Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SAP_SE — Vulnerabilities & Security Advisories 527

Browse all 527 CVE security advisories affecting SAP_SE. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by SAP_SE:SAP BusinessObjects Business Intelligence PlatformSAP NetWeaver Application server for ABAP and ABAP PlatformSAP NetWeaver Application Server for ABAPSAP NetWeaver Application Server ABAPSAP GUI for WindowsSAP NetWeaver Application Server JavaSAP NetWeaver Application Server ABAP and ABAP PlatformSAP Business ConnectorSAP Commerce CloudSAP CRM WebClient UISAP NetWeaver AS ABAP and ABAP PlatformSAP Enable NowSAP Fiori App (Intercompany Balance Reconciliation)SAP Supplier Relationship Management (Live Auction Cockpit)SAP NetWeaver Enterprise PortalSAP NetWeaverSAP Solution ManagerSAP NetWeaver AS JavaSAPCARSAP CommerceSAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML)SAP Business One (SLD)SAP NetWeaver AS for JAVA (Adobe Document Services)SAP HCM (My Timesheet Fiori 2.0 application)SAP Supplier Relationship ManagementSAP CommonCryptoLibSAP BusinessObjects Business Intelligence Platform (Web Intelligence)SAP BusinessObjects Web IntelligenceSAP Cloud ConnectorSAP Financial Consolidation
CVE IDTitleCVSSSeverityPublished
CVE-2024-22128 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Business Client for HTML — SAP NetWeaver Business Client for HTMLCWE-79 4.7 Medium2024-02-13
CVE-2024-22126 Cross Site Scripting vulnerability in SAP NetWeaver AS Java (User Admin Application) — SAP NetWeaver AS Java (User Admin Application)CWE-79 6.1 Medium2024-02-13
CVE-2024-22125 Information Disclosure vulnerability in Microsoft Edge browser extension (SAP GUI connector for Microsoft Edge) — Microsoft Edge browser extension (SAP GUI connector for Microsoft Edge)CWE-497 7.4 High2024-01-09
CVE-2024-22124 Information Disclosure vulnerability in SAP NetWeaver Internet Communication Manager — SAP NetWeaver (Internet Communication Manager)CWE-497 4.1 Medium2024-01-09
CVE-2024-21738 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Application Server and ABAP Platform — SAP NetWeaver ABAP Application Server and ABAP PlatformCWE-79 4.1 Medium2024-01-09
CVE-2024-21737 Code Injection vulnerability in SAP Application Interface Framework (File Adapter) — SAP Application Interface Framework (File Adapter)CWE-94 8.4 High2024-01-09
CVE-2024-21736 Missing Authorization check in SAP S/4HANA Finance (Advanced Payment Management) — SAP S/4HANA Finance (Advanced Payment Management)CWE-863 6.4 Medium2024-01-09
CVE-2024-21735 Improper Authorization check in SAP LT Replication Server — SAP LT Replication ServerCWE-863 7.3 High2024-01-09
CVE-2024-21734 URL Redirection vulnerability in SAP Marketing (Contacts App) — SAP Marketing (Contacts App)CWE-601 3.7 Low2024-01-09
CVE-2023-50424 Escalation of Privileges in SAP BTP Security Services Integration Library ([Golang] github.com/sap/cloud-security-client-go) — github.com/sap/cloud-security-client-goCWE-749 9.1 Critical2023-12-12
CVE-2023-50423 Escalation of Privileges in SAP BTP Security Services Integration Library ([Python] cloud-pysec) — sap-xssecCWE-749 9.1 Critical2023-12-12
CVE-2023-6542 Improper Export of Android Application Components in SAP EMARSYS SDK ANDROID — SAP EMARSYS SDK ANDROIDCWE-863 7.1 High2023-12-12
CVE-2023-49587 Command Injection vulnerability in SAP Solution Manager — SAP Solution ManagerCWE-77 6.4 Medium2023-12-12
CVE-2023-49584 Client-Side Desynchronization vulnerability in SAP Fiori Launchpad — SAP Fiori LaunchpadCWE-444 4.3 Medium2023-12-12
CVE-2023-50422 Escalation of Privileges in SAP BTP Security Services Integration Library ([Java] cloud-security-services-integration-library) — cloud-security-services-integration-libraryCWE-749 9.1 Critical2023-12-12
CVE-2023-49583 Escalation of Privileges in SAP BTP Security Services Integration Library ([Node.js] @sap/xssec) — @sap/xssecCWE-749 9.1 Critical2023-12-12
CVE-2023-49581 SQL Injection vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform — SAP NetWeaver Application Server ABAP and ABAP PlatformCWE-89 4.1 Medium2023-12-12
CVE-2023-49580 Information disclosure in SAP GUI for Windows and SAP GUI for Java — SAP GUI for Windows and SAP GUI for JavaCWE-732 7.3 High2023-12-12
CVE-2023-49578 Denial of service (DOS) in SAP Cloud Connector — SAP Cloud ConnectorCWE-732 3.5 Low2023-12-12
CVE-2023-49577 Cross-Site Scripting (XSS) vulnerability in the SAP HCM (SMART PAYE solution) — SAP HCM (SMART PAYE solution)CWE-79 6.1 Medium2023-12-12
CVE-2023-49058 Directory Traversal vulnerability in SAP Master Data Governance — SAP Master Data GovernanceCWE-22 3.5 Low2023-12-12
CVE-2023-42481 Improper Access Control vulnerability in SAP Commerce Cloud — SAP Commerce CloudCWE-640 8.1 High2023-12-12
CVE-2023-42479 Cross-Site Scripting (XSS) vulnerability in SAP Biller Direct — SAP Biller DirectCWE-79 6.1 Medium2023-12-12
CVE-2023-42478 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform — Business Objects BI PlatformCWE-79 7.5 High2023-12-12
CVE-2023-42476 Cross Site Scripting vulnerability in SAP BusinessObjects Web Intelligence — SAP BusinessObjects Web IntelligenceCWE-79 6.8 Medium2023-12-12
CVE-2023-42480 Information Disclosure in NetWeaver AS Java Logon — NetWeaver AS JavaCWE-307 5.3 Medium2023-11-14
CVE-2023-41366 Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform — SAP NetWeaver Application Server ABAP and ABAP PlatformCWE-497 5.3 Medium2023-11-14
CVE-2023-31403 Improper Access Control vulnerability in SAP Business One product installation — SAP Business OneCWE-863 9.6 Critical2023-11-14
CVE-2023-42477 Server-Side Request Forgery in SAP NetWeaver AS Java (GRMG Heartbeat application) — SAP NetWeaver AS JavaCWE-918 6.5 Medium2023-10-10
CVE-2023-42475 Information Disclosure Vulnerability in Statutory Reporting — SAP S/4HANA CoreCWE-209 4.3 Medium2023-10-10

This page lists every published CVE security advisory associated with SAP_SE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.