Browse all 778 CVE security advisories affecting SAP SE. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SAP SE develops enterprise resource planning software that manages business processes for large organizations globally. With 778 recorded CVEs, its attack surface reflects the complexity of its extensive codebase. Historically, vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation or insecure default configurations. These flaws allow attackers to bypass authentication, access sensitive data, or execute arbitrary commands on affected systems. Notable incidents include critical flaws in SAP NetWeaver and SAP HANA, which have been actively exploited in the wild. The company maintains a rigorous security response program, issuing regular patches for identified weaknesses. However, the sheer volume of integrations and legacy components continues to present challenges for comprehensive vulnerability management. Organizations deploying SAP solutions must prioritize timely patching and strict access controls to mitigate these persistent risks effectively.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2019-0403 | SAP Enable Now 输入验证错误漏洞 — SAP Enable Now | 8.8 | - | 2019-12-11 |
| CVE-2019-0402 | SAP Adaptive Server Enterprise 信息泄露漏洞 — SAP Adaptive Server Enterprise | 4.4 | - | 2019-12-11 |
| CVE-2019-0399 | SAP Portfolio and Project Management 信息泄露漏洞 — SAP Portfolio and Project Management (S4CORE) | 6.5 | - | 2019-12-11 |
| CVE-2019-0398 | SAP BusinessObjects Business Intelligence Platform 跨站请求伪造漏洞 — SAP BusinessObjects Business Intelligence Platform (Monitoring Application) | 8.8 | - | 2019-12-11 |
| CVE-2019-0395 | SAP BusinessObjects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform (Fiori BI Launchpad) | 5.4 | - | 2019-12-11 |
| CVE-2019-0386 | SAP ERP Sales和S4HANA Sales 安全漏洞 — SAP ERP Sales (SAP_APPL) | 8.8 | - | 2019-11-13 |
| CVE-2019-0396 | SAP BusinessObjects Business Intelligence Platform 输入验证错误漏洞 — SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) | 7.1 | - | 2019-11-13 |
| CVE-2019-0388 | SAP UI UI5 HTTP Handler 安全漏洞 — SAP UI | 5.3 | - | 2019-11-13 |
| CVE-2019-0391 | SAP NetWeaver Application Server Java 信息泄露漏洞 — SAP NetWeaver AS Java | 8.6 | - | 2019-11-13 |
| CVE-2019-0390 | SAP Diagnostics Agent 信息泄露漏洞 — SAP Data Hub (DH_Foundation) | 6.5 | - | 2019-11-13 |
| CVE-2019-0393 | SAP Quality Management SQL注入漏洞 — SAP Quality Management (S4CORE) | 5.3 | - | 2019-11-13 |
| CVE-2019-0382 | SAP BusinessObjects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform (Web Intelligence) | 5.4 | - | 2019-11-13 |
| CVE-2019-0389 | SAP NetWeaver Application Server Java 安全漏洞 — SAP NetWeaver Application Server Java (J2EE-Framework) | 8.8 | - | 2019-11-13 |
| CVE-2019-0385 | SAP Enable Now 跨站脚本漏洞 — SAP Enable Now | 6.1 | - | 2019-11-13 |
| CVE-2019-0350 | SAP HANA 输入验证错误漏洞 — SAP HANA Database | 7.5 | - | 2019-11-04 |
| CVE-2019-0380 | SAP Landscape Management 日志信息泄露漏洞 — SAP Landscape Management enterprise edition | 4.9 | - | 2019-10-08 |
| CVE-2019-0381 | SAP SQL Anywhere、SAP IQ和Dynamic Tier 安全漏洞 — SAP IQ | 7.1 | - | 2019-10-08 |
| CVE-2019-0379 | SAP NetWeaver Process Integration 数据伪造问题漏洞 — SAP Process Integration, business-to-business add-on | 7.5 | - | 2019-10-08 |
| CVE-2019-0378 | SAP BusinessObjects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) | 5.4 | - | 2019-10-08 |
| CVE-2019-0377 | SAP BusinessObjects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) | 5.4 | - | 2019-10-08 |
| CVE-2019-0376 | SAP BusinessObjects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) | 5.4 | - | 2019-10-08 |
| CVE-2019-0375 | SAP BusinessObjects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) | 5.4 | - | 2019-10-08 |
| CVE-2019-0374 | SAP BusinessObjects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) | 5.4 | - | 2019-10-08 |
| CVE-2019-0370 | SAP Financial Consolidation 安全漏洞 — SAP Financial Consolidation | 6.5 | - | 2019-10-08 |
| CVE-2019-0369 | SAP Financial Consolidation 跨站脚本漏洞 — SAP Financial Consolidation | 6.1 | - | 2019-10-08 |
| CVE-2019-0368 | SAP Customer Relationship Management 跨站脚本漏洞 — SAP Customer Relationship Management (Email Management - S4CRM) | 6.1 | - | 2019-10-08 |
| CVE-2019-0367 | SAP NetWeaver Process Integration 安全漏洞 — SAP NetWeaver Process Integration (B2B Toolkit) | 6.5 | - | 2019-10-08 |
| CVE-2019-0357 | SAP HANA 安全漏洞 — SAP HANA | 6.7 | - | 2019-09-10 |
| CVE-2019-0356 | SAP NetWeaver Process Integration 信息泄露漏洞 — SAP NetWeaver Process Integration Runtime Workbench – MESSAGING and SAP_XIAF | 6.5 | - | 2019-09-10 |
| CVE-2019-0365 | SAP KERNEL 资源管理错误漏洞 — SAP Kernel (KRNL32NUC) | 8.8 | - | 2019-09-10 |
This page lists every published CVE security advisory associated with SAP SE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.