Browse all 778 CVE security advisories affecting SAP SE. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SAP SE develops enterprise resource planning software that manages business processes for large organizations globally. With 778 recorded CVEs, its attack surface reflects the complexity of its extensive codebase. Historically, vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation or insecure default configurations. These flaws allow attackers to bypass authentication, access sensitive data, or execute arbitrary commands on affected systems. Notable incidents include critical flaws in SAP NetWeaver and SAP HANA, which have been actively exploited in the wild. The company maintains a rigorous security response program, issuing regular patches for identified weaknesses. However, the sheer volume of integrations and legacy components continues to present challenges for comprehensive vulnerability management. Organizations deploying SAP solutions must prioritize timely patching and strict access controls to mitigate these persistent risks effectively.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-38150 | SAP Business Client 安全漏洞 — SAP Business Client | 6.5 | - | 2021-09-14 |
| CVE-2021-33708 | kyma-project kyma 输入验证错误漏洞 — Kyma | 8.8 | - | 2021-08-10 |
| CVE-2021-33706 | SAP InfraBox 输入验证错误漏洞 — InfraBox | 4.3 | - | 2021-08-10 |
| CVE-2021-33702 | SAP Enterprise Portal 跨站脚本漏洞 — SAP NetWeaver Enterprise PortalCWE-79 | 6.1 | - | 2021-08-10 |
| CVE-2021-33703 | SAP Netweaver 跨站脚本漏洞 — SAP NetWeaver Enterprise Portal (Application Extensions)CWE-79 | 6.1 | - | 2021-08-10 |
| CVE-2021-33707 | SAP Netweaver 输入验证错误漏洞 — SAP NetWeaver (Knowledge Management)CWE-601 | 6.1 | - | 2021-08-10 |
| CVE-2021-33699 | Google Android 安全漏洞 — SAP Fiori Client Native Mobile for Android | 4.6 | - | 2021-08-10 |
| CVE-2021-33682 | SAP Lumira 跨站脚本漏洞 — SAP Lumira Server | 5.4 | - | 2021-07-14 |
| CVE-2021-33687 | SAP NetWeaver AS 信息泄露漏洞 — SAP NetWeaver AS JAVA (Enterprise Portal) | 5.3 | - | 2021-07-14 |
| CVE-2021-33683 | SAP Web Dispatcher 和 Internet Communication Manager 环境问题漏洞 — SAP Web Dispatcher and Internet Communication ManagerCWE-444 | 5.3 | - | 2021-07-14 |
| CVE-2021-33689 | SAP NetWeaver AS 安全漏洞 — SAP NetWeaver AS JAVA (Administrator applications)CWE-778 | 4.3 | - | 2021-07-14 |
| CVE-2021-33684 | SAP NetWeaver AS ABAP 缓冲区错误漏洞 — SAP NetWeaver AS ABAP and ABAP PlatformCWE-787 | 6.5 | - | 2021-07-14 |
| CVE-2021-33678 | SAP NetWeaver AS ABAP 代码注入漏洞 — SAP NetWeaver AS ABAP (Reconciliation Framework)CWE-95 | 6.5 | - | 2021-07-14 |
| CVE-2021-33670 | SAP NetWeaver AS 安全漏洞 — SAP NetWeaver AS for Java (Http Service) | 7.5 | - | 2021-07-14 |
| CVE-2021-33681 | SAP 3D Visual Enterprise Viewer 缓冲区错误漏洞 — SAP 3D Visual Enterprise ViewerCWE-787 | 8.1 | - | 2021-07-14 |
| CVE-2021-33677 | SAP NetWeaver AS ABAP 安全漏洞 — SAP NetWeaver AS ABAP and ABAP Platform | 5.3 | - | 2021-07-14 |
| CVE-2021-33676 | SAP CRM 安全漏洞 — SAP CRM | 7.2 | - | 2021-07-14 |
| CVE-2021-33680 | SAP 3D Visual Enterprise Viewer 安全漏洞 — SAP 3D Visual Enterprise ViewerCWE-120 | 8.1 | - | 2021-07-14 |
| CVE-2021-33671 | SAP NetWeaver 安全漏洞 — SAP NetWeaver Guided Procedures (Administration Workset) | 8.8 | - | 2021-07-14 |
| CVE-2021-33667 | SAP Business Objects Web Intelligence 安全漏洞 — SAP Business Objects Web Intelligence (BI Launchpad) | 4.3 | - | 2021-07-14 |
| CVE-2021-27610 | SAP NetWeaver ABAP Server 和 ABAP Platform 授权问题漏洞 — SAP NetWeaver AS ABAP and ABAP Platform | 9.8 | - | 2021-06-16 |
| CVE-2021-33669 | SAP Mobile安全漏洞 — SAP Mobile SDK Certificate Provider | 7.3 | - | 2021-06-09 |
| CVE-2021-33665 | SAP NetWeaver Application Server 跨站脚本漏洞 — SAP NetWeaver Application Server ABAP (Applications based on SAP GUI for HTML) | 5.4 | - | 2021-06-09 |
| CVE-2021-33663 | SAP Netweaver 命令注入漏洞 — SAP NetWeaver AS ABAP | 6.5 | - | 2021-06-09 |
| CVE-2021-33659 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 — SAP 3D Visual Enterprise Viewer | 4.3 | - | 2021-06-09 |
| CVE-2021-33661 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 — SAP 3D Visual Enterprise Viewer | 4.3 | - | 2021-06-09 |
| CVE-2021-33664 | SAP NetWeaver Application Server 跨站脚本漏洞 — SAP NetWeaver Application Server ABAP (Applications based on Web Dynpro ABAP) | 6.1 | - | 2021-06-09 |
| CVE-2021-33666 | SAP Commerce Cloud 跨站脚本漏洞 — SAP Commerce Cloud | 6.1 | - | 2021-06-09 |
| CVE-2021-33660 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 — SAP 3D Visual Enterprise Viewer | 4.3 | - | 2021-06-09 |
| CVE-2021-33662 | SAP Business One 信息泄露漏洞 — SAP Business One | 5.5 | - | 2021-06-09 |
This page lists every published CVE security advisory associated with SAP SE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.