Known Vulnerabilities for Netweaver Java Application Server by Sap
Listed below are 6 of the newest known vulnerabilities associated with "Netweaver Java Application Server" by "Sap".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40128 json | SAP NetWeaver Application Server Java (Web Container) allows an unauthenticated attacker to craft a malicious HTTP logon requ... | Not Provided | 2026-06-09 | 2026-06-09 |
| CVE-2026-27674 json | Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java), an unauthenticated attacker... | Not Provided | 2026-04-14 | 2026-04-15 |
| CVE-2019-0275 json | SAML 1.1 SSO Demo Application in SAP NetWeaver Java Application Server (J2EE-APPS), versions 7.10 to 7.11, 7.20, 7.30, 7.31, ... | 5.4 - MEDIUM | 2019-03-12 | 2021-09-09 |
| CVE-2015-4158 json | Not Provided | 2015-06-02 | 2026-05-06 | |
| CVE-2015-2282 json | Not Provided | 2015-06-02 | 2026-05-06 | |
| CVE-2015-2278 json | Not Provided | 2015-06-02 | 2026-05-06 | |
| CVE-2014-8590 json | Not Provided | 2014-11-04 | 2026-05-06 | |
| CVE-2014-3133 json | Not Provided | 2014-04-30 | 2026-05-06 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Sap | Netweaver Java Application Server | - |