22 matches found
CVE-2026-27671
Technical details about CVE-2026-27671 are not publicly available in the provided documents. Monitor for updates from SAP/security advisories.
PT-2026-47534
Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server ABAP and ABAP Platform affected versions not specified Description An authenticated attacker with normal privileges can obtain a valid signed message and send modified signed XML documents to the verifier. This...
EUVD-2026-10442
Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the database configuration table of the ABAP system. This unauthorized content change could lead to reduced...
CVE-2026-24309
Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the database configuration table of the ABAP system. This unauthorized content change could lead to reduced...
SAP NetWeaver Application Server for ABAP 安全漏洞
SAP NetWeaver Application Server for ABAP is a core application server platform developed by the German company SAP. There is a security vulnerability in SAP NetWeaver Application Server for ABAP, which stems from the lack of authorization checks. This vulnerability may lead to the reading,...
PT-2025-41836
Name of the Vulnerable Software and Affected Versions SAP Application Server for ABAP affected versions not specified Description An authenticated attacker can store malicious JavaScript payloads. These payloads could be executed in a victim user's browser when accessing the affected functionalit...
CVE-2025-42948 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Platform
Due to a Cross-Site Scripting XSS vulnerability in SAP NetWeaver ABAP Platform, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated user clicks on this link, the injected input is processed during the website�s page generation, resultin...
SAP S/4HANA Cloud Private 代码注入漏洞
SAP S/4HANA Cloud Private is a private cloud-deployed, enterprise-grade, intelligent ERP suite based on in-memory computing architecture from SAP, Germany. A code injection vulnerability exists in SAP S/4HANA Cloud Private, which stems from a lack of input validation and authorization checking an...
PT-2025-15377 · Sap · Sap Netweaver
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver affected versions not specified Description: The issue allows an attacker to bypass authorization checks, enabling them to view portions of ABAP code that would normally require additional validation. Once connected to the ABAP...
The vulnerability of SAP NetWeaver Application Server ABAP and ABAP Platform software integration platforms, related to information leakage in error messages, allows attackers to gain unauthorized access to protected information.
The vulnerability of SAP NetWeaver Application Server ABAP and ABAP Platform software integration platforms is related to the leakage of information in error messages. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the software for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP lies in the absence of an authentication procedure, which allows attackers to increase their privileges.
The vulnerability of the software used for developing and executing applications in the ABAP language of SAP NetWeaver Application Server is related to the absence of an authentication process. Exploiting this vulnerability allows a malicious actor to increase their privileges remotely...
SAP NetWeaver Application Server 授权问题漏洞
SAP NetWeaver Application Server is an application server from SAP, Germany. An authorization issue vulnerability exists in SAP NetWeaver Application Server ABAP and ABAP Platform, which arises from performing incorrect authentication checks for functions that require a user's identity under...
SAP NetWeaver AS 跨站脚本漏洞
SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but is also the basic platform for SAP software. A cross-site scripting vulnerability exists in SAP NetWeaver AS ABAP BSP Framework versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755,...
SAP AS ABAP 授权问题漏洞
SAP AS ABAP is a development tool for SAP software from SAP, a German company. An authorization issue vulnerability exists in SAP AS ABAP Platform, which arises from a lack of authorization checking in the product and can be exploited by remote attackers to compromise an affected system...
SAP NetWeaver AS 资源管理错误漏洞
SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but is also the basic platform for SAP software. A security vulnerability exists in SAP NetWeaver AS ABAP and ABAP Platform versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 75...
SAP NetWeaver AS ABAP 安全漏洞
SAP NetWeaver AS ABAP Business Server is an application server for ABAP Advanced Business Application Programming from SAP, Germany. A security vulnerability exists in SAP NetWeaver AS ABAP and ABAP Platform, which stems from an information disclosure in the product. The following products and...
The vulnerability of the ABAP Server component of the SAP NetWeaver software integration platform allows a hacker to inject arbitrary code.
The vulnerability of the ABAP Server component of the SAP NetWeaver software integration platform is related to incorrect code generation management. Exploiting this vulnerability allows a malicious actor to inject arbitrary code remotely...
SAP NetWeaver AS ABAP Cross-Site Scripting Vulnerability (CNVD-2021-03703)
SAP NetWeaver AS ABAP Business Server is an application server for ABAP Advanced Business Application Programming from SAP, Germany. A security vulnerability exists in SAP NetWeaver AS ABAP that stems from a failure to adequately encode URLs, allowing an attacker to enter malicious java script in...
SAP NetWeaver AS ABAP and ABAP Platform Code Injection Vulnerability
SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A code injection vulnerability exists in SAP NetWeaver AS ABAP and ABAP Platform, which can be exploited by an...
Unspecified Vulnerability in SAP ABAP
SAP Netweaver is a set of service-oriented integrated application platform from SAP, which provides a development and runtime environment for SAP applications. The platform provides a development and runtime environment for SAP applications, and ABAP is an application server that runs in NetWeave...