Known Vulnerabilities for products from SAP
Listed below are 20 of the newest known vulnerabilities associated with the vendor "SAP".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34264 json | During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messages. Due to thi... | Not Provided | 2026-04-14 | 2026-05-04 |
| CVE-2026-34262 json | Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer | Not Provided | 2026-04-14 | 2026-05-04 |
| CVE-2026-27679 json | Due to missing authorization checks in the SAP S/4HANA frontend OData Service (Manage Reference Structures), an attacker coul... | Not Provided | 2026-04-14 | 2026-05-04 |
| CVE-2024-22125 json | 7.5 - HIGH | 2024-01-09 | 2024-01-12 | |
| CVE-2024-22124 json | 7.5 - HIGH | 2024-01-09 | 2024-01-22 | |
| CVE-2024-21738 json | 5.4 - MEDIUM | 2024-01-09 | 2024-01-11 | |
| CVE-2024-21737 json | 9.1 - CRITICAL | 2024-01-09 | 2024-01-16 | |
| CVE-2024-21736 json | 6.5 - MEDIUM | 2024-01-09 | 2024-01-19 | |
| CVE-2024-21735 json | 7.2 - HIGH | 2024-01-09 | 2024-01-30 | |
| CVE-2024-21734 json | 5.4 - MEDIUM | 2024-01-09 | 2024-01-12 | |
| CVE-2023-42480 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2023-11-14 | 2023-11-20 |
| CVE-2023-42477 json | SAP NetWeaver AS Java (GRMG Heartbeat application) - version 7.50, allows an attacker to send a crafted request from a vulne... | 6.5 - MEDIUM | 2023-10-10 | 2023-10-16 |
| CVE-2023-42475 json | The Statutory Reporting application has a vulnerable file storage location, potentially enabling low privileged attacker to r... | 4.3 - MEDIUM | 2023-10-10 | 2023-10-11 |
| CVE-2023-42474 json | SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The atta... | 5.4 - MEDIUM | 2023-10-10 | 2023-10-11 |
| CVE-2023-42473 json | S/4HANA Manage (Withholding Tax Items) - version 106, does not perform necessary authorization checks for an authenticated u... | 5.4 - MEDIUM | 2023-10-10 | 2023-10-11 |
| CVE-2023-42472 json | Due to insufficient file type validation, SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interfac... | 7.3 - HIGH | 2023-09-12 | 2023-09-13 |
| CVE-2023-41369 json | The Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, 107, 108, allows an attac... | 4.3 - MEDIUM | 2023-09-12 | 2023-09-14 |
| CVE-2023-41368 json | The OData service of the S4 HANA (Manage checkbook apps) - versions 102, 103, 104, 105, 106, 107, allows an attacker to chang... | 5.3 - MEDIUM | 2023-09-12 | 2023-09-14 |
| CVE-2023-41367 json | Due to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver (Guided Procedures) - ver... | 5.3 - MEDIUM | 2023-09-12 | 2023-09-13 |
| CVE-2023-41366 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2023-11-14 | 2023-11-20 |
Known software with vulnerabilities from SAP
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Sap | 3d Visual Enterprise Viewer | - |
| Application | Sap | Abap Platform | 7.31 |
| Application | Sap | Activex Viewer | 1.0.0 |
| Application | Sap | Adaptive Extensions | 1.0 |
| Application | Sap | Adaptive Server Enterprise | 15.7 |
| Application | Sap | Adaptive Server Enterprise Backup Server | 16.0 |
| Application | Sap | Adaptive Server Enterprise Cockpit | 16.0 |
| Application | Sap | Adminadapter | - |
| Application | Sap | Afaria | 7.0 |
| Application | Sap | Agentry Sdk | 7.1 |
| Application | Sap | Application Server | 2008_1_46c |
| Application | Sap | Application Server Java | 7.2 |
| Application | Sap | Background Processing | - |
| Application | Sap | Banking Services | 400 |
| Application | Sap | Bank Analyzer | 500 |
| Application | Sap | Basis | 7.0 |
| Application | Sap | Basis Communication Services | 4.6 |
| Application | Sap | Bi Launchpad | - |
| Application | Sap | Bi Universal Data Integration | - |
| Application | Sap | Businessobjects | - |