| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-30016 | Authentication Bypass Vulnerability in SAP Financial Consolidation | SAP_SE | SAP Financial Consolidation | Critical | 9.8 | 2025-04-08 07:14:52 | Deep Dive |
| CVE-2025-30015 | Memory Corruption vulnerability in SAP NetWeaver and ABAP Platform (Application Server ABAP) | SAP_SE | SAP NetWeaver and ABAP Platform (Application Server ABAP) | Medium | 4.1 | 2025-04-08 07:14:37 | Deep Dive |
| CVE-2025-30014 | Directory Traversal vulnerability in SAP Capital Yield Tax Management | SAP_SE | SAP Capital Yield Tax Management | High | 7.7 | 2025-04-08 07:14:26 | Deep Dive |
| CVE-2025-30013 | Code Injection vulnerability in SAP ERP BW Business Content | SAP_SE | SAP ERP BW Business Content | Medium | 6.7 | 2025-04-08 07:14:08 | Deep Dive |
| CVE-2025-27437 | Missing Authorization check in SAP NetWeaver Application Server ABAP (Virus Scan Interface) | SAP_SE | SAP NetWeaver Application Server ABAP (Virus Scan Interface) | Medium | 4.3 | 2025-04-08 07:13:58 | Deep Dive |
| CVE-2025-27435 | Information Disclosure Vulnerability in SAP Commerce Cloud | SAP_SE | SAP Commerce Cloud | Medium | 4.2 | 2025-04-08 07:13:49 | Deep Dive |
| CVE-2025-27429 | Code Injection Vulnerability in SAP S/4HANA (Private Cloud or On-Premise) | SAP_SE | SAP S/4HANA (Private Cloud) | Critical | 9.9 | 2025-04-08 07:13:38 | Deep Dive |
| CVE-2025-27428 | Directory Traversal vulnerability in SAP NetWeaver and ABAP Platform (Service Data Collection) | SAP_SE | SAP NetWeaver and ABAP Platform (Service Data Collection) | High | 7.7 | 2025-04-08 07:13:27 | Deep Dive |
| CVE-2025-26657 | Information Disclosure vulnerability in SAP KMC WPC | SAP_SE | SAP KMC WPC | Medium | 5.3 | 2025-04-08 07:13:17 | Deep Dive |
| CVE-2025-26654 | Potential information disclosure vulnerability in SAP Commerce Cloud (Public Cloud) | SAP_SE | SAP Commerce Cloud (Public Cloud) | Medium | 6.8 | 2025-04-08 07:13:04 | Deep Dive |
| CVE-2025-26653 | Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) | SAP_SE | SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) | Medium | 4.7 | 2025-04-08 07:10:34 | Deep Dive |
| CVE-2025-23186 | Mixed Dynamic RFC Destination vulnerability through Remote Function Call (RFC) in SAP NetWeaver Application Server ABAP | SAP_SE | SAP NetWeaver Application Server ABAP | High | 8.5 | 2025-04-08 07:10:22 | Deep Dive |
| CVE-2025-32049 | Libsoup: denial of service attack to websocket server | - | - | High | 7.5 | 2025-04-03 13:36:13 | Deep Dive |
| CVE-2025-3155 | Yelp: arbitrary file read | - | - | High | 7.4 | 2025-04-03 13:34:19 | Deep Dive |
| CVE-2025-2784 | Libsoup: heap buffer over-read in `skip_insignificant_space` when sniffing content | - | - | High | 7.0 | 2025-04-03 01:40:12 | Deep Dive |
| CVE-2024-8176 | Libexpat: expat: improper restriction of xml entity expansion depth in libexpat | - | - | High | 7.5 | 2025-03-14 08:19:49 | Deep Dive |
| CVE-2025-27436 | Broken Access Control vulnerabilities in SAP S/4HANA (Manage Bank Statements) | SAP_SE | SAP S/4HANA (Manage Bank Statements) | Medium | 4.3 | 2025-03-11 00:39:14 | Deep Dive |
| CVE-2025-27434 | Cross-Site Scripting (XSS) vulnerability in SAP Commerce (Swagger UI) | SAP_SE | SAP Commerce (Swagger UI) | High | 8.8 | 2025-03-11 00:39:02 | Deep Dive |
| CVE-2025-27433 | Broken Access Control vulnerabilities in SAP S/4HANA (Manage Bank Statements) | SAP_SE | SAP S/4HANA (Manage Bank Statements) | Medium | 4.3 | 2025-03-11 00:38:51 | Deep Dive |
| CVE-2025-27432 | Missing Authorization check in SAP Electronic Invoicing for Brazil (eDocument Cockpit) | SAP_SE | SAP Electronic Invoicing for Brazil (eDocument Cockpit) | Low | 2.4 | 2025-03-11 00:38:37 | Deep Dive |