19 matches found
CVE-2023-28763
SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters which can consume the server's resources sufficiently to make it unavailable over the...
UBUNTU-CVE-2025-21942
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix extent range end unlock in cowfilerange Running generic/751 on the for-next branch often results in a hang like below. They are both stack by locking an extent. This suggests someone forget to unlock an extent...
CVE-2024-2103
Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection Relay, SEL-710-5...
CVE-2024-2103
CVE-2024-2103 covers an “inclusion of undocumented features” vulnerability affecting SEL relays: SEL-700BT, SEL-700G, SEL-710-5, SEL-751, SEL-787-2/ -3/ -4, and SEL-787Z. The issue arises when an attacker with privileged access can trigger undocumented features, causing the relay to behave unpred...
Input validation
Due to insufficient input sanitization, SAP ABAP - versions 751, 753, 753, 754, 756, 757, 791, allows an authenticated high privileged user to alter the current session of the user by injecting the malicious database queries over the network and gain access to the unintended data. This may lead t...
SAP NetWeaver Application Server 资源管理错误漏洞
SAP NetWeaver Application Server is an application server from SAP, Germany. A resource management error vulnerability exists in SAP NetWeaver Application Server, which stems from the presence of an error handling class, and can be exploited by an attacker to consume the server's resources to mak...
Ubuntu: Security Advisory (USN-751-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-21473
CVE-2021-21473 affects SAP NetWeaver AS ABAP and ABAP Platform versions 700, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755. The issue is in function module SRM_RFC_SUBMIT_REPORT which fails to validate authorization of an authenticated user, allowing an unauthorized user to execute r...
CVE-2020-26835
SAP NetWeaver AS ABAP (versions 740–754) is affected by a reflected XSS due to insufficient URL encoding, allowing an attacker to inject JavaScript via the URL and execute it in the browser. This is described in CNVD-2021-03703 and PT-2020-16518, which note the root cause as improper URL encoding...
CVE-2020-26825
SAP Fiori Launchpad News tile Application, versions - 750,751,752,753,754,755, allows an unauthorized attacker to use SAP Fiori Launchpad News tile Application to send malicious code, to a different end user victim, because News tile does not sufficiently encode user controlled inputs, resulting ...
CVE-2020-6270
SAP NetWeaver AS ABAP Banking Services, versions - 710, 711, 740, 750, 751, 752, 75A, 75B, 75C, 75D, 75E, does not perform necessary authorization checks for an authenticated user due to Missing Authorization Check, allowing wrong and unexpected change of individual conditions by a malicious user...
PT-2020-19014 · Sap · Sap Netweaver As Abap
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754 Description: The issue allows an attacker to redirect users to a malicious site due to insufficient URL...
flowers-roznica.ru Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1103093 Security Researcher kun-fly Helped patch 751 vulnerabilities Received 7 Coordinated Disclosure badges Received 43 recommendations , a holder of 7 badges for responsible and coordinated disclosure, found a security vulnerability affecting flowers-roznica.ru website...
CVE-2018-14781
CVE-2018-14781 affects Medtronic MiniMed MMT-500/MMT-503 Remote Controllers and related pumps (e.g., MMT-508, MMT-511/512/712, MMT-515/723, MMT-522/723 REAL-TIME, MMT-551/751, etc.). Root cause: Authentication Bypass by Capture-replay when paired with a remote controller with non-default easy bol...
Default configuration
Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G The models identified above, when paired with a remote controller and having the "easy bolus" and "remote bolus" options...
Amazon Linux: Security Advisory (ALAS-2016-751)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : bind (ALAS-2016-751)
A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. C Tenable Network Security, Inc. The...
Debian: Security Advisory (DSA-751-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-751-1 : squid - IP spoofing
The upstream developers have discovered a bug in the DNS lookup code of Squid, the popular WWW proxy cache. When the DNS client UDP port assigned by the operating system at startup is unfiltered and the network is not protected from IP spoofing, malicious users can spoof DNS lookups which could...