SAP Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by sap
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Arbitrary Code Injection Vulnerability in SAP Landscape Transformation
CVE-2025-31330SAPSAP Landscape Transfor...9.9CRITICALUnauthorized Access Vulnerability in SAP Financial Consolidation
CVE-2025-30016SAPSAP Financial Consolid...9.8CRITICALDirectory Traversal Vulnerability in SAP Capital Yield Tax Management
CVE-2025-30014SAPSAP Capital Yield Tax ...7.7HIGHArbitrary Code Injection Vulnerability in SAP S/4HANA
CVE-2025-27429SAPSAP S/4hana (private C...9.9CRITICALDirectory Traversal Vulnerability in SAP Solution Manager
CVE-2025-27428SAPSAP Netweaver And Abap...7.7HIGHRemote Function Call Exploit in SAP NetWeaver Application Server ABAP
CVE-2025-23186SAPSAP Netweaver Applicat...8.5HIGHCross-Site Scripting Vulnerability in SAP Commerce by SAP
CVE-2025-27434SAPSAP Commerce (swagger Ui)8.8HIGHPrivilege Escalation Vulnerability in SAP NetWeaver by SAP
CVE-2025-26661SAPSAP Netweaver (abap Cl...8.8HIGHFile Download Vulnerability in SAP Supplier Relationship Management
CVE-2025-25243SAPSAP Supplier Relations...8.6HIGHAuthentication Bypass in SAP Approuter Node.js Package
CVE-2025-24876SAPSAP Approuter Node.js ...8.1HIGHInsufficient URL Validation in SAP HANA XS Advanced Model
CVE-2025-24868SAPSAP Hana Extended Appl...7.1HIGHVulnerability in SAP BusinessObjects Central Management Console Allows User Impersonation
CVE-2025-0064SAPSAP Businessobjects Bu...8.7HIGHSAP NetWeaver Application Server ABAP Vulnerability: Authenticated Attacker Can Access Remote Services
CVE-2024-54198SAPSAP Netweaver Applicat...8.5HIGHSAP NetWeaver Administrator Vulnerability Allows HTTP Endpoint Enumeration and SSRF Attacks
CVE-2024-54197SAPSAP Netweaver Administ...7.2HIGHAdobe Document Service Vulnerability Allows Server-Side Request Forgery
CVE-2024-47578SAPSAP Netweaver As For J...9.1CRITICALAttacker Could Replace Local Files, Causing High Impact on Confidentiality and Integrity
CVE-2024-47595SAPSAP Host Agent7.1HIGHOCC API Endpoints Vulnerable to PII Data Exposure
CVE-2024-33003SAPSAP Commerce Cloud9.1CRITICALUntrusted XML Document Validation Vulnerability Affects SAP ADS Rendering
CVE-2024-42374SAPSAP Bex Web Java Runti...8.2HIGHUnauthorized Access via REST Endpoint poses High Risk to Confidentiality, Integrity, and Availability
CVE-2024-41730SAPSAP Businessobjects Bu...9.8CRITICALSAP CRM Vulnerability: Authenticated Attacker can Enumerate Accessible HTTP Endpoints
CVE-2024-39598SAPSAP Crm Webclient Ui7.7HIGHSAP Commerce Vulnerability: Misuse of Forgotten Password Functionality Can Grant Access to Non-Isolated Sites
CVE-2024-39597SAPSAP Commerce7.2HIGHDoS Attacks on Repository Services Can Cause High Availability Impact
CVE-2024-34688SAPSAP Netweaver As Java7.5HIGHSAP Financial Consolidation Vulnerability: Untrusted Data Entry via Web Application
CVE-2024-37177SAPSAP Financial Consolid...8.1HIGHUnauthorized File Upload Vulnerability
CVE-2024-33006SAPSAP Netweaver Applicat...πΎπ°9.6CRITICALSAP Business Objects Platform Vulnerable to Stored XSS Attacks
CVE-2024-28165SAPSAP Businessobjects Bu...8.1HIGH