SAP | KEV Database

CVE-2025-42999 CRITICAL

SAP NetWeaver Deserialization Vulnerability

SAP NetWeaver

CVSS 9.1

Added May 15

CVE-2025-31324 CRITICAL Ransomware

SAP NetWeaver Unrestricted File Upload Vulnerability

SAP NetWeaver

CVSS 10

Added Apr 29

CVE-2017-12637 HIGH

SAP NetWeaver Directory Traversal Vulnerability

SAP NetWeaver

CVSS 7.5

Added Mar 19

CVE-2019-0344 CRITICAL

SAP Commerce Cloud Deserialization of Untrusted Data Vulnerability

SAP Commerce Cloud

CVSS 9.8

Added Sep 30

CVE-2022-22536 CRITICAL

SAP Multiple Products HTTP Request Smuggling Vulnerability

SAP Multiple Products

CVSS 9.8

Added Aug 18

CVE-2016-2386 CRITICAL

SAP NetWeaver SQL Injection Vulnerability

SAP NetWeaver

CVSS 9.8

Added Jun 09

CVE-2016-2388 MEDIUM

SAP NetWeaver Information Disclosure Vulnerability

SAP NetWeaver

CVSS 5.3

Added Jun 09

CVE-2021-38163 CRITICAL

SAP NetWeaver Unrestricted File Upload Vulnerability

SAP NetWeaver

CVSS 9.9

Added Jun 09

CVE-2010-5326 CRITICAL

SAP NetWeaver Remote Code Execution Vulnerability

SAP NetWeaver

CVSS 10

Added Nov 03

CVE-2016-3976 HIGH

SAP NetWeaver Directory Traversal Vulnerability

SAP NetWeaver

CVSS 7.5

Added Nov 03

CVE-2016-9563 MEDIUM

SAP NetWeaver XML External Entity (XXE) Vulnerability

SAP NetWeaver

CVSS 6.5

Added Nov 03

CVE-2018-2380 MEDIUM Ransomware

SAP Customer Relationship Management (CRM) Path Traversal Vulnerability

SAP Customer Relationship Management (CRM)

CVSS 6.6

Added Nov 03

CVE-2020-6207 CRITICAL

SAP Solution Manager Missing Authentication for Critical Function Vulnerability

SAP Solution Manager

CVSS 10

Added Nov 03

CVE-2020-6287 CRITICAL

SAP NetWeaver Missing Authentication for Critical Function Vulnerability

SAP NetWeaver

CVSS 10

Added Nov 03

By Vendor

By Product

SAP NetWeaver Deserialization Vulnerability

SAP NetWeaver Unrestricted File Upload Vulnerability

SAP NetWeaver Directory Traversal Vulnerability

SAP Commerce Cloud Deserialization of Untrusted Data Vulnerability

SAP Multiple Products HTTP Request Smuggling Vulnerability

SAP NetWeaver SQL Injection Vulnerability

SAP NetWeaver Information Disclosure Vulnerability

SAP NetWeaver Unrestricted File Upload Vulnerability

SAP NetWeaver Remote Code Execution Vulnerability

SAP NetWeaver Directory Traversal Vulnerability

SAP NetWeaver XML External Entity (XXE) Vulnerability

SAP Customer Relationship Management (CRM) Path Traversal Vulnerability

SAP Solution Manager Missing Authentication for Critical Function Vulnerability

SAP NetWeaver Missing Authentication for Critical Function Vulnerability