Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

49 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:18 p.m.9 views

CVE-2026-27681

Due to insufficient authorization checks in SAP Business Planning and Consolidation and SAP Business Warehouse, an authenticated user can execute crafted SQL statements to read, modify, and delete database data. This leads to a high impact on the confidentiality, integrity, and availability of th...

9.9CVSS6.2AI score0.00501EPSS
Exploits0References1
HackRead
HackReadadded 2026/05/06 1:42 p.m.5 views

Building Strategic Advantage With Integrated Planning

Siloed planning slows decisions and hides risk. Integrated business planning connects finance, demand, supply, and strategy into a single disciplined cycle...

5.8AI score
Exploits0
NCSC
NCSCadded 2026/04/14 12:55 p.m.4 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in several SAP products, including SAP Supplier Relationship Management, SAP BusinessObjects Business Intelligence Platform, SAP NetWeaver Application Server Java and ABAP, SAP Landscape Transformation, SAP Business Planning and Consolidation, SAP Business Warehouse,...

9.9CVSS5.9AI score0.00501EPSS
Exploits2References1
Positive Technologies
Positive Technologiesadded 2026/04/14 12:0 a.m.1 views

PT-2026-32560

Name of the Vulnerable Software and Affected Versions SAP Business Planning and Consolidation affected versions not specified SAP Business Warehouse affected versions not specified Description Insufficient authorization checks in SAP Business Planning and Consolidation and SAP Business Warehouse...

9.9CVSS6.3AI score0.00501EPSS
Exploits0References20
RedhatCVE
RedhatCVEadded 2026/01/09 9:26 a.m.7 views

CVE-2023-31407

SAP Business Planning and Consolidation - versions 740, 750, allows an authorized attacker to upload a malicious file, resulting in Cross-Site Scripting vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application...

5.4CVSS6.4AI score0.00345EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2020-27518

Malware in sbrugna...

5.4CVSS6AI score0.00603EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-27934

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00345EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-35718

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00345EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-27199

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00296EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-44477

Malicious code in bioql PyPI...

8.5CVSS6.6AI score0.00573EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/09/11 3:19 a.m.3 views

CVE-2025-42930

SAP Business Planning and Consolidation allows an authenticated standard user to call a function module by crafting specific parameters that causes a loop, consuming excessive resources and resulting in system unavailability. This leads to high impact on the availability of the application, there...

6.5CVSS6.5AI score0.00296EPSS
Exploits0References1
NVD
NVDadded 2025/09/09 2:15 a.m.3 views

CVE-2025-42930

SAP Business Planning and Consolidation allows an authenticated standard user to call a function module by crafting specific parameters that causes a loop, consuming excessive resources and resulting in system unavailability. This leads to high impact on the availability of the application, there...

6.5CVSS0.00296EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/09/09 2:11 a.m.6 views

CVE-2025-42930 Denial of Service (DoS) vulnerability in SAP Business Planning and Consolidation

SAP Business Planning and Consolidation allows an authenticated standard user to call a function module by crafting specific parameters that causes a loop, consuming excessive resources and resulting in system unavailability. This leads to high impact on the availability of the application, there...

6.5CVSS0.00296EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/09/09 2:11 a.m.2 views

CVE-2025-42930 Denial of Service (DoS) vulnerability in SAP Business Planning and Consolidation

SAP Business Planning and Consolidation allows an authenticated standard user to call a function module by crafting specific parameters that causes a loop, consuming excessive resources and resulting in system unavailability. This leads to high impact on the availability of the application, there...

6.5CVSS6AI score0.00296EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/02/05 11:49 p.m.10 views

CVE-2022-41268

In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAPBW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, a transaction code reserved for the customer is used. By implementing such transaction code, a malicious user may execute unauthorized...

8.5CVSS7.2AI score0.00573EPSS
Exploits0References1
NVD
NVDadded 2024/07/09 5:15 a.m.15 views

CVE-2024-39594

SAP Business Warehouse - Business Planning and Simulation application does not sufficiently encode user controlled inputs, resulting in Reflected Cross-Site Scripting XSS vulnerability. After successful exploitation, an attacker can cause low impact on the confidentiality and integrity of the...

6.1CVSS0.00256EPSS
Exploits0References2
CNVD
CNVDadded 2023/05/18 12:0 a.m.13 views

SAP Business Planning and Consolidation Cross-Site Scripting Vulnerability (CNVD-2023-40159)

The H3C GR-1200W is a Gigabit enterprise wireless router from China's Xinhua San H3C. A buffer overflow vulnerability exists in the H3C GR-1200W MiniGRW1A0V100R006 version, which stems from the discovery of a contained stack overflow vulnerability via the function settftpupgrad. A remote attacker...

9.8CVSS7.9AI score0.00928EPSS
Exploits1References1
CNVD
CNVDadded 2023/05/15 12:0 a.m.23 views

SAP Business Planning and Consolidation Cross-Site Scripting Vulnerability (CNVD-2023-40159)

SAP Business Planning and Consolidation is a business planning and consolidation software from SAP, Germany that provides budgeting, forecasting, and financial consolidation capabilities. A cross-site scripting vulnerability exists in SAP Business Planning and Consolidation, which can be exploite...

5.4CVSS5.8AI score0.00345EPSS
Exploits0References1
NVD
NVDadded 2023/05/09 2:15 a.m.16 views

CVE-2023-31407

SAP Business Planning and Consolidation - versions 740, 750, allows an authorized attacker to upload a malicious file, resulting in Cross-Site Scripting vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application...

5.4CVSS5.3AI score0.00345EPSS
Exploits0References2
Prion
Prionadded 2023/05/09 2:15 a.m.12 views

Cross site scripting

SAP Business Planning and Consolidation - versions 740, 750, allows an authorized attacker to upload a malicious file, resulting in Cross-Site Scripting vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application...

4.9CVSS5.3AI score0.00345EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder