Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SAP_SE — Vulnerabilities & Security Advisories 527

Browse all 527 CVE security advisories affecting SAP_SE. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by SAP_SE:SAP BusinessObjects Business Intelligence PlatformSAP NetWeaver Application server for ABAP and ABAP PlatformSAP NetWeaver Application Server for ABAPSAP NetWeaver Application Server ABAPSAP GUI for WindowsSAP NetWeaver Application Server JavaSAP NetWeaver Application Server ABAP and ABAP PlatformSAP Business ConnectorSAP Commerce CloudSAP CRM WebClient UISAP NetWeaver AS ABAP and ABAP PlatformSAP Enable NowSAP Fiori App (Intercompany Balance Reconciliation)SAP Supplier Relationship Management (Live Auction Cockpit)SAP NetWeaver Enterprise PortalSAP NetWeaverSAP Solution ManagerSAP NetWeaver AS JavaSAPCARSAP CommerceSAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML)SAP Business One (SLD)SAP NetWeaver AS for JAVA (Adobe Document Services)SAP HCM (My Timesheet Fiori 2.0 application)SAP Supplier Relationship ManagementSAP CommonCryptoLibSAP BusinessObjects Business Intelligence Platform (Web Intelligence)SAP BusinessObjects Web IntelligenceSAP Cloud ConnectorSAP Financial Consolidation
CVE IDTitleCVSSSeverityPublished
CVE-2023-36923 Code Injection vulnerability in SAP PowerDesigner — SAP PowerDesignerCWE-94 7.8 High2023-08-08
CVE-2023-33993 SQL Injection vulnerability in SAP Business One B1i Layer — SAP Business One (B1i Layer)CWE-89 7.1 High2023-08-08
CVE-2023-36925 Unauthenticated blind SSRF in SAP Solution Manager (Diagnostics agent) — SAP Solution Manager (Diagnostics agent)CWE-918 7.2 High2023-07-11
CVE-2023-36924 Log Injection vulnerability in SAP ERP Defense Forces and Public Security — SAP ERP Defense Forces and Public SecurityCWE-117 4.9 Medium2023-07-11
CVE-2023-36922 OS command injection vulnerability in SAP ECC and SAP S/4HANA (IS-OIL) — SAP ECC and SAP S/4HANA (IS-OIL)CWE-78 9.1 Critical2023-07-11
CVE-2023-36921 Header Injection in SAP Solution Manager (Diagnostic Agent) — SAP Solution Manager (Diagnostic Agent)CWE-644 7.2 High2023-07-11
CVE-2023-36919 Information Disclosure in SAP Enable Now — SAP Enable NowCWE-213 5.3 Medium2023-07-11
CVE-2023-36918 Cross-Site Scripting vulnerability in SAP Enable Now — SAP Enable NowCWE-79 6.1 Medium2023-07-11
CVE-2023-36917 Password Change rate limit bypass in SAP BusinessObjects Business Intelligence Platform — SAP BusinessObjects Business Intelligence PlatformCWE-307 5.9 Medium2023-07-11
CVE-2023-35874 Improper authentication vulnerability in SAP NetWeaver AS ABAP and ABAP Platform — SAP NetWeaver AS ABAP and ABAP PlatformCWE-306 6.0 Medium2023-07-11
CVE-2023-35873 Missing Authentication check in SAP NetWeaver Process Integration (Runtime Workbench) — SAP NetWeaver Process Integration (Runtime Workbench)CWE-306 6.5 Medium2023-07-11
CVE-2023-35872 Missing Authentication check in SAP NetWeaver Process Integration (Message Display Tool) — SAP NetWeaver Process Integration (Message Display Tool)CWE-306 6.5 Medium2023-07-11
CVE-2023-35871 Memory Corruption vulnerability in SAP Web Dispatcher — SAP Web DispatcherCWE-787 7.7 High2023-07-11
CVE-2023-35870 Improper Access Control in SAP S/4HANA (Manage Journal Entry Template) — SAP S/4HANA (Manage Journal Entry Template)CWE-732 6.3 Medium2023-07-11
CVE-2023-33992 Missing Authorization Check in SAP Business Warehouse and SAP BW/4HANA — SAP Business Warehouse and SAP BW/4HANACWE-862 4.5 Medium2023-07-11
CVE-2023-33990 Denial of Service (DoS) vulnerability in SAP SQL Anywhere — SAP SQL AnywhereCWE-732 7.8 High2023-07-11
CVE-2023-33989 Directory Traversal vulnerability in SAP NetWeaver (BI CONT ADD ON) — SAP NetWeaver (BI CONT ADD ON)CWE-22 8.7 High2023-07-11
CVE-2023-33988 Cross-Site Scripting vulnerability in SAP Enable Now — SAP Enable NowCWE-79 6.1 Medium2023-07-11
CVE-2023-33987 Request smuggling and request concatenation in SAP Web Dispatcher — SAP Web DispatcherCWE-444 8.6 High2023-07-11
CVE-2023-31405 Log Injection vulnerability in SAP NetWeaver AS for Java (Log Viewer) — SAP NetWeaver AS for Java (Log Viewer)CWE-117 5.3 Medium2023-07-11
CVE-2023-33991 Stored Cross-Site Scripting (Stored XSS) vulnerability in SAP UI5 Variant Management — SAP UI5 Variant ManagementCWE-79 8.2 High2023-06-13
CVE-2023-33986 Cross-Site Scripting (XSS) vulnerability in SAP CRM ABAP (Grantor Management) — SAP CRM ABAP (Grantor Management)CWE-79 6.1 Medium2023-06-13
CVE-2023-33985 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal — SAP NetWeaver Enterprise PortalCWE-79 6.1 Medium2023-06-13
CVE-2023-33984 Cross-Site Scripting (XSS) vulnerability in NetWeaver (Design Time Repository) — SAP NetWeaver (Design Time Repository)CWE-79 6.4 Medium2023-06-13
CVE-2023-32115 SQL Injection in Master Data Synchronization (MDS COMPARE TOOL) — Master Data Synchronization (MDS COMPARE TOOL)CWE-89 4.2 Medium2023-06-13
CVE-2023-32114 Denial of Service in SAP NetWeaver — SAP NetWeaver (Change and Transport System)CWE-732 2.7 Low2023-06-13
CVE-2023-2827 Missing Authentication in SAP Plant Connectivity and Production Connector for SAP Digital — SAP Plant ConnectivityCWE-306 7.9 High2023-06-13
CVE-2023-32112 Missing Authorization Check in Vendor Master Hierarchy — Vendor Master HierarchyCWE-862 2.8 Low2023-05-09
CVE-2023-32113 Information Disclosure vulnerability in SAP GUI for Windows — SAP GUI for WindowsCWE-200 7.5 High2023-05-09
CVE-2023-32111 Memory Corruption vulnerability in SAP PowerDesigner (Proxy) — SAP PowerDesigner (Proxy)CWE-787 7.5 High2023-05-09

This page lists every published CVE security advisory associated with SAP_SE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.