PT-2026-47534

Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server ABAP and ABAP Platform affected versions not specified Description An authenticated attacker with normal privileges can obtain a valid signed message and send modified signed XML documents to the verifier. This...

EUVD-2026-10442

Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the database configuration table of the ABAP system. This unauthorized content change could lead to reduced...

CVE-2026-24309

Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the database configuration table of the ABAP system. This unauthorized content change could lead to reduced...

CVE-2025-42904 Information Disclosure vulnerability in Application Server ABAP

Due to an Information Disclosure vulnerability in Application Server ABAP, an authenticated attacker could read unmasked values displayed in ABAP Lists. Successful exploitation could lead to unauthorized disclosure of data, resulting in a high impact on confidentiality without affecting integrity...

SAP S/4HANA Cloud Private 代码注入漏洞

SAP S/4HANA Cloud Private is a private cloud-deployed, enterprise-grade, intelligent ERP suite based on in-memory computing architecture from SAP, Germany. A code injection vulnerability exists in SAP S/4HANA Cloud Private, which stems from a lack of input validation and authorization checking an...

PT-2025-15377 · Sap · Sap Netweaver

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver affected versions not specified Description: The issue allows an attacker to bypass authorization checks, enabling them to view portions of ABAP code that would normally require additional validation. Once connected to the ABAP...

The vulnerability of SAP NetWeaver Application Server ABAP and ABAP Platform software integration platforms, related to information leakage in error messages, allows attackers to gain unauthorized access to protected information.

The vulnerability of SAP NetWeaver Application Server ABAP and ABAP Platform software integration platforms is related to the leakage of information in error messages. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the software for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP lies in the absence of an authentication procedure, which allows attackers to increase their privileges.

The vulnerability of the software used for developing and executing applications in the ABAP language of SAP NetWeaver Application Server is related to the absence of an authentication process. Exploiting this vulnerability allows a malicious actor to increase their privileges remotely...

SAP AS ABAP 授权问题漏洞

SAP AS ABAP is a development tool for SAP software from SAP, a German company. An authorization issue vulnerability exists in SAP AS ABAP Platform, which arises from a lack of authorization checking in the product and can be exploited by remote attackers to compromise an affected system...

SAP NetWeaver AS 资源管理错误漏洞

SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but is also the basic platform for SAP software. A security vulnerability exists in SAP NetWeaver AS ABAP and ABAP Platform versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 75...

SAP NetWeaver AS ABAP 安全漏洞

SAP NetWeaver AS ABAP Business Server is an application server for ABAP Advanced Business Application Programming from SAP, Germany. A security vulnerability exists in SAP NetWeaver AS ABAP and ABAP Platform, which stems from an information disclosure in the product. The following products and...

SAP NetWeaver AS ABAP Cross-Site Scripting Vulnerability (CNVD-2021-03703)

SAP NetWeaver AS ABAP Business Server is an application server for ABAP Advanced Business Application Programming from SAP, Germany. A security vulnerability exists in SAP NetWeaver AS ABAP that stems from a failure to adequately encode URLs, allowing an attacker to enter malicious java script in...

PwC ACE-ABAP Remote Code Execution Vulnerability

ACE Automated Controls Evaluator is a tool developed by PwC PricewaterhouseCoopers that can be used to analyze SAP security settings to discern privileged access and potential segregation of duties.ABAP Advanced Business Application Programming. A remote code execution vulnerability exists in PwC...

stoneware webnetwork6 - Multiple Vulnerabilities

Stoneware WebNetwork6 Vulnerability Assessment CVE-2012-0285 – XSS CVE-2012-0286 - CSRF Conducted by: Leland Public Schools Stoneware Customer Jacob Holcomb Network Engineer for LPS Conducted for: Leland Public Schools Purchaser of WebNetwork product. Test was to assure cloud security Stoneware...

stoneware webnetwork6 - Multiple Vulnerabilities

stoneware webnetwork6 - Multiple Vulnerabilities Stoneware WebNetwork6 Vulnerability Assessment CVE-2012-0285 – XSS CVE-2012-0286 - CSRF Conducted by: Leland Public Schools Stoneware Customer Jacob Holcomb Network Engineer for LPS Conducted for: Leland Public Schools Purchaser of WebNetwork...