Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SAP_SE — Vulnerabilities & Security Advisories 527

Browse all 527 CVE security advisories affecting SAP_SE. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by SAP_SE:SAP BusinessObjects Business Intelligence PlatformSAP NetWeaver Application server for ABAP and ABAP PlatformSAP NetWeaver Application Server for ABAPSAP NetWeaver Application Server ABAPSAP GUI for WindowsSAP NetWeaver Application Server JavaSAP NetWeaver Application Server ABAP and ABAP PlatformSAP Business ConnectorSAP Commerce CloudSAP CRM WebClient UISAP NetWeaver AS ABAP and ABAP PlatformSAP Enable NowSAP Fiori App (Intercompany Balance Reconciliation)SAP Supplier Relationship Management (Live Auction Cockpit)SAP NetWeaver Enterprise PortalSAP NetWeaverSAP Solution ManagerSAP NetWeaver AS JavaSAPCARSAP CommerceSAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML)SAP Business One (SLD)SAP NetWeaver AS for JAVA (Adobe Document Services)SAP HCM (My Timesheet Fiori 2.0 application)SAP Supplier Relationship ManagementSAP CommonCryptoLibSAP BusinessObjects Business Intelligence Platform (Web Intelligence)SAP BusinessObjects Web IntelligenceSAP Cloud ConnectorSAP Financial Consolidation
CVE IDTitleCVSSSeverityPublished
CVE-2023-42474 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Web Intelligence — SAP BusinessObjects Web IntelligenceCWE-79 6.8 Medium2023-10-10
CVE-2023-42473 Missing Authorization Check In S/4HANA (Manage Withholding Tax Items) — S/4HANA (Manage Withholding Tax Items)CWE-862 5.4 Medium2023-10-10
CVE-2023-41365 Information Disclosure vulnerability in SAP Business One (B1i) — SAP Business One (B1i)CWE-611 4.3 Medium2023-10-10
CVE-2023-40310 Missing XML Validation vulnerability in SAP PowerDesigner Client BPMN2 import — SAP PowerDesigner ClientCWE-112 6.5 Medium2023-10-10
CVE-2023-40309 Missing Authorization check in SAP CommonCryptoLib — SAP CommonCryptoLibCWE-863 9.8 Critical2023-09-12
CVE-2023-40621 Code Injection vulnerability in SAP PowerDesigner Client — SAP PowerDesigner ClientCWE-94 6.3 Medium2023-09-12
CVE-2023-40622 Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Promotion Management) — SAP BusinessObjects Business Intelligence Platform (Promotion Management)CWE-732 9.9 Critical2023-09-12
CVE-2023-40623 Arbitrary File Delete via Directory Junction in SAP BusinessObjects Suite(installer) — SAP BusinessObjects Suite (Installer)CWE-1386 6.2 Medium2023-09-12
CVE-2023-40624 Code Injection vulnerability in SAP NetWeaver AS ABAP (applications based on Unified Rendering) — SAP NetWeaver AS ABAP (applications based on Unified Rendering)CWE-79 5.5 Medium2023-09-12
CVE-2023-40625 Missing Authorization check in SAP Manage Purchase Contracts App — SAP Manage Purchase Contracts AppCWE-862 5.4 Medium2023-09-12
CVE-2023-41367 Missing Authentication check in SAP NetWeaver (Guided Procedures) — SAP NetWeaver (Guided Procedures)CWE-306 5.3 Medium2023-09-12
CVE-2023-41368 Insecure Direct Object Reference (IDOR) vulnerability in S4 HANA (Manage checkbook apps) — S4 HANA ABAP (Manage checkbook apps)CWE-639 2.7 Low2023-09-12
CVE-2023-41369 External Entity Loop vulnerability in SAP S/4HANA (Create Single Payment application) — SAP S/4HANA (Create Single Payment application)CWE-611 3.5 Low2023-09-12
CVE-2023-42472 Insufficient File type validation in SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) — SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface)CWE-434 8.7 High2023-09-12
CVE-2023-40308 Memory Corruption vulnerability in SAP CommonCryptoLib — SAP CommonCryptoLibCWE-787 7.5 High2023-09-12
CVE-2023-37489 Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Version Management System) — SAP BusinessObjects Business Intelligence Platform (Version Management System)CWE-209 5.3 Medium2023-09-12
CVE-2023-39438 Missing Authorization check allows certain operations on CLA Assistant data — CLA AssistantCWE-862 8.1 High2023-08-15
CVE-2023-37486 Information Disclosure vulnerability in SAP Commerce (OCC API) — SAP Commerce (OCC API)CWE-524 5.9 Medium2023-08-08
CVE-2023-39440 Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform — SAP BusinessObjects Business IntelligenceCWE-312 4.4 Medium2023-08-08
CVE-2023-39439 SAP Commerce accepts empty passphrases. — SAP CommerceCWE-258 8.8 High2023-08-08
CVE-2023-39437 Cross-Site Scripting (XSS) vulnerability in SAP Business One — SAP Business OneCWE-79 7.6 High2023-08-08
CVE-2023-39436 Information Disclosure in SAP Supplier Relationship Management — SAP Supplier Relationship ManagementCWE-306 5.8 Medium2023-08-08
CVE-2023-37492 Missing Authorization check in SAP NetWeaver AS ABAP and ABAP Platform — SAP NetWeaver AS ABAP and ABAP PlatformCWE-863 4.9 Medium2023-08-08
CVE-2023-37491 Improper Authorization check vulnerability in SAP Message Server — SAP Message ServerCWE-863 7.5 High2023-08-08
CVE-2023-37490 Binary hijack in SAP BusinessObjects Business Intelligence (Installer) — SAP BusinessObjects Business Intelligence (Installer)CWE-427 7.6 High2023-08-08
CVE-2023-37488 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Process Integration — SAP NetWeaver Process IntegrationCWE-79 6.1 Medium2023-08-08
CVE-2023-37487 Security misconfiguration vulnerability in SAP Business One (Service Layer) — SAP Business One (Service Layer)CWE-497 5.3 Medium2023-08-08
CVE-2023-37484 Information Disclosure Vulnerabilities in SAP PowerDesigner — SAP PowerDesignerCWE-327 5.3 Medium2023-08-08
CVE-2023-37483 Improper Access Control Vulnerabilities in SAP PowerDesigner — SAP PowerDesignerCWE-306 9.8 Critical2023-08-08
CVE-2023-36926 Information disclosure vulnerability in SAP Host Agent — SAP Host AgentCWE-306 3.7 Low2023-08-08

This page lists every published CVE security advisory associated with SAP_SE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.