SAP NetWeaver Vulnerabilities
Fix SAP NetWeaver on Windows Server
10 entries · Windows Server · Sorted by severity
Showing 1–10 of 10 results
| Severity | Title | CVSS | |||||
|---|---|---|---|---|---|---|---|
| Active exploitation | CRITICALCISA KEV | SAP NetWeaver Deserialization VulnerabilitySAP NetWeaver | CVE-2025-42999 | 9.1 | In the wild | Reboot Required | Script |
| Active exploitation | CRITICALCISA KEV | SAP NetWeaver Unrestricted File Upload VulnerabilitySAP NetWeaver | CVE-2025-31324 | 10.0 | In the wild | Reboot Required | Script |
| Active exploitation | CRITICALCISA KEV | SAP NetWeaver Unrestricted File Upload VulnerabilitySAP NetWeaver | CVE-2021-38163 | 9.9 | In the wild | Reboot Required | Script |
| Active exploitation | CRITICALCISA KEV | SAP NetWeaver SQL Injection VulnerabilitySAP NetWeaver | CVE-2016-2386 | 9.8 | In the wild | Reboot Required | Script |
| Active exploitation | CRITICALCISA KEV | SAP NetWeaver Remote Code Execution VulnerabilitySAP NetWeaver | CVE-2010-5326 | 10.0 | In the wild | Reboot Required | Script |
| Active exploitation | CRITICALCISA KEV | SAP NetWeaver Missing Authentication for Critical Function VulnerabilitySAP NetWeaver | CVE-2020-6287 | 10.0 | In the wild | Reboot Required | Script |
| Active exploitation | HIGHCISA KEV | SAP NetWeaver Directory Traversal VulnerabilitySAP NetWeaver | CVE-2017-12637 | 7.5 | In the wild | Reboot Required | Script |
| Active exploitation | HIGHCISA KEV | SAP NetWeaver Directory Traversal VulnerabilitySAP NetWeaver | CVE-2016-3976 | 7.5 | In the wild | Reboot Required | Script |
| Active exploitation | MEDIUMCISA KEV | SAP NetWeaver Information Disclosure VulnerabilitySAP NetWeaver | CVE-2016-2388 | 5.3 | In the wild | Reboot Required | Script |
| Active exploitation | MEDIUMCISA KEV | SAP NetWeaver XML External Entity (XXE) VulnerabilitySAP NetWeaver | CVE-2016-9563 | 6.5 | In the wild | Reboot Required | Script |