Latest Vulnerabilities Affecting SAP products

Date CVE Title CVSS
2019-04-10 CVE-2019-0283 Improper Access Control vulnerability in SAP Netweaver Process Integration Medium
2019-04-10 CVE-2019-0279 Improper Authorization vulnerability in SAP Business Application Software Integrated Solution 7.31/7.40 Medium
2019-04-10 CVE-2019-0282 Information Leak / Disclosure vulnerability in SAP Netweaver Process Integration Medium
2019-04-10 CVE-2019-0284 Improper Restriction of XML External Entity Reference ('XXE') vulnerability in SAP Hana 1.0/2.0 Low
2019-04-10 CVE-2019-0278 Information Leak / Disclosure vulnerability in SAP Netweaver Process Integration Medium
2019-04-10 CVE-2019-0285 Information Leak / Disclosure vulnerability in SAP Crystal Reports 2010 Medium
2019-03-12 CVE-2019-0270 Permissions, Privileges, and Access Control vulnerability in SAP and products Medium
2019-03-12 CVE-2019-0274 Resource Management Errors vulnerability in SAP Mobile Platform SDK 3.0 Medium
2019-03-12 CVE-2019-0268 XML Injection (aka Blind XPath Injection) vulnerability in SAP Businessobjects Business Intelligence 4.1/4.2/4.3 Medium
2019-03-12 CVE-2019-0275 Cross-Site Scripting (XSS) vulnerability in SAP Netweaver Java Application Server Low
2019-03-12 CVE-2019-0276 Improper Authorization vulnerability in SAP Banking Services From SAP and S/4Hana Financial Products Subledger Medium
2019-03-12 CVE-2019-0269 Cross-Site Scripting (XSS) vulnerability in SAP Businessobjects Business Intelligence 4.10/4.20 Low
2019-03-12 CVE-2019-0271 Improper Restriction of XML External Entity Reference ('XXE') vulnerability in SAP Advanced Business Application Programming Platform and SAP Kernel Medium
2019-03-12 CVE-2019-0277 Improper Restriction of XML External Entity Reference ('XXE') vulnerability in SAP Hana Extended Application Services 1.0 Medium
2019-02-15 CVE-2019-0256 Information Leak / Disclosure vulnerability in SAP Business ONE 1.2.12 Low