VYPR

Vendor CVEs

SAP

All CVEs

1,818 total · sorted by risk
  • CVE-2026-24316MedMar 10, 2026
    risk 0.42cvss 6.4epss 0.00

    SAP NetWeaver Application Server for ABAP provides an ABAP Report for testing purposes, which allows to send HTTP requests to arbitrary internal or external endpoints. The report is therefore vulnerable to Server-Side Request Forgery (SSRF). Successful exploitation could lead to…

  • CVE-2026-24309MedMar 10, 2026
    risk 0.42cvss 6.4epss 0.00

    Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the database configuration table of the ABAP system. This unauthorized content change…

  • CVE-2026-0503MedJan 13, 2026
    risk 0.42cvss 6.4epss 0.00

    Due to missing authorization check in the SAP ERP Central Component (SAP ECC) and SAP S/4HANA (SAP EHS Management), an attacker could extract hardcoded clear-text credentials and bypass the password authentication check by manipulating user parameters. Upon successful…

  • CVE-2025-42904MedDec 9, 2025
    risk 0.42cvss 6.5epss 0.00

    Due to an Information Disclosure vulnerability in Application Server ABAP, an authenticated attacker could read unmasked values displayed in ABAP Lists. Successful exploitation could lead to unauthorized disclosure of data, resulting in a high impact on confidentiality without…

  • CVE-2025-42884MedNov 11, 2025
    risk 0.42cvss 6.5epss 0.00

    SAP NetWeaver Enterprise Portal allows an unauthenticated attacker to inject JNDI environment properties or pass a URL used during JNDI lookup operations, enabling access to an unintended JNDI provider.�This could further lead to disclosure or modification of information about…

  • CVE-2025-42930MedSep 9, 2025
    risk 0.42cvss 6.5epss 0.00

    SAP Business Planning and Consolidation allows an authenticated standard user to call a function module by crafting specific parameters that causes a loop, consuming excessive resources and resulting in system unavailability. This leads to high impact on the availability of the…

  • CVE-2025-42917MedSep 9, 2025
    risk 0.42cvss 6.5epss 0.00

    SAP HCM Approve Timesheets Fiori 2.0 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This issue has a significant impact on the application's integrity, while confidentiality and availability remain…

  • CVE-2025-42912MedSep 9, 2025
    risk 0.42cvss 6.5epss 0.00

    SAP HCM My Timesheet Fiori 2.0 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This issue has a significant impact on the application's integrity, while confidentiality and availability remain…

  • CVE-2025-43003MedMay 13, 2025
    risk 0.42cvss 6.4epss 0.00

    SAP S/4 HANA allows an authenticated attacker with user privileges to configure a field not intended for their access and create a custom UI layout displaying this field. On performing this step the attacker could gain access to highly sensitive information. This could cause a…

  • CVE-2024-42372MedNov 12, 2024
    risk 0.42cvss 6.5epss 0.00

    Due to missing authorization check in SAP NetWeaver AS Java (System Landscape Directory) an unauthorized user can read and modify some restricted global SLD configurations causing low impact on confidentiality and integrity of the application.

  • CVE-2024-45286MedSep 10, 2024
    risk 0.42cvss 6.5epss 0.00

    Due to lack of proper authorization checks when calling user, a function module in obsolete Tobin interface in SAP Production and Revenue Accounting allows unauthorized access that could lead to disclosure of highly sensitive data. There is no impact on integrity or availability.

  • CVE-2024-32730MedMay 14, 2024
    risk 0.42cvss 6.5epss 0.01

    SAP Enable Now Manager does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, the attacker with the role 'Learner' could gain access to other user's data in manager which will lead to a high…

  • CVE-2024-30218MedApr 9, 2024
    risk 0.42cvss 6.5epss 0.01

    The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. This leads to a considerable impact on availability.

  • CVE-2024-28167MedApr 9, 2024
    risk 0.42cvss 6.5epss 0.00

    SAP Group Reporting Data Collection does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, specific data can be changed via the Enter Package Data app although the user does not have…

  • CVE-2018-2474MedOct 9, 2018
    risk 0.42cvss 6.5epss 0.01

    SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) application allows an attacker to trick an authenticated user to send unintended request to the web server. This vulnerability is due to insufficient CSRF protection.

  • CVE-2018-2457MedSep 11, 2018
    risk 0.42cvss 6.5epss 0.01

    Under certain conditions SAP Adaptive Server Enterprise, version 16.0, allows some privileged users to access information which would otherwise be restricted.

  • CVE-2018-2447MedAug 14, 2018
    risk 0.42cvss 6.5epss 0.01

    SAP BusinessObjects Business Intelligence (Launchpad Web Intelligence), version 4.2, allows an attacker to execute crafted InfoObject queries, exposing the CMS InfoObjects database.

  • CVE-2018-2420MedMay 9, 2018
    risk 0.42cvss 6.5epss 0.02

    SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to upload any file (including script files) without proper file format validation.

  • CVE-2018-2396MedFeb 14, 2018
    risk 0.42cvss 6.5epss 0.01

    Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, using IGS Interpreter service.

  • CVE-2018-2394MedFeb 14, 2018
    risk 0.42cvss 6.5epss 0.01

    Under certain conditions an unauthenticated malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, services and/or system files.

  • CVE-2018-2391MedFeb 14, 2018
    risk 0.42cvss 6.5epss 0.01

    Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS portwatcher service.

  • CVE-2018-2390MedFeb 14, 2018
    risk 0.42cvss 6.5epss 0.01

    Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS Chart service.

  • CVE-2018-2387MedFeb 14, 2018
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to obtain information on ports, which is not available to the user otherwise.

  • CVE-2018-2386MedFeb 14, 2018
    risk 0.42cvss 6.5epss 0.01

    Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53.

  • CVE-2018-2385MedFeb 14, 2018
    risk 0.42cvss 6.5epss 0.01

    Under certain conditions a malicious user provoking a divide by zero crash can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services.

  • CVE-2018-2384MedFeb 14, 2018
    risk 0.42cvss 6.5epss 0.01

    Under certain conditions a malicious user provoking a Null Pointer dereference can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services.

  • CVE-2018-2382MedFeb 14, 2018
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to store graphics in a controlled area and as such gain information from system area, which is not available to the user otherwise.

  • CVE-2018-2379MedFeb 14, 2018
    risk 0.42cvss 6.5epss 0.01

    In SAP HANA Extended Application Services, 1.0, an unauthenticated user could test if a given username is valid by evaluating error messages of a specific endpoint.

  • CVE-2018-2378MedFeb 14, 2018
    risk 0.42cvss 6.5epss 0.01

    In SAP HANA Extended Application Services, 1.0, unauthorized users can read statistical data about deployed applications including resource consumption.

  • CVE-2018-2377MedFeb 14, 2018
    risk 0.42cvss 6.5epss 0.01

    In SAP HANA Extended Application Services, 1.0, some general server statistics and status information could be retrieved by unauthorized users.

  • CVE-2018-2374MedFeb 14, 2018
    risk 0.42cvss 6.5epss 0.01

    In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve sensitive application data like service bindings within that space.

  • CVE-2018-2372MedFeb 14, 2018
    risk 0.42cvss 6.5epss 0.01

    A plain keystore password is written to a system log file in SAP HANA Extended Application Services, 1.0, which could endanger confidentiality of SSL communication.

  • CVE-2017-16691MedDec 12, 2017
    risk 0.42cvss 6.5epss 0.01

    SAP Note Assistant tool (SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31,7.40, from 7.50 to 7.52) supports upload of digitally signed note file of type 'SAR'. The digital signature verification is done together with the extraction of note file contained in the SAR…

  • CVE-2017-16683MedDec 12, 2017
    risk 0.42cvss 6.5epss 0.01

    Denial of Service (DOS) in SAP Business Objects Platform, Enterprise 4.10 and 4.20, that could allow an attacker to prevent legitimate users from accessing a service.

  • CVE-2017-11457MedJul 25, 2017
    risk 0.42cvss 6.5epss 0.01

    XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request, aka SAP Security Note 2387249.

  • CVE-2016-10304MedApr 10, 2017
    risk 0.42cvss 6.5epss 0.02

    The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to cause a denial of service (out-of-memory error and service instability) via a crafted serialized Java object, as demonstrated by serial.cc3, aka SAP Security Note 2315788.

  • CVE-2016-4407MedOct 13, 2016
    risk 0.42cvss 6.5epss 0.01

    The DSA algorithm implementation in SAP SAPCRYPTOLIB 5.555.38 does not properly check signatures, which allows remote authenticated users to impersonate arbitrary users via unspecified vectors, aka SAP Security Note 2223008.

  • CVE-2026-40133MedMay 12, 2026
    risk 0.41cvss 6.3epss 0.00

    Due to missing authorization check in SAP S/4HANA Condition Maintenance, an authenticated attacker could gain unauthorized access to view and modify condition table records, resulting in low impact on the confidentiality and integrity of the data. Additionally, this…

  • CVE-2025-43009MedMay 13, 2025
    risk 0.41cvss 6.3epss 0.00

    SAP Service Parts Management (SPM) does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on Confidentiality, integrity and availability of the application.

  • CVE-2025-43007MedMay 13, 2025
    risk 0.41cvss 6.3epss 0.00

    SAP Service Parts Management (SPM) does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on confidentiality, integrity and availability of the application.

  • CVE-2025-0067MedJan 14, 2025
    risk 0.41cvss 6.3epss 0.00

    Due to a missing authorization check on service endpoints in the SAP NetWeaver Application Server Java, an attacker with standard user role can create JCo connection entries, which are used for remote function calls from or to the application server. This could lead to low…

  • CVE-2016-5847MedAug 13, 2016
    risk 0.41cvss 5.8epss 0.01

    SAP SAPCAR allows local users to change the permissions of arbitrary files and consequently gain privileges via a hard link attack on files extracted from an archive, possibly related to SAP Security Note 2327384.

  • CVE-2026-44746MedJun 9, 2026
    risk 0.40cvss 6.1epss 0.00

    Due to a reflected cross-site scripting (XSS) vulnerability in SAP NetWeaver JAVA (JDBC Test Servlet), an unauthenticated attacker could craft a URL that embeds a malicious script. If a victim clicks this link, the injected input is processed during web page generation,…

  • CVE-2026-40137MedMay 12, 2026
    risk 0.40cvss 6.1epss 0.00

    SAP TAF_APPLAUNCHER within Business Server Pages allows an unauthenticated attacker to craft malicious links that, when clicked by a victim, redirects them to attacker?controlled sites, potentially exposing or altering sensitive information in the victim�s browser. This…

  • CVE-2026-34257MedApr 14, 2026
    risk 0.40cvss 6.1epss 0.00

    Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This causes low impact on confidentiality and…

  • CVE-2026-27674MedApr 14, 2026
    risk 0.40cvss 6.1epss 0.00

    Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java), an unauthenticated attacker could supply crafted input that is interpreted by the application and causes it to reference attacker-controlled content. If a victim accesses the…

  • CVE-2026-0512MedApr 14, 2026
    risk 0.40cvss 6.1epss 0.00

    Due to a Cross-Site Scripting (XSS) vulnerability in the SAP Supplier Relationship Management (SICF Handler in SRM Catalog), an unauthenticated attacker could craft a malicious URL, that if accessed by a victim, results in execution of malicious content within the victim's…

  • CVE-2026-0499MedJan 13, 2026
    risk 0.40cvss 6.1epss 0.00

    SAP NetWeaver Enterprise Portal allows an unauthenticated attacker to inject malicious scripts into a URL parameter. The scripts are reflected in the server response and executed in a user's browser when the crafted URL is visited, leading to theft of session information,…

  • CVE-2025-42872MedDec 9, 2025
    risk 0.40cvss 6.1epss 0.00

    Due to a Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal, an unauthenticated attacker could inject malicious scripts that execute in the context of other users� browsers, allowing the attacker to steal session cookies, tokens, and other sensitive…

  • CVE-2025-42924MedNov 11, 2025
    risk 0.40cvss 6.1epss 0.00

    SAP S/4HANA landscape SAP E-Recruiting BSP allows an unauthenticated attacker to craft malicious links, when clicked the victim could be redirected to the page controlled by the attacker. This has low impact on confidentiality and integrity of the application with no impact on…

Page 5 of 37