Skip to main content
CVE-2025-42941 LOW Monitor

SAP Fiori (Launchpad) is vulnerable to Reverse Tabnabbing vulnerability due to inadequate external navigation protections for its link (<a>) elements. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2025-42936 MEDIUM PATCH This Month

The SAP NetWeaver Application Server for ABAP does not enable an administrator to assign distinguished authorizations for different user roles, this issue allows authenticated users to access. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

SAP Privilege Escalation Sap Basis
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-42935 MEDIUM Monitor

The SAP NetWeaver Application Server ABAP and ABAP Platform Internet Communication Manager (ICM) permits authorized users with admin privileges and local access to log files to read sensitive. Rated medium severity (CVSS 4.1). No vendor patch available.

SAP Information Disclosure
NVD
CVSS 3.1
4.1
EPSS
0.0%
CVE-2025-42934 MEDIUM Monitor

SAP S/4HANA Supplier invoice is vulnerable to CRLF Injection. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP
NVD
CVSS 3.1
4.3
EPSS
0.0%
Prev Page 8 of 8

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy