Browse all 778 CVE security advisories affecting SAP SE. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SAP SE develops enterprise resource planning software that manages business processes for large organizations globally. With 778 recorded CVEs, its attack surface reflects the complexity of its extensive codebase. Historically, vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation or insecure default configurations. These flaws allow attackers to bypass authentication, access sensitive data, or execute arbitrary commands on affected systems. Notable incidents include critical flaws in SAP NetWeaver and SAP HANA, which have been actively exploited in the wild. The company maintains a rigorous security response program, issuing regular patches for identified weaknesses. However, the sheer volume of integrations and legacy components continues to present challenges for comprehensive vulnerability management. Organizations deploying SAP solutions must prioritize timely patching and strict access controls to mitigate these persistent risks effectively.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2019-0364 | SAP HANA Extended Application Services 输入验证错误漏洞 — SAP HANA Extended Application Services | 4.3 | - | 2019-09-10 |
| CVE-2019-0363 | SAP HANA Extended Application Services 输入验证错误漏洞 — SAP HANA Extended Application Services | 7.1 | - | 2019-09-10 |
| CVE-2019-0361 | SAP Supplier Relationship Management 跨站脚本漏洞 — SAP Supplier Relationship Management (Master Data Management Catalog) (SRM_MDM_CAT) | 5.4 | - | 2019-09-10 |
| CVE-2019-0355 | SAP NetWeaver Application Server Java 代码注入漏洞 — SAP NetWeaver AS for Java (Web Container)-ENGINEAPI | 8.8 | - | 2019-09-10 |
| CVE-2019-0353 | SAP Business One client 信息泄露漏洞 — SAP Business One Client | 5.5 | - | 2019-09-10 |
| CVE-2019-0352 | SAP Business Objects Business Intelligence Platform 信息泄露漏洞 — SAP BusinessObjects Business Intelligence Platform (CMC) | 6.5 | - | 2019-09-10 |
| CVE-2019-0349 | SAP KERNEL 授权问题漏洞 — SAP Kernel (KRNL32NUC) | 7.2 | - | 2019-08-14 |
| CVE-2019-0351 | SAP NetWeaver UDDI Server 缓冲区错误漏洞 — SAP NetWeaver UDDI Server (Services Registry) | 8.8 | - | 2019-08-14 |
| CVE-2019-0348 | SAP BusinessObjects Business Intelligence Platform 信息泄露漏洞 — SAP Business Objects Business Intelligence Platform (Web Intelligence) | 7.5 | - | 2019-08-14 |
| CVE-2019-0346 | SAP Business Objects Business Intelligence Platform 信息泄露漏洞 — SAP Business Objects Business Intelligence Platform (CMC) | 4.3 | - | 2019-08-14 |
| CVE-2019-0345 | SAP NetWeaver Application Server for Java 代码问题漏洞 — SAP NetWeaver Application Server for Java (Administrator System Overview) | 9.8 | - | 2019-08-14 |
| CVE-2019-0344 | SAP Commerce Cloud 代码代码问题漏洞 — SAP Commerce Cloud (virtualjdbc extension) | 8.8 | - | 2019-08-14 |
| CVE-2019-0343 | SAP Commerce Cloud 代码注入漏洞 — SAP Commerce Cloud (Mediaconversion Extension) | 8.8 | - | 2019-08-14 |
| CVE-2019-0340 | SAP Enable Now 代码问题漏洞 — SAP Enable Now | 6.5 | - | 2019-08-14 |
| CVE-2019-0341 | SAP Enable Now 输入验证错误漏洞 — SAP Enable Now | 7.2 | - | 2019-08-14 |
| CVE-2019-0338 | SAP Gateway 信息泄露漏洞 — SAP Gateway | 6.5 | - | 2019-08-14 |
| CVE-2019-0334 | SAP Business Objects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform (BI Workspace) | 5.4 | - | 2019-08-14 |
| CVE-2019-0333 | SAP Business Objects Business Intelligence Platform 信息泄露漏洞 — SAP BusinessObjects Business Intelligence Platform (Web Intelligence) | 4.3 | - | 2019-08-14 |
| CVE-2019-0337 | SAP NetWeaver Process Integration 跨站脚本漏洞 — SAP NetWeaver Process Integration (Java Proxy Runtime) | 6.1 | - | 2019-08-14 |
| CVE-2019-0335 | SAP Business Objects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform (CMC) | 6.1 | - | 2019-08-14 |
| CVE-2019-0332 | SAP Business Objects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform (Info View) | 6.1 | - | 2019-08-14 |
| CVE-2019-0331 | SAP Business Objects Business Intelligence Platform 信息泄露漏洞 — SAP BusinessObjects Business Intelligence Platform (BI Workspace) | 5.3 | - | 2019-08-14 |
| CVE-2019-0330 | SAP Diagnostics Agent 代码注入漏洞 — SAP Diagnostic Agent (LM-Service) | 7.2 | - | 2019-07-10 |
| CVE-2019-0329 | SAP Information Steward 跨站脚本漏洞 — SAP Information Steward | 6.1 | - | 2019-07-10 |
| CVE-2019-0328 | SAP NetWeaver Process Integration ABAP Tests模块操作系统命令注入漏洞 — SAP NetWeaver Process Integration ABAP tests (SAP Basis) | 7.2 | - | 2019-07-10 |
| CVE-2019-0327 | SAP NetWeaver Application Server Java 代码问题漏洞 — SAP NetWeaver for Java Application Server - Web Container (engineapi) | 9.1 | - | 2019-07-10 |
| CVE-2019-0326 | SAP BusinessObjects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform - BI Workspace (Enterprise) | 6.1 | - | 2019-07-10 |
| CVE-2019-0325 | SAP ERP HCM 授权问题漏洞 — SAP ERP HCM (SAP_HRCES) | 5.3 | - | 2019-07-10 |
| CVE-2019-0322 | SAP Commerce Cloud 访问控制错误漏洞 — SAP Commerce Cloud (ex SAP Hybris Commerce) (HY_COM) | 7.5 | - | 2019-07-10 |
| CVE-2019-0321 | SAP ABAP Server和ABAP Platform 跨站脚本漏洞 — ABAP Server and ABAP Platform (SAP Basis) | 6.1 | - | 2019-07-10 |
This page lists every published CVE security advisory associated with SAP SE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.