Lucene search
K

Vulnerabilities fixed in SAP products

🗓️ 11 Nov 2025 12:15:53Reported by NCSCType 
ncsc
 ncsc
🔗 advisories.ncsc.nl👁 11 Views

SAP fixes vulnerabilities in NetWeaver, Business Connector, HANA, and S/4HANA, including remote code execution risk in NetWeaver (CVE-2025-42944).

Related
Refs
ReporterTitlePublishedViews
Family
BDU FSTEC
The vulnerability of the RMI-P4 module of the SAP NetWeaver software integration platform allows a perpetrator to execute arbitrary commands.
10 Sep 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the SQL Anywhere Monitor, a database administration tool for relational database management systems like SAP SQL Anywhere, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
18 Nov 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the SAP CommonCryptoLib library, related to the execution of operations outside the buffer in memory, allows a hacker to trigger a service failure.
18 Nov 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the SAP Business Connector (SAP BC) application, which is related to the failure to take measures to neutralize special elements, allows a perpetrator to execute arbitrary commands.
18 Nov 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the SAP Business Connector (SAP BC) application, which is related to incorrect restrictions on the path to the restricted catalog, allows a perpetrator to gain access to read, modify, or delete data.
19 Nov 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the SAP Business Connector (SAP BC) application, which is related to redirecting users to an unreliable website, allows a hacker to redirect users to a malicious website.
19 Nov 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the SAP Business Connector (SAP BC) application, which is related to the lack of protective measures for the website structure, allows attackers to carry out cross-site scripting attacks.
19 Nov 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the Remote-Enabled Function (hdbrss) in the SAP HANA database management system allows a perpetrator to gain unauthorized access to protected information.
19 Nov 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the SAP NetWeaver Enterprise Portal (SAP NW EP) software integration platform lies in the improper elimination of special elements in data queries, allowing an attacker to gain access to read and modify data.
19 Nov 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the SAP GUI graphical user interface for Windows lies in the storage of confidential information in an open manner, which allows a perpetrator to gain unauthorized access to protected information.
19 Nov 202500:00
bdu_fstec
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation