Republican Mutiny Sinks Trump's Push to Extend Warrantless Surveillance

A post-midnight revolt in the House sank the White House's efforts to extend Section 702—a spy program the FBI has used to look into members of Congress, protesters, and political donors...

EUVD-2020-8172

Malware in sbrugna...

EUVD-2020-8170

Malware in sbrugna...

CVE-2020-16208

The affected product is vulnerable to cross-site request forgery, which may allow an attacker to modify different configurations of a device by luring an authenticated user to click on a crafted link on the N-Tron 702-W / 702M12-W all versions...

CVE-2020-16210

The affected product is vulnerable to reflected cross-site scripting, which may allow an attacker to remotely execute arbitrary code and perform actions in the context of an attacked user on the N-Tron 702-W / 702M12-W all versions...

Amazon Linux 2023 : postgresql15, postgresql15-contrib, postgresql15-llvmjit (ALAS2023-2024-702)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-702 advisory. Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. The attack...

James Bamford on Section 702 Extension

Longtime NSA-watcher James Bamford has a long article on the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act FISA...

US Senate to Vote on a Wiretap Bill That Critics Call ‘Stasi-Like’

A controversial bill reauthorizing the Section 702 spy program may force whole new categories of businesses to eavesdrop on the US government’s behalf, including on fellow Americans...

House Votes to Extend—and Expand—a Major US Spy Program

The US House of Representatives voted on Friday to extend the Section 702 spy program. It passed without an amendment that would have required the FBI to obtain a warrant to access Americans’ information...

Trump Loyalists Kill Vote on US Wiretap Program

An attempt to reauthorize Section 702, the so-called crown jewel of US spy powers, failed for a third time in the House of Representatives after former president Donald Trump criticized the law...

Sinking Section 702 Wiretap Program Offered One Last Lifeboat

For months, US lawmakers have examined every side of a historic surveillance debate. With the introduction of the SAFE Act, all that’s left to do now is vote...

Congress Clashes Over the Future of America’s Section 702 Spy Program

Competing bills moving through the House of Representatives both reauthorize Section 702 surveillance—but they pave very different paths forward for Americans’ privacy and civil liberties...

US Congress Report Calls for Privacy Reforms After FBI Surveillance 'Abuses'

A new report by an oversight committee in the US House of Representatives says the FBI has routinely violated rules governing FISA’s Section 702 surveillance program and must be reined in...

CVE-2023-40624

SAP NetWeaver AS ABAP applications based on Unified Rendering - versions SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, SAPBASIS 702, SAPBASIS 731, allows an attacker to inject JavaScript code that can be executed in the web-application. An attacker could thereby control the behavior of...

Of sharks, surveillance, and spied-on emails: This is Section 702, with Matthew Guariglia

In the United States, when the police want to conduct a search on a suspected criminal, they must first obtain a search warrant. It is one of the foundational rights given to US persons under the Constitution, and a concept that has helped create the very idea of a right to privacy at home and...

CVE-2023-33986 Cross-Site Scripting (XSS) vulnerability in SAP CRM ABAP (Grantor Management)

SAP CRM ABAP Grantor Management - versions 700, 701, 702, 712, 713, 714, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the applicatio...

CVE-2023-33986

CVE-2023-33986 affects SAP CRM ABAP (Grantor Management) versions 700–714. The root cause is insufficient encoding of user-controlled inputs, leading to a Cross-Site Scripting (XSS) vulnerability. Exploitation can result in a limited impact on confidentiality and integrity of the application (no ...

PT-2023-3748 · Sap · Sap Netweaver

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Change and Transport System versions 702 through 757 Description: The issue is related to a lack of resource control mechanism in the Change and Transport System component of SAP NetWeaver. This allows an authenticated user with...

SAP NetWeaver Application Server 资源管理错误漏洞

SAP NetWeaver Application Server is an application server from SAP, Germany. A resource management error vulnerability exists in SAP NetWeaver Application Server, which stems from the presence of an error handling class, and can be exploited by an attacker to consume the server's resources to mak...

Debian: Security Advisory (DLA-702)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...