CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

112 matches found

NVD•added 2026/04/14 1:16 a.m.•1 views

CVE-2026-34256

Due to a missing authorization check in SAP ERP and SAP S/4HANA Private Cloud and On-Premise, an authenticated attacker could execute a particular ABAP report to overwrite any existing eight?character executable ABAP report without authorization. If the overwritten report is subsequently executed...

7.1CVSS0.00047EPSS

Exploits0References2

Cvelist•added 2026/04/14 12:8 a.m.•20 views

CVE-2026-34256 Missing Authorization check in SAP ERP and SAP S/4 HANA (Private Cloud and On-Premise)

7.1CVSS0.00047EPSS

Exploits0References2

CVE•added 2026/03/10 12:18 a.m.•5 views

CVE-2026-27687

CVE-2026-27687: A missing authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal allows a user with high privileges to access another company’s sensitive data. Root cause: lack of authorization validation. Impact: High confidentiality impact; no reported integrity or availabilit...

5.8CVSS5.8AI score0.00039EPSS

Exploits0References2

Vulnrichment•added 2026/01/13 1:14 a.m.•2 views

CVE-2026-0503 Missing Authorization check in in SAP ERP Central Component and SAP S/4HANA (SAP EHS Management)

Due to missing authorization check in the SAP ERP Central Component SAP ECC and SAP S/4HANA SAP EHS Management, an attacker could extract hardcoded clear-text credentials and bypass the password authentication check by manipulating user parameters. Upon successful exploitation, the attacker can...

6.4CVSS6.3AI score0.00071EPSS

Exploits0References2

Positive Technologies•added 2026/01/13 12:0 a.m.•3 views

PT-2026-2338

Name of the Vulnerable Software and Affected Versions SAP ERP Central Component SAP ECC and SAP S/4HANA SAP EHS Management affected versions not specified Description A missing authorization check in SAP ERP Central Component SAP ECC and SAP S/4HANA SAP EHS Management allows an attacker to extrac...

6.4CVSS6.5AI score0.00071EPSS

Exploits0References4

RedhatCVE•added 2026/01/07 9:51 a.m.•3 views

CVE-2013-6284

Unspecified vulnerability in the Statutory Reporting for Insurance FSSR component in the Financial Services module for SAP ERP Central Component ECC allows attackers to execute arbitrary code via unspecified vectors, related to a "code injection vulnerability."...

7.5CVSS8.2AI score0.00612EPSS

Exploits0References1