SAP Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by sap
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Cross-Site Scripting Vulnerability in SAP Commerce by SAP
CVE-2025-27434SAPSAP Commerce (swagger Ui)8.8HIGHPrivilege Escalation Vulnerability in SAP NetWeaver by SAP
CVE-2025-26661SAPSAP Netweaver (abap Cl...8.8HIGHFile Download Vulnerability in SAP Supplier Relationship Management
CVE-2025-25243SAPSAP Supplier Relations...8.6HIGHAuthentication Bypass in SAP Approuter Node.js Package
CVE-2025-24876SAPSAP Approuter Node.js ...8.1HIGHInsufficient URL Validation in SAP HANA XS Advanced Model
CVE-2025-24868SAPSAP Hana Extended Appl...7.1HIGHVulnerability in SAP BusinessObjects Central Management Console Allows User Impersonation
CVE-2025-0064SAPSAP Businessobjects Bu...8.7HIGHSAP NetWeaver Application Server ABAP Vulnerability: Authenticated Attacker Can Access Remote Services
CVE-2024-54198SAPSAP Netweaver Applicat...8.5HIGHSAP NetWeaver Administrator Vulnerability Allows HTTP Endpoint Enumeration and SSRF Attacks
CVE-2024-54197SAPSAP Netweaver Administ...7.2HIGHAdobe Document Service Vulnerability Allows Server-Side Request Forgery
CVE-2024-47578SAPSAP Netweaver As For J...9.1CRITICALAttacker Could Replace Local Files, Causing High Impact on Confidentiality and Integrity
CVE-2024-47595SAPSAP Host Agent7.1HIGHOCC API Endpoints Vulnerable to PII Data Exposure
CVE-2024-33003SAPSAP Commerce Cloud9.1CRITICALUntrusted XML Document Validation Vulnerability Affects SAP ADS Rendering
CVE-2024-42374SAPSAP Bex Web Java Runti...8.2HIGHUnauthorized Access via REST Endpoint poses High Risk to Confidentiality, Integrity, and Availability
CVE-2024-41730SAPSAP Businessobjects Bu...9.8CRITICALSAP CRM Vulnerability: Authenticated Attacker can Enumerate Accessible HTTP Endpoints
CVE-2024-39598SAPSAP Crm Webclient Ui7.7HIGHSAP Commerce Vulnerability: Misuse of Forgotten Password Functionality Can Grant Access to Non-Isolated Sites
CVE-2024-39597SAPSAP Commerce7.2HIGHDoS Attacks on Repository Services Can Cause High Availability Impact
CVE-2024-34688SAPSAP Netweaver As Java7.5HIGHSAP Financial Consolidation Vulnerability: Untrusted Data Entry via Web Application
CVE-2024-37177SAPSAP Financial Consolid...8.1HIGHUnauthorized File Upload Vulnerability
CVE-2024-33006SAPSAP Netweaver Applicat...πΎπ°9.6CRITICALSAP Business Objects Platform Vulnerable to Stored XSS Attacks
CVE-2024-28165SAPSAP Businessobjects Bu...8.1HIGHSecurity Vulnerability in Self-Registration and Profile Modification in NetWeaver AS Java
CVE-2024-27899SAPSAP Netweaver As Java ...π°8.8HIGHSAP NetWeaver Administrator AS Java Vulnerability Could Lead to Command Injection
CVE-2024-22127SAPSAP Netweaver As Java ...9.1CRITICALSAP Companion Vulnerable to XSS Attack
CVE-2024-22129SAPSAP Companion7.6HIGHAttackers Can Impersonate Genuine Servers to Intercept Sensitive Information in SAP Cloud Connector
CVE-2024-25642SAPSAP Cloud Connector7.4HIGHSAP NetWeaver AS Java Vulnerability Allows Unauthorized Access to Sensitive Data
CVE-2024-24743SAPSAP Netweaver As Java ...8.6HIGHRemote Execution Vulnerability Affects SAP ABA Versions 700-752
CVE-2024-22131SAPSAP Aba (application B...7.2HIGH