Browse all 778 CVE security advisories affecting SAP SE. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SAP SE develops enterprise resource planning software that manages business processes for large organizations globally. With 778 recorded CVEs, its attack surface reflects the complexity of its extensive codebase. Historically, vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation or insecure default configurations. These flaws allow attackers to bypass authentication, access sensitive data, or execute arbitrary commands on affected systems. Notable incidents include critical flaws in SAP NetWeaver and SAP HANA, which have been actively exploited in the wild. The company maintains a rigorous security response program, issuing regular patches for identified weaknesses. However, the sheer volume of integrations and legacy components continues to present challenges for comprehensive vulnerability management. Organizations deploying SAP solutions must prioritize timely patching and strict access controls to mitigate these persistent risks effectively.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-35168 | SAP Business One 代码问题漏洞 — SAP Business oneCWE-611 | 7.5 | - | 2022-07-12 |
| CVE-2022-32247 | SAP NetWeaver和SAP NetWeaver Enterprise Portal 跨站脚本漏洞 — SAP NetWeaver Enterprise PortalCWE-79 | 6.1 | - | 2022-07-12 |
| CVE-2022-32248 | SAP S/4HANA 输入验证错误漏洞 — SAP S/4HANACWE-20 | 5.3 | - | 2022-07-12 |
| CVE-2022-31593 | SAP Business One client 注入漏洞 — SAP Business OneCWE-74 | 8.8 | - | 2022-07-12 |
| CVE-2022-31591 | SAP BusinessObjects BW Publisher Service 代码问题漏洞 — SAP BusinessObjects (BW Publisher Service)CWE-428 | 7.8 | - | 2022-07-12 |
| CVE-2022-31597 | SAP S/4HANA 安全漏洞 — SAP S/4HANACWE-862 | 5.4 | - | 2022-07-12 |
| CVE-2022-28771 | SAP Business One License service API 访问控制错误漏洞 — SAP Business One License service APICWE-306 | 7.5 | - | 2022-07-12 |
| CVE-2022-29619 | SAP BusinessObjects Business Intelligence Platform 安全漏洞 — SAP BusinessObjects Business Intelligence PlatformCWE-863 | 8.1 | - | 2022-07-12 |
| CVE-2022-31592 | SAP Enterprise Extension Defense Forces & Public Security 安全漏洞 — SAP Enterprise Extension Defense Forces & Public Security (EA-DFPS)CWE-862 | 4.3 | - | 2022-07-12 |
| CVE-2022-31598 | SAP Business Objects 数据伪造问题漏洞 — SAP Business ObjectsCWE-345 | 5.4 | - | 2022-07-12 |
| CVE-2022-32246 | SAP Business Objects SQL注入漏洞 — SAP BusinessObjects Business Intelligence Platform (Visual Difference Application)CWE-89 | 7.1 | - | 2022-07-12 |
| CVE-2022-32243 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 — SAP 3D Visual Enterprise ViewerCWE-20 | 5.5 | - | 2022-06-14 |
| CVE-2022-32242 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 — SAP 3D Visual Enterprise ViewerCWE-20 | 5.5 | - | 2022-06-14 |
| CVE-2022-32241 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 — SAP 3D Visual Enterprise ViewerCWE-20 | 5.5 | - | 2022-06-14 |
| CVE-2022-32240 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 — SAP 3D Visual Enterprise ViewerCWE-20 | 5.5 | - | 2022-06-14 |
| CVE-2022-32239 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 — SAP 3D Visual Enterprise ViewerCWE-20 | 5.5 | - | 2022-06-14 |
| CVE-2022-32238 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 — SAP 3D Visual Enterprise ViewerCWE-20 | 5.5 | - | 2022-06-14 |
| CVE-2022-32237 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 — SAP 3D Visual Enterprise ViewerCWE-20 | 5.5 | - | 2022-06-14 |
| CVE-2022-32236 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 — SAP 3D Visual Enterprise ViewerCWE-20 | 5.5 | - | 2022-06-14 |
| CVE-2022-32235 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 — SAP 3D Visual Enterprise ViewerCWE-20 | 5.5 | - | 2022-06-14 |
| CVE-2022-31595 | SAP Financial Consolidation 安全漏洞 — SAP Financial ConsolidationCWE-862 | 8.8 | - | 2022-06-14 |
| CVE-2022-31594 | SAP Adaptive Server Enterprise 安全漏洞 — SAP Adaptive Server Enterprise (ASE)CWE-269 | 6.7 | - | 2022-06-14 |
| CVE-2022-31590 | SAP PowerDesigner 代码问题漏洞 — SAP PowerDesigner Proxy 16.7CWE-428 | 7.8 | - | 2022-06-14 |
| CVE-2022-31589 | 多款SAP产品安全漏洞 — SAP ERP, localization for CEE countries.CWE-863 | 6.5 | - | 2022-06-14 |
| CVE-2022-29618 | SAP NetWeaver Development Infrastructure 跨站脚本漏洞 — SAP NetWeaver Development Infrastructure (Design Time Repository)CWE-79 | 6.1 | - | 2022-06-14 |
| CVE-2022-29615 | SAP NetWeaver Developer Studio 代码问题漏洞 — SAP NetWeaver Developer Studio (NWDS)CWE-502 | 6.5 | - | 2022-06-14 |
| CVE-2022-29614 | SAP NetWeaver Application Server 安全漏洞 — SAP NetWeaver AS ABAP, AS Java, ABAP Platform and HANA DatabaseCWE-269 | 8.6 | - | 2022-06-14 |
| CVE-2022-29612 | SAP Host Agent 代码问题漏洞 — SAP NetWeaver, ABAP Platform and SAP Host AgentCWE-918 | - | - | 2022-06-14 |
| CVE-2022-27668 | SAP NetWeaver 和 ABAP Platform 安全漏洞 — SAP NetWeaver and ABAP PlatformCWE-863 | 9.8 | - | 2022-06-14 |
| CVE-2022-28217 | SAP NetWeaver 代码问题漏洞 — SAP NetWeaver (EP Web Page Composer)CWE-918 | 6.5 | - | 2022-06-13 |
This page lists every published CVE security advisory associated with SAP SE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.