 | Hig | 0.49 | 7.5 | 0.02 | Jul 10, 2018 | The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, has several denial-of-service vulnerabilities that allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. | ||
| CVE-2018-2433 | Hig | 0.49 | 7.5 | 0.01 | Jul 10, 2018 | SAP Gateway (SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49 and 7.53) allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding… | ||
| CVE-2013-7245 | Hig | 0.49 | 7.5 | 0.01 | Apr 24, 2018 | The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows remote attackers to bypass access restrictions and perform database dumps by leveraging failure to validate credentials, aka SAP Security Note 1927859. | ||
| CVE-2018-2400 | Hig | 0.49 | 7.5 | 0.02 | Mar 14, 2018 | Under certain conditions SAP Business Process Automation (BPA) By Redwood, 9.00, 9.10, allows an attacker to access information which would otherwise be restricted. | ||
| CVE-2018-2398 | Hig | 0.49 | 7.5 | 0.01 | Mar 14, 2018 | Under certain conditions SAP Business Client 6.5 allows an attacker to access information which would otherwise be restricted. | ||
| CVE-2018-2373 | Hig | 0.49 | 7.5 | 0.01 | Feb 14, 2018 | Under certain circumstances, a specific endpoint of the Controller's API could be misused by unauthenticated users to execute SQL statements that deliver information about system configuration in SAP HANA Extended Application Services, 1.0. | ||
| CVE-2018-2360 | Hig | 0.49 | 7.5 | 0.03 | Jan 9, 2018 | SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an authentication check for functionalities that require user identity and cause consumption of file system storage. | ||
| CVE-2017-16680 | Hig | 0.49 | 7.5 | 0.02 | Dec 12, 2017 | Two potential audit log injections in SAP HANA extended application services 1.0, advanced model: 1) Certain HTTP/REST endpoints of controller service are missing user input validation which could allow unprivileged attackers to forge audit log lines. Hence the interpretation of… | ||
| CVE-2017-15297 | Hig | 0.49 | 7.5 | 0.03 | Oct 16, 2017 | SAP Hostcontrol does not require authentication for the SOAP SAPControl endpoint. This is SAP Security Note 2442993. | ||
| CVE-2017-14581 | Hig | 0.49 | 7.5 | 0.02 | Sep 19, 2017 | The Host Control web service in SAP NetWeaver AS JAVA 7.0 through 7.5 allows remote attackers to cause a denial of service (service crash) via a crafted request, aka SAP Security Note 2389181. | ||
| CVE-2017-14511 | Hig | 0.49 | 7.5 | 0.01 | Sep 17, 2017 | An issue was discovered in SAP E-Recruiting (aka ERECRUIT) 605 through 617. When an external applicant registers to the E-Recruiting application, he/she receives a link by email to confirm access to the provided email address. However, this measure can be bypassed and attackers… | ||
| CVE-2014-8871 | Hig | 0.49 | 7.5 | 0.04 | Aug 28, 2017 | Directory traversal vulnerability in hybris Commerce software suite 5.0.3.3 and earlier, 5.0.0.3 and earlier, 5.0.4.4 and earlier, 5.1.0.1 and earlier, 5.1.1.2 and earlier, 5.2.0.3 and earlier, and 5.3.0.1 and earlier. |
- risk 0.54cvss 5.3epss 0.52
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846.
- risk 0.53cvss 8.2epss 0.00
Due to an OS Command Execution vulnerability in SAP Forecasting & Replenishment, an authenticated attacker with administrative authorizations could abuse a non-remote-enabled function to execute arbitrary operating system commands. Successful exploitation could allow the…
- risk 0.53cvss 8.1epss 0.00
SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has high impact on confidentiality and integrity of the application ,availability is not impacted.
- risk 0.53cvss 8.2epss 0.00
SAP Web Dispatcher and ICM may expose internal testing interfaces that are not intended for production. If enabled, unauthenticated attackers could exploit them to access diagnostics, send crafted requests, or disrupt services. This vulnerability has a high impact on…
- risk 0.53cvss 8.1epss 0.00
SAP NetWeaver Application Server ABAP (BIC Document) allows an authenticated attacker to craft a request that, when submitted to a BIC Document application, could cause a memory corruption error. On successful exploitation, this results in the crash of the target component.…
- risk 0.53cvss 8.1epss 0.00
SAP Netweaver System Configuration does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This could completely compromise the integrity and availability with no impact on confidentiality of the system.
- risk 0.53cvss 8.1epss 0.00
The SAP Approuter Node.js package version v16.7.1 and before is vulnerable to Authentication bypass. When trading an authorization code an attacker can steal the session of the victim by injecting malicious payload causing High impact on confidentiality and integrity of the…
- risk 0.53cvss 8.1epss 0.00
SAP Financial Consolidation allows data to enter a Web application through an untrusted source. These endpoints are exposed over the network and it allows the user to modify the content from the web site. On successful exploitation, an attacker can cause significant impact to…
- risk 0.53cvss 8.1epss 0.01
An exploitable XML external entity vulnerability exists in the reporting functionality of SAP BPC. A specially crafted XML request can cause an XML external entity to be referenced, resulting in information disclosure and potential denial of service. An attacker can issue…
- risk 0.53cvss 7.5epss 0.18
Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable.
- risk 0.53cvss 8.1epss 0.01
In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve application environments within that space.
- risk 0.53cvss 8.1epss 0.01
In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve application environments within that space.
- risk 0.53cvss 8.1epss 0.04
The SQL interface in SAP HANA before Revision 102 does not limit the number of login attempts for the SYSTEM user when the password_lock_for_system_user is not supported or is configured as "False," which makes it easier for remote attackers to bypass authentication via a brute…
- risk 0.52cvss 7.5epss 0.36
SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote attackers to cause a denial of service (memory consumption) via large values in the width and height parameters to otp_logon_ui_resources/qr, aka SAP Security Note 2389042.
- risk 0.52cvss 7.5epss 0.07
SAPlpd through 7400.3.11.33 in SAP GUI 7.40 on Windows has a Denial of Service vulnerability (service crash) with a long string to TCP port 515.
- risk 0.51cvss 7.9epss 0.00
SAP NetWeaver remote service for Xcelsius allows an attacker with network access and high privileges to execute arbitrary code on the affected system due to insufficient input validation and improper handling of remote method calls. Exploitation does not require user interaction…
- risk 0.51cvss 7.9epss 0.00
Under certain conditions Promotion Management Wizard (PMW) allows an attacker to access information which would otherwise be restricted.This has High impact on Confidentiality with Low impact on Integrity and Availability of the application.
- risk 0.51cvss 7.8epss 0.00
Due to DLL injection vulnerability in SAPSetup, an attacker with either local user privileges or with access to a compromised corporate user�s Windows account could gain higher privileges. With this, he could move laterally within the network and further compromise the active…
- risk 0.51cvss 7.8epss 0.01
A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs like DWMAPI.dll (located in your Syswow64 / System32 folder) from the folder…
- risk 0.51cvss 7.8epss 0.00
SAP Console (aka SAPConsole) 7.30 allows local users to discover SAP Server login credentials by reading the Windows registry, aka SAP Security Note 2121461.
- risk 0.50cvss 7.7epss 0.00
SAP Business Warehouse and SAP Plug-In Basis allows an authenticated attacker to add fields to arbitrary SAP database tables and/or structures, potentially rendering the system unusable. On successful exploitation, an attacker can render the system unusable by triggering short…
- risk 0.50cvss 7.7epss 0.00
Under certain conditions, SAP Landscape Transformation's PCL Basis module does not perform the necessary authorization checks, allowing authenticated users to access restricted functionalities or data. This can lead to a high impact on confidentiality with no impact on the…
- risk 0.50cvss 7.7epss 0.01
SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation. This could allow an attacker with low privileges to read files from directory which they don�t have access to, hence causing a high impact on confidentiality. Integrity…
- risk 0.50cvss 7.7epss 0.01
Due to directory traversal vulnerability, an authorized attacker could gain access to some critical information by using RFC enabled function module. Upon successful exploitation, they could read files from any managed system connected to SAP Solution Manager, leading to high…
- risk 0.50cvss 7.6epss 0.02
In systems using the optional capture & replay functionality of SAP HANA, 1.00 and 2.00, (see SAP Note 2362820 for more information about capture & replay), user credentials may be stored in clear text in the indexserver trace files of the control system. An attacker with the…
- risk 0.49cvss 7.5epss 0.00
This vulnerability exists in Quantum Networks router due to improper access control and insecure default configuration in the web-based management interface. An unauthenticated attacker could exploit this vulnerability by accessing exposed API endpoints on the targeted device. …
- risk 0.49cvss 7.5epss 0.00
SAP Web Dispatcher, Internet Communication Manager (ICM), and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity…
- risk 0.49cvss 7.5epss 0.00
SAP CommonCryptoLib does not perform necessary boundary checks during pre-authentication parsing of manipulated ASN.1 data over the network. This may result in memory corruption followed by an application crash, hence leading to a high impact on availability. There is no impact…
- risk 0.49cvss 7.5epss 0.00
SAP MDM Server Read function allows an attacker to send specially crafted packets which could trigger a memory read access violation in the server process that would then fail and exit unexpectedly causing high impact on availability with no impact on confidentiality and…
- risk 0.49cvss 7.5epss 0.00
SAP MDM Server ReadString function allows an attacker to send specially crafted packets which could trigger a memory read access violation in the server process that would then fail and exit unexpectedly causing high impact on availability with no impact on confidentiality and…
- risk 0.49cvss 7.6epss 0.01
SAP NetWeaver Visual Composer contains a Directory Traversal vulnerability caused by insufficient validation of input paths provided by a high-privileged user. This allows an attacker to read or modify arbitrary files, resulting in a high impact on confidentiality and a low…
- risk 0.49cvss 7.5epss 0.02
Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 allows an attacker to access information which would otherwise be restricted.
- risk 0.49cvss 7.5epss 0.02
Under certain conditions SAP Adaptive Server Enterprise (ASE), versions 15.7 and 16.0, allows an attacker to access information which would otherwise be restricted.
- risk 0.49cvss 7.5epss 0.02
Under certain conditions the backup server in SAP Adaptive Server Enterprise (ASE), versions 15.7 and 16.0, allows an attacker to access information which would otherwise be restricted.
- risk 0.49cvss 7.5epss 0.03
SAP HANA (versions 1.0 and 2.0) Extended Application Services classic model OData parser does not sufficiently validate XML. By exploiting, an unauthorized hacker can cause the database server to crash.
- risk 0.49cvss 7.5epss 0.02
Users of an SAP Mobile Platform (version 3.0) Offline OData application, which uses Offline OData-supplied delta tokens (which is on by default), occasionally receive some data values of a different user.
- risk 0.49cvss 7.5epss 0.02
Under certain conditions, Crystal Report using SAP Business One, versions 9.2 and 9.3, connection type allows an attacker to access information which would otherwise be restricted.
- risk 0.49cvss 7.5epss 0.02
Admin tools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allow an unauthenticated user to read sensitive information (server name), hence leading to an information disclosure.
- risk 0.49cvss 7.5epss 0.02
The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, has several denial-of-service vulnerabilities that allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.
- risk 0.49cvss 7.5epss 0.01
SAP Gateway (SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49 and 7.53) allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding…
- risk 0.49cvss 7.5epss 0.01
The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows remote attackers to bypass access restrictions and perform database dumps by leveraging failure to validate credentials, aka SAP Security Note 1927859.
- risk 0.49cvss 7.5epss 0.02
Under certain conditions SAP Business Process Automation (BPA) By Redwood, 9.00, 9.10, allows an attacker to access information which would otherwise be restricted.
- risk 0.49cvss 7.5epss 0.01
Under certain conditions SAP Business Client 6.5 allows an attacker to access information which would otherwise be restricted.
- risk 0.49cvss 7.5epss 0.01
Under certain circumstances, a specific endpoint of the Controller's API could be misused by unauthenticated users to execute SQL statements that deliver information about system configuration in SAP HANA Extended Application Services, 1.0.
- risk 0.49cvss 7.5epss 0.03
SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an authentication check for functionalities that require user identity and cause consumption of file system storage.
- risk 0.49cvss 7.5epss 0.02
Two potential audit log injections in SAP HANA extended application services 1.0, advanced model: 1) Certain HTTP/REST endpoints of controller service are missing user input validation which could allow unprivileged attackers to forge audit log lines. Hence the interpretation of…
- risk 0.49cvss 7.5epss 0.03
SAP Hostcontrol does not require authentication for the SOAP SAPControl endpoint. This is SAP Security Note 2442993.
- risk 0.49cvss 7.5epss 0.02
The Host Control web service in SAP NetWeaver AS JAVA 7.0 through 7.5 allows remote attackers to cause a denial of service (service crash) via a crafted request, aka SAP Security Note 2389181.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in SAP E-Recruiting (aka ERECRUIT) 605 through 617. When an external applicant registers to the E-Recruiting application, he/she receives a link by email to confirm access to the provided email address. However, this measure can be bypassed and attackers…
- risk 0.49cvss 7.5epss 0.04
Directory traversal vulnerability in hybris Commerce software suite 5.0.3.3 and earlier, 5.0.0.3 and earlier, 5.0.4.4 and earlier, 5.1.0.1 and earlier, 5.1.1.2 and earlier, 5.2.0.3 and earlier, and 5.3.0.1 and earlier.
Page 3 of 37