Lucene search
+L

22 matches found

CVE
CVE
added 2026/06/09 12:20 a.m.136 views

CVE-2026-27671

Technical details about CVE-2026-27671 are not publicly available in the provided documents. Monitor for updates from SAP/security advisories.

9.8CVSS5.5AI score0.00437EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-47534

Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server ABAP and ABAP Platform affected versions not specified Description An authenticated attacker with normal privileges can obtain a valid signed message and send modified signed XML documents to the verifier. This...

9.9CVSS5.4AI score0.00231EPSS
Exploits0References26
EUVD
EUVD
added 2026/03/10 6:31 p.m.7 views

EUVD-2026-10442

Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the database configuration table of the ABAP system. This unauthorized content change could lead to reduced...

6.4CVSS5.9AI score0.00205EPSS
Exploits0References3
NVD
NVD
added 2026/03/10 5:35 p.m.4 views

CVE-2026-24309

Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the database configuration table of the ABAP system. This unauthorized content change could lead to reduced...

6.4CVSS0.00205EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.9 views

SAP NetWeaver Application Server for ABAP 安全漏洞

SAP NetWeaver Application Server for ABAP is a core application server platform developed by the German company SAP. There is a security vulnerability in SAP NetWeaver Application Server for ABAP, which stems from the lack of authorization checks. This vulnerability may lead to the reading,...

6.4CVSS5.8AI score0.00205EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.7 views

PT-2025-41836

Name of the Vulnerable Software and Affected Versions SAP Application Server for ABAP affected versions not specified Description An authenticated attacker can store malicious JavaScript payloads. These payloads could be executed in a victim user's browser when accessing the affected functionalit...

5.4CVSS6AI score0.00211EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/08/12 2:8 a.m.1 views

CVE-2025-42948 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Platform

Due to a Cross-Site Scripting XSS vulnerability in SAP NetWeaver ABAP Platform, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated user clicks on this link, the injected input is processed during the website�s page generation, resultin...

6.1CVSS6AI score0.0022EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.4 views

SAP S/4HANA Cloud Private 代码注入漏洞

SAP S/4HANA Cloud Private is a private cloud-deployed, enterprise-grade, intelligent ERP suite based on in-memory computing architecture from SAP, Germany. A code injection vulnerability exists in SAP S/4HANA Cloud Private, which stems from a lack of input validation and authorization checking an...

8.3CVSS7.1AI score0.00414EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.11 views

PT-2025-15377 · Sap · Sap Netweaver

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver affected versions not specified Description: The issue allows an attacker to bypass authorization checks, enabling them to view portions of ABAP code that would normally require additional validation. Once connected to the ABAP...

4.3CVSS6.3AI score0.00335EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.7 views

The vulnerability of SAP NetWeaver Application Server ABAP and ABAP Platform software integration platforms, related to information leakage in error messages, allows attackers to gain unauthorized access to protected information.

The vulnerability of SAP NetWeaver Application Server ABAP and ABAP Platform software integration platforms is related to the leakage of information in error messages. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

5.3CVSS5.4AI score0.00331EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/12/23 12:0 a.m.6 views

The vulnerability of the software for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP lies in the absence of an authentication procedure, which allows attackers to increase their privileges.

The vulnerability of the software used for developing and executing applications in the ABAP language of SAP NetWeaver Application Server is related to the absence of an authentication process. Exploiting this vulnerability allows a malicious actor to increase their privileges remotely...

4.3CVSS5.4AI score0.00272EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/07/11 12:0 a.m.11 views

SAP NetWeaver Application Server 授权问题漏洞

SAP NetWeaver Application Server is an application server from SAP, Germany. An authorization issue vulnerability exists in SAP NetWeaver Application Server ABAP and ABAP Platform, which arises from performing incorrect authentication checks for functions that require a user's identity under...

7.4CVSS7.3AI score0.00392EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/02/14 12:0 a.m.5 views

SAP NetWeaver AS 跨站脚本漏洞

SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but is also the basic platform for SAP software. A cross-site scripting vulnerability exists in SAP NetWeaver AS ABAP BSP Framework versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755,...

6.1CVSS5.9AI score0.00388EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/11/09 12:0 a.m.5 views

SAP AS ABAP 授权问题漏洞

SAP AS ABAP is a development tool for SAP software from SAP, a German company. An authorization issue vulnerability exists in SAP AS ABAP Platform, which arises from a lack of authorization checking in the product and can be exploited by remote attackers to compromise an affected system...

8.1CVSS7.6AI score0.00734EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/10/12 12:0 a.m.6 views

SAP NetWeaver AS 资源管理错误漏洞

SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but is also the basic platform for SAP software. A security vulnerability exists in SAP NetWeaver AS ABAP and ABAP Platform versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 75...

7.5CVSS7.4AI score0.01069EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/07/13 12:0 a.m.5 views

SAP NetWeaver AS ABAP 安全漏洞

SAP NetWeaver AS ABAP Business Server is an application server for ABAP Advanced Business Application Programming from SAP, Germany. A security vulnerability exists in SAP NetWeaver AS ABAP and ABAP Platform, which stems from an information disclosure in the product. The following products and...

7.5CVSS6.9AI score0.00935EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/04/21 12:0 a.m.10 views

The vulnerability of the ABAP Server component of the SAP NetWeaver software integration platform allows a hacker to inject arbitrary code.

The vulnerability of the ABAP Server component of the SAP NetWeaver software integration platform is related to incorrect code generation management. Exploiting this vulnerability allows a malicious actor to inject arbitrary code remotely...

8.7CVSS7.6AI score0.01327EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2020/12/15 12:0 a.m.6 views

SAP NetWeaver AS ABAP Cross-Site Scripting Vulnerability (CNVD-2021-03703)

SAP NetWeaver AS ABAP Business Server is an application server for ABAP Advanced Business Application Programming from SAP, Germany. A security vulnerability exists in SAP NetWeaver AS ABAP that stems from a failure to adequately encode URLs, allowing an attacker to enter malicious java script in...

6.1CVSS5.9AI score0.00813EPSS
Exploits0References1
CNVD
CNVD
added 2020/08/18 12:0 a.m.5 views

SAP NetWeaver AS ABAP and ABAP Platform Code Injection Vulnerability

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A code injection vulnerability exists in SAP NetWeaver AS ABAP and ABAP Platform, which can be exploited by an...

8.8CVSS7.5AI score0.01327EPSS
Exploits0References1
CNVD
CNVD
added 2019/02/15 12:0 a.m.3 views

Unspecified Vulnerability in SAP ABAP

SAP Netweaver is a set of service-oriented integrated application platform from SAP, which provides a development and runtime environment for SAP applications. The platform provides a development and runtime environment for SAP applications, and ABAP is an application server that runs in NetWeave...

8.8CVSS6.8AI score0.0139EPSS
Exploits0References1
Rows per page
Query Builder