SAP Latest High Vulnerabilities
Latest high vulnerabilities published by sap
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
SAP NetWeaver Application Server ABAP Vulnerability: Authenticated Attacker Can Access Remote Services
CVE-2024-54198SAPSAP Netweaver Applicat...8.5HIGHSAP NetWeaver Administrator Vulnerability Allows HTTP Endpoint Enumeration and SSRF Attacks
CVE-2024-54197SAPSAP Netweaver Administ...7.2HIGHAdobe Document Service Vulnerability Allows Server-Side Request Forgery
CVE-2024-47578SAPSAP Netweaver As For J...9.1CRITICALAttacker Could Replace Local Files, Causing High Impact on Confidentiality and Integrity
CVE-2024-47595SAPSAP Host Agent7.1HIGHOCC API Endpoints Vulnerable to PII Data Exposure
CVE-2024-33003SAPSAP Commerce Cloud9.1CRITICALUntrusted XML Document Validation Vulnerability Affects SAP ADS Rendering
CVE-2024-42374SAPSAP Bex Web Java Runti...8.2HIGHUnauthorized Access via REST Endpoint poses High Risk to Confidentiality, Integrity, and Availability
CVE-2024-41730SAPSAP Businessobjects Bu...9.8CRITICALSAP CRM Vulnerability: Authenticated Attacker can Enumerate Accessible HTTP Endpoints
CVE-2024-39598SAPSAP Crm Webclient Ui7.7HIGHSAP Commerce Vulnerability: Misuse of Forgotten Password Functionality Can Grant Access to Non-Isolated Sites
CVE-2024-39597SAPSAP Commerce7.2HIGHDoS Attacks on Repository Services Can Cause High Availability Impact
CVE-2024-34688SAPSAP Netweaver As Java7.5HIGHSAP Financial Consolidation Vulnerability: Untrusted Data Entry via Web Application
CVE-2024-37177SAPSAP Financial Consolid...8.1HIGHUnauthorized File Upload Vulnerability
CVE-2024-33006SAPSAP Netweaver Applicat...👾🟡📰9.6CRITICALSAP Business Objects Platform Vulnerable to Stored XSS Attacks
CVE-2024-28165SAPSAP Businessobjects Bu...8.1HIGHSAP NetWeaver Administrator AS Java Vulnerability Could Lead to Command Injection
CVE-2024-22127SAPSAP Netweaver As Java ...9.1CRITICALSAP Companion Vulnerable to XSS Attack
CVE-2024-22129SAPSAP Companion7.6HIGHAttackers Can Impersonate Genuine Servers to Intercept Sensitive Information in SAP Cloud Connector
CVE-2024-25642SAPSAP Cloud Connector7.4HIGHSAP NetWeaver AS Java Vulnerability Allows Unauthorized Access to Sensitive Data
CVE-2024-24743SAPSAP Netweaver As Java ...8.6HIGHRemote Execution Vulnerability Affects SAP ABA Versions 700-752
CVE-2024-22131SAPSAP Aba (application B...7.2HIGHSAP NetWeaver AS for Java vulnerable to Cross-Site Scripting (XSS)
CVE-2024-22126SAPSAP NetWeaver AS Java ...8.8HIGHCode Injection vulnerability in SAP Application Interface Framework (File Adapter)
CVE-2024-21737SAPSAP Application Interf...8.4HIGHInformation Disclosure vulnerability in Microsoft Edge browser extension (SAP GUI connector for Microsoft Edge)
CVE-2024-22125SAPMicrosoft Edge browser...7.4HIGHImproper Authorization check in SAP LT Replication Server
CVE-2024-21735SAPSAP LT Replication Server7.2HIGHEscalation of Privileges in SAP BTP Security Services Integration Library ([Golang] github.com/sap/cloud-security-client-go)
CVE-2023-50424SAPGithub.com/SAP/cloud-s...9.8CRITICALEscalation of Privileges in SAP BTP Security Services Integration Library ([Java] cloud-security-services-integration-library)
CVE-2023-50422SAPCloud-security-service...9.8CRITICALEscalation of Privileges in SAP BTP Security Services Integration Library ([Node.js] @sap/xssec)
CVE-2023-49583SAP@SAP/xssec9.8CRITICAL