Security Bulletin: TSSC/IMC is vulnerable to 6 unspecified vulnerabilities in Java SE

Summary TSSC/IMC is vulnerable to 6 unspecified vulnerabilities in Java SE. The latest code level has an upgrade to the relevant libaries to fix CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20932, CVE-2024-20945, CVE-2024-20952 Vulnerability Details CVEID:CVE-2024-20918 DESCRIPTION: A...

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues

Summary Multple vulnerabilities affect IBM Sterling Secure Proxy and are addressed in the latest release and iFix Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow a remote attacker to cause high...

Security Bulletin: IBM Sterling External Authentication Server is vulnerable to multiple issues

Summary Multple vulnerabilities affect IBM Sterling External Authentication Server and are addressed in the latest iFixes Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow a remote attacker to cause high...

Security Bulletin: Multiple vulnerabilities in Open JDK affecting Rational Functional Tester / DevOps Test UI

Summary There are multiple vulnerabilities in Open JDK used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21208 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK,...

PT-2024-22121 · Sap · Sap Abap Platform

Name of the Vulnerable Software and Affected Versions: SAP ABAP Platform versions 758, 795 Description: The issue is due to a missing authorization check, allowing an attacker with a business user account to change the privacy setting of job templates from shared to private, making the selected...

CVE-2023-49584

SAP Fiori launchpad - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, UI700 200, SAPBASIS 793, allows an attacker to use HTTP verb POST on read-only service causing low impact on Confidentiality of the application...

Design/Logic Flaw

SAP Fiori launchpad - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, UI700 200, SAPBASIS 793, allows an attacker to use HTTP verb POST on read-only service causing low impact on Confidentiality of the application...

CVE-2023-49580

SAP GUI for Windows and SAP GUI for Java — affected: SAP_BASIS 755, 756, 757, 758. Unauthenticated attacker can access restricted/confidential information and can create Layout configurations in the ABAP List Viewer, causing mild impacts to integrity and availability (e.g., increased ABAP respons...

CVE-2023-40624

SAP NetWeaver AS ABAP applications based on Unified Rendering - versions SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, SAPBASIS 702, SAPBASIS 731, allows an attacker to inject JavaScript code that can be executed in the web-application. An attacker could thereby control the behavior of...

GitHub Security Lab: ihsinme: Add query for CWE-758 Reliance on Undefined, Unspecified, or Implementation-Defined Behavior

This bug was reported directly to GitHub Security Lab...

Amazon Linux: Security Advisory (ALAS-2016-758)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Multiple Vulnerabilities in WAGO IO PLCs

The WAGO IO PLC 758-870 and 750-849 are bus editable logic controller modules from WAGO Germany. A security bypass vulnerability and a power lifting vulnerability exists in the WAGO IO PLC 758-870 and 750-849 versions, which can be exploited by an attacker to execute arbitrary code, bypass securi...

Multiple vulnerabilities in WAGO IO PLCs (CNVD-2016-05505)

The WAGO IO PLC 758-870 and 750-849 are bus editable logic controller modules from WAGO Germany. A security bypass vulnerability and a power lifting vulnerability exists in the WAGO IO PLC 758-870 and 750-849 versions, which can be exploited by an attacker to execute arbitrary code, bypass securi...

CVE-2012-4879

The Linux Console on the WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC IPC devices has a default password of wago for the 1 root and 2 admin accounts, 3 a default password of user for the user account, and 4 a default password of guest for the guest account, which...

CVE-2012-3013

CVE-2012-3013 affects WAGO I/O System 758 family Industrial PCs (models 758-870, 758-874, 758-875, 758-876). The issue is caused by default passwords for unspecified Web-Based Management accounts, enabling remote attackers to obtain administrative access over TCP. Connected Red Hat records refere...

CVE-2009-0183

Stack-based buffer overflow in Remote Control Server in Free Download Manager FDM 2.5 Build 758 and 3.0 Build 844 allows remote attackers to execute arbitrary code via a long Authorization header in an HTTP request...

Debian Security Advisory DSA 758-1 (heimdal)

The remote host is missing an update to heimdal announced via advisory DSA 758-1. A buffer overflow has been discovered in the telnet server from Heimdal, a free implementation of Kerberos 5, that could lead to the execution of arbitrary code. For the old stable distribution woody this problem ha...

Debian DSA-758-1 : heimdal - buffer overflow

A buffer overflow has been discovered in the telnet server from Heimdal, a free implementation of Kerberos 5, that could lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...