Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

SAP_SE — Vulnerabilities & Security Advisories 542

Browse all 542 CVE security advisories affecting SAP_SE. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SAP SE operates as a global leader in enterprise application software, primarily providing ERP solutions that manage complex business processes, supply chains, and human resources for large organizations. This extensive attack surface has resulted in 527 recorded CVEs, reflecting the critical nature of its infrastructure. Historically, vulnerabilities within SAP systems frequently involve remote code execution, SQL injection, and cross-site scripting, often stemming from complex integrations and legacy components. Privilege escalation remains a significant concern, allowing unauthorized users to gain administrative access. While SAP maintains rigorous security protocols, past incidents highlight risks associated with default configurations and unpatched middleware. The company actively issues security patches, yet the sheer volume of disclosed flaws underscores the challenges of securing highly interconnected, mission-critical enterprise environments against sophisticated cyber threats.

Top products by SAP_SE: SAP BusinessObjects Business Intelligence Platform SAP NetWeaver Application server for ABAP and ABAP Platform SAP NetWeaver Application Server for ABAP SAP NetWeaver Application Server ABAP SAP GUI for Windows SAP NetWeaver Application Server ABAP and ABAP Platform SAP NetWeaver Application Server Java SAP Commerce Cloud SAP CRM WebClient UI SAP Business Connector SAP Fiori App (Intercompany Balance Reconciliation) SAP NetWeaver AS ABAP and ABAP Platform SAP Enable Now SAP NetWeaver Enterprise Portal SAP Supplier Relationship Management (Live Auction Cockpit) SAP NetWeaver SAP Solution Manager SAPCAR SAP NetWeaver AS Java SAP Commerce SAP Financial Consolidation SAP Web Dispatcher SAP NetWeaver AS for JAVA (Adobe Document Services) SAP Business One (SLD) SAP Supplier Relationship Management SAP CommonCryptoLib SAP Cloud Connector SAP BusinessObjects Business Intelligence Platform (Web Intelligence) SAP BusinessObjects Web Intelligence SAP MDM Server
CVE IDTitleCVSSSeverityPublished
CVE-2025-0056 Information Disclosure vulnerability in SAP GUI for Java — SAP GUI for JavaCWE-497 6.0 Medium2025-01-14
CVE-2025-0055 Information Disclosure vulnerability in SAP GUI for Windows — SAP GUI for WindowsCWE-497 6.0 Medium2025-01-14
CVE-2025-0053 Information Disclosure Vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform — SAP NetWeaver Application Server for ABAP and ABAP PlatformCWE-209 5.3 Medium2025-01-14
CVE-2024-54198 Information Disclosure vulnerability through Remote Function Call (RFC) in SAP NetWeaver Application Server ABAP — SAP NetWeaver Application Server ABAPCWE-914 8.5 High2024-12-10
CVE-2024-54197 Server-Side Request Forgery in SAP NetWeaver Administrator (System Overview) — SAP NetWeaver Administrator(System Overview)CWE-918 7.2 High2024-12-10
CVE-2024-47585 Missing Authorization check in SAP NetWeaver Application Server for ABAP and ABAP Platform — SAP NetWeaver Application Server for ABAP and ABAP PlatformCWE-862 4.3 Medium2024-12-10
CVE-2024-47582 XML Entity Expansion Vulnerability in SAP NetWeaver AS JAVA — SAP NetWeaver AS JAVACWE-611 5.3 Medium2024-12-10
CVE-2024-47581 Missing Authorization check in SAP HCM (Approve Timesheets version 4) — SAP HCMCWE-862 4.3 Medium2024-12-10
CVE-2024-47580 Multiple vulnerabilities in SAP NetWeaver AS for JAVA(Adobe Document Services) — SAP NetWeaver AS for JAVA (Adobe Document Services)CWE-538 6.8 Medium2024-12-10
CVE-2024-47579 Multiple vulnerabilities in SAP NetWeaver AS for JAVA(Adobe Document Services) — SAP NetWeaver AS for JAVA (Adobe Document Services)CWE-538 6.8 Medium2024-12-10
CVE-2024-47578 Multiple vulnerabilities in SAP NetWeaver AS for JAVA(Adobe Document Services) — SAP NetWeaver AS for JAVA (Adobe Document Services)CWE-918 9.1 Critical2024-12-10
CVE-2024-47577 Information Disclosure vulnerability in SAP Commerce Cloud — SAP Commerce CloudCWE-319 2.7 Low2024-12-10
CVE-2024-47576 DLL Hijacking vulnerability in SAP Product Lifecycle Costing — SAP Product Lifecycle CostingCWE-427 3.3 Low2024-12-10
CVE-2024-32732 Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence platform — SAP BusinessObjects Business Intelligence platformCWE-497 5.3 Medium2024-12-10
CVE-2024-47595 Local Privilege Escalation in SAP Host Agent — SAP Host AgentCWE-266 6.3 Medium2024-11-12
CVE-2024-47593 Information Disclosure Vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform — SAP NetWeaver Application Server ABAP 4.3 Medium2024-11-12
CVE-2024-47592 Information Disclosure Vulnerability in SAP NetWeaver Application Server Java (Logon Application) — SAP NetWeaver Application Server Java (Logon Application)CWE-307 5.3 Medium2024-11-12
CVE-2024-47590 Cross-Site Scripting (XSS) vulnerability in SAP Web Dispatcher — SAP Web DispatcherCWE-791 8.8 High2024-11-12
CVE-2024-47588 Information Disclosure vulnerability in SAP NetWeaver Java (Software Update Manager) — SAP NetWeaver Java (Software Update Manager)CWE-522 4.7 Medium2024-11-12
CVE-2024-47587 Missing authorization check in SAP Cash Management (Cash Operations) — SAP Cash Management (Cash Operations)CWE-862 3.5 Low2024-11-12
CVE-2024-47586 NULL Pointer Dereference vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform — SAP NetWeaver Application Server for ABAP and ABAP PlatformCWE-476 5.3 Medium2024-11-12
CVE-2024-42372 Missing Authorization check in SAP NetWeaver AS Java (System Landscape Directory) — SAP NetWeaver AS Java (System Landscape Directory)CWE-862 6.5 Medium2024-11-12
CVE-2024-47594 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal (KMC) — SAP NetWeaver Enterprise Portal (KMC)CWE-79 5.4 Medium2024-10-08
CVE-2024-45282 HTTP Verb Tampering in SAP S/4 HANA(Manage Bank Statements) — SAP S/4 HANA (Manage Bank Statements)CWE-650 4.3 Medium2024-10-08
CVE-2024-45278 Cross-Site Scripting (XSS) vulnerability in SAP Commerce Backoffice — SAP Commerce BackofficeCWE-79 5.4 Medium2024-10-08
CVE-2024-45277 Prototype Pollution vulnerability in SAP HANA Client — SAP HANA ClientCWE-1321 4.3 Medium2024-10-08
CVE-2024-37179 Insecure File Operations vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence) — SAP BusinessObjects Business Intelligence Platform (Web Intelligence)CWE-434 7.7 High2024-10-08
CVE-2024-45285 Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform — SAP NetWeaver Application Server for ABAP and ABAP PlatformCWE-862 5.4 Medium2024-09-10
CVE-2024-45284 Missing authorization check in SAP Student Life Cycle Management (SLcM) — SAP Student Life Cycle Management (SLcM)CWE-862 2.4 Low2024-09-10
CVE-2024-45283 Information disclosure vulnerability in SAP NetWeaver AS for Java (Destination Service) — SAP NetWeaver AS for Java (Destination Service)CWE-256 6.0 Medium2024-09-10

This page lists every published CVE security advisory associated with SAP_SE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.