Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SAP_SE — Vulnerabilities & Security Advisories 527

Browse all 527 CVE security advisories affecting SAP_SE. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by SAP_SE:SAP BusinessObjects Business Intelligence PlatformSAP NetWeaver Application server for ABAP and ABAP PlatformSAP NetWeaver Application Server for ABAPSAP NetWeaver Application Server ABAPSAP GUI for WindowsSAP NetWeaver Application Server JavaSAP NetWeaver Application Server ABAP and ABAP PlatformSAP Business ConnectorSAP Commerce CloudSAP CRM WebClient UISAP NetWeaver AS ABAP and ABAP PlatformSAP Enable NowSAP Fiori App (Intercompany Balance Reconciliation)SAP Supplier Relationship Management (Live Auction Cockpit)SAP NetWeaver Enterprise PortalSAP NetWeaverSAP Solution ManagerSAP NetWeaver AS JavaSAPCARSAP CommerceSAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML)SAP Business One (SLD)SAP NetWeaver AS for JAVA (Adobe Document Services)SAP HCM (My Timesheet Fiori 2.0 application)SAP Supplier Relationship ManagementSAP CommonCryptoLibSAP BusinessObjects Business Intelligence Platform (Web Intelligence)SAP BusinessObjects Web IntelligenceSAP Cloud ConnectorSAP Financial Consolidation
CVE IDTitleCVSSSeverityPublished
CVE-2025-27432 Missing Authorization check in SAP Electronic Invoicing for Brazil (eDocument Cockpit) — SAP Electronic Invoicing for Brazil (eDocument Cockpit)CWE-862 2.4 Low2025-03-11
CVE-2025-27431 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server Java — SAP NetWeaver Application Server JavaCWE-79 5.4 Medium2025-03-11
CVE-2025-27430 Server Side Request Forgery (SSRF) in SAP CRM and SAP S/4 HANA (Interaction Center) — SAP CRM and SAP S/4HANA (Interaction Center)CWE-918 3.5 Low2025-03-11
CVE-2025-26661 Missing Authorization check in SAP NetWeaver (ABAP Class Builder) — SAP NetWeaver (ABAP Class Builder)CWE-862 8.8 High2025-03-11
CVE-2025-26660 Broken Access Control in SAP Fiori apps (Posting Library) — SAP Fiori apps (Posting Library)CWE-639 4.3 Medium2025-03-11
CVE-2025-26659 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) — SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML)CWE-79 6.1 Medium2025-03-11
CVE-2025-26658 Broken Authentication in SAP Business One (Service Layer) — SAP Business One (Service Layer)CWE-384 6.8 Medium2025-03-11
CVE-2025-26656 Missing Authorization check in S/4HANA (Manage Purchasing Info Records) — S/4HANA (Manage Purchasing Info Records)CWE-862 4.3 Medium2025-03-11
CVE-2025-26655 Missing Authorization check in SAP JIT(Outbound) — SAP Just In TimeCWE-862 3.1 Low2025-03-11
CVE-2025-25245 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence) — SAP BusinessObjects Business Intelligence Platform (Web Intelligence)CWE-79 5.4 Medium2025-03-11
CVE-2025-25244 Missing Authorization Check in SAP Business Warehouse (Process Chains) — SAP Business Warehouse (Process Chains)CWE-862 5.7 Medium2025-03-11
CVE-2025-25242 Cross-Site Scripting (XSS) in SAP NetWeaver Application Server ABAP — SAP NetWeaver Application Server ABAPCWE-79 6.1 Medium2025-03-11
CVE-2025-23194 Missing Authentication check in SAP NetWeaver Enterprise Portal (OBN component) — SAP NetWeaver Enterprise Portal (OBN component)CWE-306 5.3 Medium2025-03-11
CVE-2025-23188 Missing Authorization check in SAP S/4HANA (RBD) — SAP S/4HANA (RBD)CWE-862 4.3 Medium2025-03-11
CVE-2025-23185 Information Disclosure in SAP Business Objects Business Intelligence Platform — SAP Business Objects Business Intelligence PlatformCWE-209 4.1 Medium2025-03-11
CVE-2025-0071 Information Disclosure vulnerability in SAP Web Dispatcher and Internet Communication Manager — SAP Web Dispatcher and Internet Communication ManagerCWE-532 4.9 Medium2025-03-11
CVE-2025-0062 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence) — SAP BusinessObjects Business Intelligence PlatformCWE-79 4.7 Medium2025-03-11
CVE-2025-25243 Path traversal vulnerability in SAP Supplier Relationship Management (Master Data Management Catalog) — SAP Supplier Relationship Management (Master Data Management Catalog)CWE-22 8.6 High2025-02-11
CVE-2025-25241 Missing Authorization check in SAP Fiori Apps Reference Library (My Overtime Requests) — SAP Fiori Apps Reference Library (My Overtime Requests)CWE-862 5.4 Medium2025-02-11
CVE-2025-24876 Authentication bypass via authorization code injection in SAP Approuter — SAP Approuter Node.js packageCWE-1287 8.1 High2025-02-11
CVE-2025-24875 SameSite Defense in Depth not applied for some cookies in SAP Commerce — SAP CommerceCWE-352 6.8 Medium2025-02-11
CVE-2025-24874 Missing Defense in Depth Against Clickjacking in SAP Commerce Backoffice — SAP Commerce (Backoffice)CWE-1021 6.8 Medium2025-02-11
CVE-2025-24872 Missing Authorization check in SAP ABAP Platform (ABAP Build Framework) — SAP ABAP Platform (ABAP Build Framework)CWE-863 4.3 Medium2025-02-11
CVE-2025-24870 Insecure Key & Secret Management vulnerability in SAP GUI for Windows — SAP GUI for WindowsCWE-921 6.0 Medium2025-02-11
CVE-2025-24869 Information Disclosure vulnerability in SAP NetWeaver Application Server Java — SAP NetWeaver Application Server JavaCWE-863 4.3 Medium2025-02-11
CVE-2025-24868 Open Redirect Vulnerability in SAP HANA extended application services, advanced model (User Account and Authentication Services) — SAP HANA extended application services, advanced model (User Account and Authentication Services)CWE-601 7.1 High2025-02-11
CVE-2025-24867 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence platform (BI Launchpad) — SAP BusinessObjects Platform (BI Launchpad)CWE-79 6.1 Medium2025-02-11
CVE-2025-23193 Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP — SAP NetWeaver Server ABAPCWE-204 5.3 Medium2025-02-11
CVE-2025-23191 Cache Poisoning through header manipulation vulnerability in SAP Fiori for SAP ERP — SAP Fiori for SAP ERPCWE-644 3.1 Low2025-02-11
CVE-2025-23190 Missing Authorization check in SAP NetWeaver and ABAP platform (ST-PI) — SAP NetWeaver and ABAP platform (ST-PI)CWE-862 4.3 Medium2025-02-11

This page lists every published CVE security advisory associated with SAP_SE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.