Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SAP_SE — Vulnerabilities & Security Advisories 527

Browse all 527 CVE security advisories affecting SAP_SE. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by SAP_SE:SAP BusinessObjects Business Intelligence PlatformSAP NetWeaver Application server for ABAP and ABAP PlatformSAP NetWeaver Application Server for ABAPSAP NetWeaver Application Server ABAPSAP GUI for WindowsSAP NetWeaver Application Server JavaSAP NetWeaver Application Server ABAP and ABAP PlatformSAP Business ConnectorSAP Commerce CloudSAP CRM WebClient UISAP NetWeaver AS ABAP and ABAP PlatformSAP Enable NowSAP Fiori App (Intercompany Balance Reconciliation)SAP Supplier Relationship Management (Live Auction Cockpit)SAP NetWeaver Enterprise PortalSAP NetWeaverSAP Solution ManagerSAP NetWeaver AS JavaSAPCARSAP CommerceSAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML)SAP Business One (SLD)SAP NetWeaver AS for JAVA (Adobe Document Services)SAP HCM (My Timesheet Fiori 2.0 application)SAP Supplier Relationship ManagementSAP CommonCryptoLibSAP BusinessObjects Business Intelligence Platform (Web Intelligence)SAP BusinessObjects Web IntelligenceSAP Cloud ConnectorSAP Financial Consolidation
CVE IDTitleCVSSSeverityPublished
CVE-2026-0511 Multiple vulnerabilities in SAP Fiori App (Intercompany Balance Reconciliation) — SAP Fiori App (Intercompany Balance Reconciliation)CWE-862 8.1 High2026-01-13
CVE-2026-0510 Obsolete Encryption Algorithm Used in NW AS Java UME User Mapping — NW AS Java UME User MappingCWE-326 3.0 Low2026-01-13
CVE-2026-0507 OS Command Injection vulnerability in SAP Application Server for ABAP and SAP NetWeaver RFCSDK — SAP Application Server for ABAP and SAP NetWeaver RFCSDKCWE-78 8.4 High2026-01-13
CVE-2026-0506 Missing Authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform — SAP NetWeaver Application Server ABAP and ABAP PlatformCWE-862 8.1 High2026-01-13
CVE-2026-0504 Insufficient Input Handling in JNDI Operations of SAP Identity Management — SAP Identity ManagementCWE-943 3.8 Low2026-01-13
CVE-2026-0503 Missing Authorization check in in SAP ERP Central Component and SAP S/4HANA (SAP EHS Management) — SAP ERP Central Component and SAP S/4HANA (SAP EHS Management)CWE-862 6.4 Medium2026-01-13
CVE-2026-0501 SQL Injection Vulnerability in SAP S/4HANA Private Cloud and On-Premise (Financials � General Ledger) — SAP S/4HANA Private Cloud and On-Premise (Financials � General Ledger)CWE-89 9.9 Critical2026-01-13
CVE-2026-0500 Remote code execution in SAP Wily Introscope Enterprise Manager (WorkStation) — SAP Wily Introscope Enterprise Manager (WorkStation)CWE-94 9.6 Critical2026-01-13
CVE-2026-0499 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal — SAP NetWeaver Enterprise PortalCWE-79 6.1 Medium2026-01-13
CVE-2026-0498 Code Injection vulnerability in SAP S/4HANA (Private Cloud and On-Premise) — SAP S/4HANA (Private Cloud and On-Premise)CWE-94 9.1 Critical2026-01-13
CVE-2026-0497 Missing Authorization check in Business Server Pages Application (Product Designer Web UI) — Business Server Pages Application (Product Designer Web UI)CWE-862 4.3 Medium2026-01-13
CVE-2026-0496 Multiple vulnerabilities in SAP Fiori App (Intercompany Balance Reconciliation) — SAP Fiori App (Intercompany Balance Reconciliation)CWE-434 6.6 Medium2026-01-13
CVE-2026-0495 Multiple vulnerabilities in SAP Fiori App (Intercompany Balance Reconciliation) — SAP Fiori App (Intercompany Balance Reconciliation)CWE-15 5.1 Medium2026-01-13
CVE-2026-0494 Information Disclosure vulnerability in SAP Fiori App (Intercompany Balance Reconciliation) — SAP Fiori App (Intercompany Balance Reconciliation)CWE-497 4.3 Medium2026-01-13
CVE-2026-0493 Cross-Site Request Forgery (CSRF) vulnerability in SAP Fiori App (Intercompany Balance Reconciliation) — SAP Fiori App (Intercompany Balance Reconciliation)CWE-352 4.3 Medium2026-01-13
CVE-2026-0492 Privilege escalation vulnerability in SAP HANA database — SAP HANA databaseCWE-306 8.8 High2026-01-13
CVE-2026-0491 Code Injection vulnerability in SAP Landscape Transformation — SAP Landscape TransformationCWE-94 9.1 Critical2026-01-13
CVE-2025-42928 Deserialization Vulnerability in SAP jConnect - SDK for ASE — SAP jConnect - SDK for ASECWE-502 9.1 Critical2025-12-09
CVE-2025-42904 Information Disclosure vulnerability in Application Server ABAP — Application Server ABAPCWE-549 6.5 Medium2025-12-09
CVE-2025-42896 Server-Side Request Forgery (SSRF) in SAP BusinessObjects Business Intelligence Platform — SAP BusinessObjects Business Intelligence PlatformCWE-116 5.4 Medium2025-12-09
CVE-2025-42891 Missing Authorization check in SAP Enterprise Search for ABAP — SAP Enterprise Search for ABAPCWE-862 5.5 Medium2025-12-09
CVE-2025-42880 Code Injection vulnerability in SAP Solution Manager — SAP Solution ManagerCWE-94 9.9 Critical2025-12-09
CVE-2025-42878 Sensitive Data Exposure in SAP Web Dispatcher and Internet Communication Manager (ICM) — SAP Web Dispatcher and Internet Communication Manager (ICM)CWE-1244 8.2 High2025-12-09
CVE-2025-42877 Memory Corruption vulnerability in SAP Web Dispatcher, Internet Communication Manager and SAP Content Server — SAP Web Dispatcher, Internet Communication Manager and SAP Content ServerCWE-787 7.5 High2025-12-09
CVE-2025-42876 Missing Authorization Check in SAP S/4 HANA Private Cloud (Financials General Ledger) — SAP S/4 HANA Private Cloud (Financials General Ledger)CWE-405 7.1 High2025-12-09
CVE-2025-42875 Missing Authentication check in SAP NetWeaver Internet Communication Framework — SAP NetWeaver Internet Communication FrameworkCWE-306 6.6 Medium2025-12-09
CVE-2025-42874 Denial of service (DOS) in SAP NetWeaver (remote service for Xcelsius) — SAP NetWeaver (remote service for Xcelsius)CWE-405 7.9 High2025-12-09
CVE-2025-42873 Denial of Service (DoS) in SAPUI5 framework (Markdown-it component) — SAPUI5 framework (Markdown-it component)CWE-405 5.9 Medium2025-12-09
CVE-2025-42872 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal — SAP NetWeaver Enterprise PortalCWE-489 6.1 Medium2025-12-09
CVE-2025-42940 Memory Corruption vulnerability in SAP CommonCryptoLib — SAP CommonCryptoLibCWE-787 7.5 High2025-11-11

This page lists every published CVE security advisory associated with SAP_SE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.