A Microsoft senior software engineer named Alice Vinogradova has ported a database she wrote in SAP’s ABAP language to the venerable Z80 processor that powered the Sinclair ZX Spectrum – and marveled ...

全球数十万企业使用的SAP GUI界面被曝存在安全缺陷，其Windows（CVE-2025-0055）和Java（CVE-2025-0056）版本的用户输入历史记录功能采用过时加密或完全不加密的方式存储敏感数据。Pathlock研究员Jonathan Stross与Fortinet的Julian Petersohn发现，该系统本地存储的用户名、身份证 ...

SAP SE today addressed two newly disclosed vulnerabilities in its SAP Graphical User Interface client applications following their discovery in coordinated research by Pathlock Inc. and Fortinet Inc.

Newly disclosed vulnerabilities in SAP GUI for Windows and Java store user data with outdated or no encryption, posing compliance and breach risks for enterprises. SAP GUI, a trusted interface for ...

Two vulnerabilities in SAP’s Graphical User Interface (SAP GUI) input history feature have been disclosed, revealing weaknesses in how sensitive user data is stored locally. The issues, discovered by ...

Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could have enabled attackers to ...

Microsoft on Tuesday announced that it's extending Windows 10 Extended Security Updates (ESU) for an extra year by letting users either pay a small fee of $30 or by sync their PC settings to the cloud ...

A critical vulnerability in Microsoft’s Entra ID still exposes a wide range of enterprise applications two years after it was discovered. Semperis, an identity security provider, shared new findings ...

I have heard about modern browser based user interfaces - and use Eclipse IDE every day at work - but I believe that for a few things, especially as a developer, SAP GUI is still a better user ...

Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload vulnerability that allows attackers to hijack servers. SAP ...

The unrestricted file upload flaw is likely being exploited by an initial access broker to deploy JSP web shells that grant full access to servers and allow installing additional malware payloads.