| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-27431 | Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server Java | SAP_SE | SAP NetWeaver Application Server Java | Medium | 5.4 | 2025-03-11 00:37:35 | Deep Dive |
| CVE-2025-27430 | Server Side Request Forgery (SSRF) in SAP CRM and SAP S/4 HANA (Interaction Center) | SAP_SE | SAP CRM and SAP S/4HANA (Interaction Center) | Low | 3.5 | 2025-03-11 00:37:25 | Deep Dive |
| CVE-2025-26661 | Missing Authorization check in SAP NetWeaver (ABAP Class Builder) | SAP_SE | SAP NetWeaver (ABAP Class Builder) | High | 8.8 | 2025-03-11 00:37:12 | Deep Dive |
| CVE-2025-26660 | Broken Access Control in SAP Fiori apps (Posting Library) | SAP_SE | SAP Fiori apps (Posting Library) | Medium | 4.3 | 2025-03-11 00:36:54 | Deep Dive |
| CVE-2025-26659 | Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) | SAP_SE | SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) | Medium | 6.1 | 2025-03-11 00:36:41 | Deep Dive |
| CVE-2025-26658 | Broken Authentication in SAP Business One (Service Layer) | SAP_SE | SAP Business One (Service Layer) | Medium | 6.8 | 2025-03-11 00:35:35 | Deep Dive |
| CVE-2025-26655 | Missing Authorization check in SAP JIT(Outbound) | SAP_SE | SAP Just In Time | Low | 3.1 | 2025-03-11 00:35:06 | Deep Dive |
| CVE-2025-25245 | Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence) | SAP_SE | SAP BusinessObjects Business Intelligence Platform (Web Intelligence) | Medium | 5.4 | 2025-03-11 00:34:56 | Deep Dive |
| CVE-2025-25244 | Missing Authorization Check in SAP Business Warehouse (Process Chains) | SAP_SE | SAP Business Warehouse (Process Chains) | Medium | 5.7 | 2025-03-11 00:34:43 | Deep Dive |
| CVE-2025-25242 | Cross-Site Scripting (XSS) in SAP NetWeaver Application Server ABAP | SAP_SE | SAP NetWeaver Application Server ABAP | Medium | 6.1 | 2025-03-11 00:32:29 | Deep Dive |
| CVE-2025-23194 | Missing Authentication check in SAP NetWeaver Enterprise Portal (OBN component) | SAP_SE | SAP NetWeaver Enterprise Portal (OBN component) | Medium | 5.3 | 2025-03-11 00:32:11 | Deep Dive |
| CVE-2025-23188 | Missing Authorization check in SAP S/4HANA (RBD) | SAP_SE | SAP S/4HANA (RBD) | Medium | 4.3 | 2025-03-11 00:32:02 | Deep Dive |
| CVE-2025-23185 | Information Disclosure in SAP Business Objects Business Intelligence Platform | SAP_SE | SAP Business Objects Business Intelligence Platform | Medium | 4.1 | 2025-03-11 00:31:51 | Deep Dive |
| CVE-2025-0071 | Information Disclosure vulnerability in SAP Web Dispatcher and Internet Communication Manager | SAP_SE | SAP Web Dispatcher and Internet Communication Manager | Medium | 4.9 | 2025-03-11 00:31:35 | Deep Dive |
| CVE-2025-0062 | Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence) | SAP_SE | SAP BusinessObjects Business Intelligence Platform | Medium | 4.7 | 2025-03-11 00:31:19 | Deep Dive |
| CVE-2025-26601 | Xorg: xwayland: use-after-free in syncinittrigger() | - | - | High | 7.8 | 2025-02-25 15:55:37 | Deep Dive |
| CVE-2025-26600 | Xorg: xwayland: use-after-free in playreleasedevents() | - | - | High | 7.8 | 2025-02-25 15:55:20 | Deep Dive |
| CVE-2025-26599 | Xorg: xwayland: use of uninitialized pointer in compredirectwindow() | - | - | High | 7.8 | 2025-02-25 15:55:03 | Deep Dive |
| CVE-2025-26598 | Xorg: xwayland: out-of-bounds write in createpointerbarrierclient() | - | - | High | 7.8 | 2025-02-25 15:54:57 | Deep Dive |
| CVE-2025-26597 | Xorg: xwayland: buffer overflow in xkbchangetypesofkey() | - | - | High | 7.8 | 2025-02-25 15:54:48 | Deep Dive |