Malicious code in elf-stats-candystriped-bauble-740 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 214abc58af16ef2f2158bd3fb8d4a66df3bd15d15d2780f300231fccc082a457 The package elf-stats-candystriped-bauble-740 was found to contain malicious code...

MAL-2025-192474 Malicious code in elf-stats-candystriped-bauble-740 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 214abc58af16ef2f2158bd3fb8d4a66df3bd15d15d2780f300231fccc082a457 The package elf-stats-candystriped-bauble-740 was found to contain malicious code...

EUVD-2025-202835

Malicious code in elf-stats-candystriped-bauble-740 npm...

CVE-2023-28763

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters which can consume the server's resources sufficiently to make it unavailable over the...

CVE-2023-31407

SAP Business Planning and Consolidation - versions 740, 750, allows an authorized attacker to upload a malicious file, resulting in Cross-Site Scripting vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application...

SAP NetWeaver Application Server 资源管理错误漏洞

SAP NetWeaver Application Server is an application server from SAP, Germany. A resource management error vulnerability exists in SAP NetWeaver Application Server, which stems from the presence of an error handling class, and can be exploited by an attacker to consume the server's resources to mak...

PT-2023-21400 · Sap · Abap +1

Name of the Vulnerable Software and Affected Versions: SAP Solution Manager and ABAP managed systems ST-PI versions 2088 1 700, 2008 1 710, 740 Description: An attacker authenticated as a user with a non-administrative role and a common remote execution authorization can use a vulnerable interfac...

USN-5877-1: Linux kernel (GKE) vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

CVE-2023-23860

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a link, which when clicked by an unsuspecting user can be used to redirect a user to a malicious site which could read or modify some sensitive...

SAP NetWeaver AS 跨站脚本漏洞

SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but also the basic platform for SAP software. A cross-site scripting vulnerability exists in SAP NetWeaver AS for ABAP and ABAP Platform versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789,...

Ubuntu: Security Advisory (USN-5790-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5792-1: Linux kernel vulnerabilities

Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization SEV. A local attacker could possibly use this to cause a denial of service host system crash. CVE-2022-0171 It was discovered th...

Design/Logic Flaw

In SAP Solution Manager Enterprise Search - versions 740, and 750, an unauthenticated attacker can generate a link that, if clicked by a logged-in user, can be redirected to a malicious page that could read or modify sensitive information, or expose the user to a phishing attack, with little impa...

PT-2022-25783 · Sap · Sap Solution Manager

Name of the Vulnerable Software and Affected Versions: SAP Solution Manager Enterprise Search versions 740, and 750 Description: An unauthenticated attacker can generate a link that, if clicked by a logged-in user, can be redirected to a malicious page. This could potentially read or modify...

Manipulated inline images can cause Infinite Loop in PyPDF2

Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 user wrote the following code: python from PyPDF2 import PdfFileReader, PdfFileWriter from PyPDF2.pdf import ContentStream reader = PdfFileReader"malicious.pdf", strict=False for page in...

CVE-2021-21473

CVE-2021-21473 affects SAP NetWeaver AS ABAP and ABAP Platform versions 700, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755. The issue is in function module SRM_RFC_SUBMIT_REPORT which fails to validate authorization of an authenticated user, allowing an unauthorized user to execute r...

CVE-2020-26835

SAP NetWeaver AS ABAP (versions 740–754) is affected by a reflected XSS due to insufficient URL encoding, allowing an attacker to inject JavaScript via the URL and execute it in the browser. This is described in CNVD-2021-03703 and PT-2020-16518, which note the root cause as improper URL encoding...

PT-2020-16518 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP versions 740 through 754 Description: The issue arises from insufficient URL encoding, allowing an attacker to input malicious JavaScript in the URL. This could result in the execution of the malicious script in the...

SAP NetWeaver AS ABAP Information Disclosure Vulnerability (CNVD-2020-65558)

SAP NetWeaver AS ABAP Business Server is an application server for ABAP Advanced Business Application Programming from SAP, Germany. An information disclosure vulnerability exists in SAP NetWeaver Application Server ABAP POWL test application versions 710, 711, 730, 731, 740, and 750. An attacker...

Information disclosure

SAP NetWeaver ABAP Server and ABAP Platform, versions 731, 740, 750, allows an attacker with admin privileges to access certain files which should otherwise be restricted, leading to Information Disclosure...