Known vulnerabilities in SAP SAP NetWeaver

Vendor: SAP
Website: https://www.sap.com/
Total Security Bulletins: 25

Security bulletins (25)

Secuity bulletin Severity Status Published
SB2025120912: Denial of service in SAP NetWeaver Low
Patched
09.12.2025
SB2025101737: Improper authorization in SAP NetWeaver Medium
Patched
17.10.2025
SB2025090911: Remote code execution in SAP Netweaver RMI-P4 Critical
Patched
09.09.2025
SB2025070811: Multiple vulnerabilities in SAP NetWeaver Medium
Patched
08.07.2025
SB2025061013: Multiple vulnerabilities in SAP NetWeaver Low
Patched
10.06.2025
SB2025051317: Authenticated code execution in SAP NetWeaver Medium
Patched Exploited
13.05.2025
SB2025042521: Arbitrary file upload in SAP NetWeaver Visual Composer Metadata Uploader Critical
Patched Exploited
25.04.2025
SB2023091313: Improper access control in SAP NetWeaver Guided Procedures Low
Patched
13.09.2023
SB2023072753: Path traversal in SAP NetWeaver Low
Patched
27.07.2023
SB2023072749: Multiple vulnerabilities in SAP NetWeaver Low
Patched
27.07.2023
SB2023041430: Path traversal in SAP NetWeaver Low
Patched
14.04.2023
SB2021091412: Arbitrary file upload in SAP NetWeaver Medium
Patched Exploited
14.09.2021
SB2021081310: Open redirect in SAP NetWeaver Low
Patched
13.08.2021
SB2020120814: Information disclosure in SAP NetWeaver AS Java Low
Patched
08.12.2020
SB2020120813: Cross-site scripting in SAP NetWeaver AS ABAP Medium
Patched
08.12.2020
SB2020120810: Denial of service in SAP NetWeaver Application Server for Java Medium
Patched
08.12.2020
SB2020120806: Authentication bypass in SAP NetWeaver AS JAVA High
Patched
08.12.2020
SB2020091108: Code injection in SAP NetWeave and ABAP Platform High
Patched
11.09.2020
SB2020091105: Cross-site scripting in SAP NetWeaver AS Java Medium
Not patched
11.09.2020
SB2020071403: Multiple vulnerabilities in SAP NetWeaver High
Patched Exploited
14.07.2020


Showing elements 1 - 20 out of 25