Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Tag: netweaver Clear
ID Title
CVE-2025-42999 KEV [KEV] Unsafe Deserialization in Sap netweaver (CVE-2025-42999)
vulnerability in Sap netweaver (CVE-2025-42999). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-31324 KEV [KEV] Unrestricted File Upload in Sap netweaver (CVE-2025-31324)
vulnerability in Sap netweaver (CVE-2025-31324). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-12637 KEV [KEV] Path Traversal in Sap netweaver (CVE-2017-12637)
path traversal in Sap netweaver (CVE-2017-12637). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-38163 KEV [KEV] Vulnerability in Sap netweaver (CVE-2021-38163)
vulnerability in Sap netweaver (CVE-2021-38163). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-2386 KEV [KEV] SQL Injection in Sap netweaver (CVE-2016-2386)
SQL injection in Sap netweaver (CVE-2016-2386). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-2388 KEV [KEV] Information Disclosure in Sap netweaver (CVE-2016-2388)
vulnerability in Sap netweaver (CVE-2016-2388). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-9563 KEV [KEV] XXE (XML External Entity) in Sap netweaver (CVE-2016-9563)
vulnerability in Sap netweaver (CVE-2016-9563). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-6287 KEV [KEV] Vulnerability in Sap netweaver (CVE-2020-6287)
vulnerability in Sap netweaver (CVE-2020-6287). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-3976 KEV [KEV] Path Traversal in Sap netweaver (CVE-2016-3976)
path traversal in Sap netweaver (CVE-2016-3976). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2015-7241 XML External Entity (XXE) vulnerability in SAP Netweaver before 7.01.
XML External Entity (XXE) vulnerability in SAP Netweaver before 7.01.
CVE-2017-9845 Vulnerability in dos (CVE-2017-9845)
vulnerability in dos (CVE-2017-9845). Risk of unauthorized operations or information disclosure.
CVE-2016-10311 Buffer Overflow in dos (CVE-2016-10311)
vulnerability in dos (CVE-2016-10311). Successful exploitation can lead to full system takeover.
CVE-2017-5372 Information Disclosure in sap (CVE-2017-5372)
vulnerability in sap (CVE-2017-5372). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →