Browse all 778 CVE security advisories affecting SAP SE. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SAP SE develops enterprise resource planning software that manages business processes for large organizations globally. With 778 recorded CVEs, its attack surface reflects the complexity of its extensive codebase. Historically, vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation or insecure default configurations. These flaws allow attackers to bypass authentication, access sensitive data, or execute arbitrary commands on affected systems. Notable incidents include critical flaws in SAP NetWeaver and SAP HANA, which have been actively exploited in the wild. The company maintains a rigorous security response program, issuing regular patches for identified weaknesses. However, the sheer volume of integrations and legacy components continues to present challenges for comprehensive vulnerability management. Organizations deploying SAP solutions must prioritize timely patching and strict access controls to mitigate these persistent risks effectively.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2018-2428 | SAP Infrastructure和UI 信息泄露漏洞 — SAP Infrastructure | 7.5 | - | 2018-06-12 |
| CVE-2018-2415 | SAP NetWeaver Application Server Java Web Container and HTTP Service和J2EE Engine Server Core 安全漏洞 — SAP NetWeaver Application Server (Engine API) | 4.7 | - | 2018-05-09 |
| CVE-2018-2417 | SAP Identity Management 信息泄露漏洞 — SAP Identity Management | 7.5 | - | 2018-05-09 |
| CVE-2018-2418 | SAP MaxDB ODBC驱动程序安全漏洞 — SAP MaxDB ODBC driver | 7.2 | - | 2018-05-09 |
| CVE-2018-2419 | SAP Enterprise Financial Services 安全漏洞 — SAP Enterprise Financial Services (SAPSCORE) | 7.6 | - | 2018-05-09 |
| CVE-2018-2420 | SAP Internet Graphics Server 安全漏洞 — SAP Internet Graphics Server (IGS) | 9.8 | - | 2018-05-09 |
| CVE-2018-2421 | SAP Internet Graphics Server Portwatcher 安全漏洞 — SAP Internet Graphics Server (IGS) | 7.5 | - | 2018-05-09 |
| CVE-2018-2422 | SAP Internet Graphics Server Portwatcher 安全漏洞 — SAP Internet Graphics Server (IGS) | 7.5 | - | 2018-05-09 |
| CVE-2018-2423 | SAP Internet Graphics Server HTTP和RFC listener 安全漏洞 — SAP Internet Graphics Server (IGS) | 7.5 | - | 2018-05-09 |
| CVE-2018-2403 | SAP Disclosure Management 信息泄露漏洞 — SAP Disclosure Management | 6.5 | - | 2018-04-10 |
| CVE-2018-2404 | SAP Disclosure Management 安全漏洞 — SAP Disclosure Management | 9.8 | - | 2018-04-10 |
| CVE-2018-2405 | SAP Solution Manager Incident Management Work Center 跨站脚本漏洞 — SAP Solution Manager | 5.4 | - | 2018-04-10 |
| CVE-2018-2406 | SAP Crystal Reports Server OEM Edition 路径遍历漏洞 — SAP Crystal Reports Server, OEM Edition | 6.6 | - | 2018-04-10 |
| CVE-2018-2408 | SAP Business Objects 安全漏洞 — SAP Business Objects | 9.4 | - | 2018-04-10 |
| CVE-2018-2409 | SAP Cloud Platform 安全漏洞 — SAP Cloud Platform Connector | 8.8 | - | 2018-04-10 |
| CVE-2018-2410 | SAP Business One 跨站脚本漏洞 — SAP Business One | 5.4 | - | 2018-04-10 |
| CVE-2018-2412 | SAP Disclosure Management 安全漏洞 — SAP Disclosure Management | 8.8 | - | 2018-04-10 |
| CVE-2018-2413 | SAP Disclosure Management 安全漏洞 — SAP Disclosure Management | 8.8 | - | 2018-04-10 |
| CVE-2018-2366 | SAP Business Process Automation By Redwood 路径遍历漏洞 — SAP Business Process Automation (BPA) By Redwood | 4.3 | - | 2018-03-14 |
| CVE-2018-2397 | SAP Business Objects Business Intelligence Platform 跨站脚本漏洞 — SAP Business Objects Business Intelligence Platform | 6.1 | - | 2018-03-14 |
| CVE-2018-2398 | SAP Business Client 信息泄露漏洞 — SAP Business Client | 7.5 | - | 2018-03-14 |
| CVE-2018-2399 | SAP Process Monitoring Infrastructure 跨站脚本漏洞 — SAP Process Monitoring Infrastructure | 6.1 | - | 2018-03-14 |
| CVE-2018-2401 | SAP Business Process Automation By Redwood 安全漏洞 — SAP Business Process Automation (BPA) By Redwood | 8.8 | - | 2018-03-14 |
| CVE-2018-2402 | SAP HANA 安全漏洞 — SAP HANA | 8.2 | - | 2018-03-14 |
| CVE-2018-2365 | SAP NetWeaver RunTime 跨站脚本漏洞 — SAP NetWeaver Portal WebDynpro RunTime | 6.1 | - | 2018-03-01 |
| CVE-2018-2367 | SAP BASIS 安全漏洞 — SAP BASIS (ABAP File Interface) | 8.3 | - | 2018-03-01 |
| CVE-2018-2368 | SAP NetWeaver System Landscape Directory 安全漏洞 — SAP NetWeaver System Landscape Directory, LM-Core | 9.8 | - | 2018-03-01 |
| CVE-2018-2380 | SAP CRM 路径遍历漏洞 — SAP CRM | 9.1 | - | 2018-03-01 |
| CVE-2018-2364 | SAP CRM WebClient UI 跨站脚本漏洞 — SAP CRM WebClient UI | 6.1 | - | 2018-02-14 |
| CVE-2018-2369 | SAP HANA 信息泄露漏洞 — SAP HANA | 7.5 | - | 2018-02-14 |
This page lists every published CVE security advisory associated with SAP SE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.