EUVD-2026-10442

Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the database configuration table of the ABAP system. This unauthorized content change could lead to reduced...

CVE-2026-24309

Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the database configuration table of the ABAP system. This unauthorized content change could lead to reduced...

SAP S/4HANA Cloud Private 代码注入漏洞

SAP S/4HANA Cloud Private is a private cloud-deployed, enterprise-grade, intelligent ERP suite based on in-memory computing architecture from SAP, Germany. A code injection vulnerability exists in SAP S/4HANA Cloud Private, which stems from a lack of input validation and authorization checking an...

PT-2025-15377 · Sap · Sap Netweaver

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver affected versions not specified Description: The issue allows an attacker to bypass authorization checks, enabling them to view portions of ABAP code that would normally require additional validation. Once connected to the ABAP...

SAP AS ABAP 授权问题漏洞

SAP AS ABAP is a development tool for SAP software from SAP, a German company. An authorization issue vulnerability exists in SAP AS ABAP Platform, which arises from a lack of authorization checking in the product and can be exploited by remote attackers to compromise an affected system...

SAP NetWeaver AS 资源管理错误漏洞

SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but is also the basic platform for SAP software. A security vulnerability exists in SAP NetWeaver AS ABAP and ABAP Platform versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 75...

SAP NetWeaver AS ABAP 安全漏洞

SAP NetWeaver AS ABAP Business Server is an application server for ABAP Advanced Business Application Programming from SAP, Germany. A security vulnerability exists in SAP NetWeaver AS ABAP and ABAP Platform, which stems from an information disclosure in the product. The following products and...

SAP NetWeaver AS ABAP Cross-Site Scripting Vulnerability (CNVD-2021-03703)

SAP NetWeaver AS ABAP Business Server is an application server for ABAP Advanced Business Application Programming from SAP, Germany. A security vulnerability exists in SAP NetWeaver AS ABAP that stems from a failure to adequately encode URLs, allowing an attacker to enter malicious java script in...

PwC ACE-ABAP Remote Code Execution Vulnerability

ACE Automated Controls Evaluator is a tool developed by PwC PricewaterhouseCoopers that can be used to analyze SAP security settings to discern privileged access and potential segregation of duties.ABAP Advanced Business Application Programming. A remote code execution vulnerability exists in PwC...