MiracleLinux 7 : audiofile-0.3.6-9.el7 (AXSA:2020-752:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-752:01 advisory. audiofile: Heap-based buffer overflow in Expand3To4Module::run when running sfconvert CVE-2018-17095 audiofile: NULL pointer dereference in...

EUVD-2025-202838

Malicious code in elf-stats-aurora-sparkler-752 npm...

MAL-2025-192471 Malicious code in elf-stats-aurora-sparkler-752 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 712e5cccbd59e63cb9aee0597079481a2ba87f03de7fad787193dafecbbbda8a The package elf-stats-aurora-sparkler-752 was found to contain malicious code...

Malicious code in elf-stats-aurora-sparkler-752 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 712e5cccbd59e63cb9aee0597079481a2ba87f03de7fad787193dafecbbbda8a The package elf-stats-aurora-sparkler-752 was found to contain malicious code...

CVE-2023-28763

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters which can consume the server's resources sufficiently to make it unavailable over the...

SAP NetWeaver Application Server 资源管理错误漏洞

SAP NetWeaver Application Server is an application server from SAP, Germany. A resource management error vulnerability exists in SAP NetWeaver Application Server, which stems from the presence of an error handling class, and can be exploited by an attacker to consume the server's resources to mak...

CVE-2021-21473

CVE-2021-21473 affects SAP NetWeaver AS ABAP and ABAP Platform versions 700, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755. The issue is in function module SRM_RFC_SUBMIT_REPORT which fails to validate authorization of an authenticated user, allowing an unauthorized user to execute r...

CVE-2020-26835

SAP NetWeaver AS ABAP (versions 740–754) is affected by a reflected XSS due to insufficient URL encoding, allowing an attacker to inject JavaScript via the URL and execute it in the browser. This is described in CNVD-2021-03703 and PT-2020-16518, which note the root cause as improper URL encoding...

CVE-2020-26825

SAP Fiori Launchpad News tile Application, versions - 750,751,752,753,754,755, allows an unauthorized attacker to use SAP Fiori Launchpad News tile Application to send malicious code, to a different end user victim, because News tile does not sufficiently encode user controlled inputs, resulting ...

CVE-2020-6270

SAP NetWeaver AS ABAP Banking Services, versions - 710, 711, 740, 750, 751, 752, 75A, 75B, 75C, 75D, 75E, does not perform necessary authorization checks for an authenticated user due to Missing Authorization Check, allowing wrong and unexpected change of individual conditions by a malicious user...

PT-2020-19014 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754 Description: The issue allows an attacker to redirect users to a malicious site due to insufficient URL...

Amazon Linux AMI : GraphicsMagick (ALAS-2016-752)

A possible heap overflow was discovered in the EscapeParenthesis function CVE-2016-7447. Various issues were found in the processing of SVG files in GraphicsMagick CVE-2016-7446. The TIFF reader had a bug pertaining to use of TIFFGetField when a 'count' value is returned. The bug caused a heap re...

WebWasher CSM 4.4.1 Build 752 Conf Script Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13037/info It is reported that the WebWasher 'conf' script is prone to a cross-site scripting vulnerability. A remote attacker may exploit this issue to have arbitrary script and HTML code executed in the browser of a...

Ubuntu USN-752-1 (linux-source-2.6.15)

The remote host is missing an update to linux-source-2.6.15 announced via advisory USN-752-1. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed...

Debian Security Advisory DSA 752-1 (gzip)

The remote host is missing an update to gzip announced via advisory DSA 752-1. Two problems have been discovered in gzip, the GNU compression utility. The Common Vulnerabilities and Exposures project identifies the following problems. CVE-2005-0988 Imran Ghory discovered a race condition in the...

Debian DSA-752-1 : gzip - several vulnerabilities

Two problems have been discovered in gzip, the GNU compression utility. The Common Vulnerabilities and Exposures project identifies the following problems. - CAN-2005-0988 Imran Ghory discovered a race condition in the permissions setting code in gzip. When decompressing a file in a directory an...

WebWasher CSM 4.4.1 Build 752 Conf Script - Cross-Site Scripting

WebWasher CSM 4.4.1 Build 752 Conf Script - Cross-Site Scripting source: https://www.securityfocus.com/bid/13037/info It is reported that the WebWasher 'conf' script is prone to a cross-site scripting vulnerability. A remote attacker may exploit this issue to have arbitrary script and HTML code...