CVE-2024-39594

SAP Business Warehouse - Business Planning and Simulation application does not sufficiently encode user controlled inputs, resulting in Reflected Cross-Site Scripting XSS vulnerability. After successful exploitation, an attacker can cause low impact on the confidentiality and integrity of the...

CVE-2024-39594

The CVE-2024-39594 entry concerns SAP Business Warehouse - Business Planning and Simulation, where the application fails to sufficiently encode user-controlled inputs, causing a Reflected Cross-Site Scripting (XSS) vulnerability. The root cause is insufficient input encoding in the affected compo...

CVE-2024-39594 [CVE-2024-39594] Multiple Cross-Site Scripting (XSS) vulnerabilities in SAP Business Warehouse - Business Planning and Simulation

SAP Business Warehouse - Business Planning and Simulation application does not sufficiently encode user controlled inputs, resulting in Reflected Cross-Site Scripting XSS vulnerability. After successful exploitation, an attacker can cause low impact on the confidentiality and integrity of the...

Siemens SIMATIC 安全漏洞

SIMATIC Energy Manager provides users with a scalable, non-industry-specific energy data management system.SIMATIC IPC DiagBase diagnostic software provides early identification of any potential faults on SIMATIC industrial controllers and helps to avoid or reduce system downtime.SIMATIC IPC...

PT-2024-9861 · Sap · Sap Business Warehouse - Business Planning/Simulation

Name of the Vulnerable Software and Affected Versions: SAP Business Warehouse - Business Planning and Simulation affected versions not specified Description: The issue is related to insufficient encoding of user-controlled inputs in the SAP Business Warehouse - Business Planning and Simulation...

PT-2024-9880 · Sap · Sap Business Warehouse - Business Planning/Simulation

Name of the Vulnerable Software and Affected Versions: SAP Business Warehouse - Business Planning and Simulation affected versions not specified Description: The issue is related to Stored Cross-Site Scripting XSS due to insufficient encoding of user-controlled inputs. This allows users to modify...

CVE-2021-47618

In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the instruction replaced by kprobe. some instructions may be simulated by constructing assembly functions. therefore, before executing...

CVE-2021-47618

In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the instruction replaced by kprobe. some instructions may be simulated by constructing assembly functions. therefore, before executing...

CVE-2021-47618

In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the instruction replaced by kprobe. some instructions may be simulated by constructing assembly functions. therefore, before executing...

CVE-2021-47618 ARM: 9170/1: fix panic when kasan and kprobe are enabled

In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the instruction replaced by kprobe. some instructions may be simulated by constructing assembly functions. therefore, before executing...

Siemens Tecnomatix Plant Simulation MODEL File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

Siemens Tecnomatix Plant Simulation Type Conversion Error Vulnerability

Tecnomatix Plant Simulation models, simulates, explores and optimizes logistics systems and their processes. These models allow material flow, resource utilization and logistics analysis of all manufacturing plans from global production facilities to local plants and specific production lines pri...

CVE-2024-35303

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 All versions V2302.0012, Tecnomatix Plant Simulation V2404 All versions V2404.0001. The affected applications contain a type confusion vulnerability while parsing specially crafted MODEL files. This could allow an attacker t...

CVE-2024-35303

Summary: CVE-2024-35303 affects Siemens Tecnomatix Plant Simulation V2302 (< V2302.0012) and V2404 (

Siemens Tecnomatix Plant Simulation 代码问题漏洞

Tecnomatix Plant Simulation models, simulates, explores and optimizes logistics systems and their processes. These models allow material flow, resource utilization and logistics analysis of all manufacturing plans from global production facilities to local plants and specific production lines pri...

Oracle Database Password Hash Unauthorized Access

Title: CVE-2020-2969 – Unauthorized Access to Password Hashes by Account with DBA role Product: Database Manufacturer: Oracle Affected Versions: 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, 19c Tested Versions: 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, 19c Risk Level: Medium Solution Status: Fixed CVE Reference:...

Siemens Tecnomatix Plant Simulation MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

GHSA-5PXR-7M4J-JJC6 Cross-site scripting (XSS) vulnerability in Description metadata

Summary Regardless of the role or privileges, no user should be able to inject malicious JavaScript JS scripts into the body HTML. an XSS Cross-Site Scripting vulnerability, specifically a Stored XSS, which affects all pages of the website. Once the JS script is embedded in the body HTML, the XSS...

Cross-site scripting (XSS) vulnerability in Description metadata

Summary Regardless of the role or privileges, no user should be able to inject malicious JavaScript JS scripts into the body HTML. an XSS Cross-Site Scripting vulnerability, specifically a Stored XSS, which affects all pages of the website. Once the JS script is embedded in the body HTML, the XSS...

Fedora: Security Advisory for qt5-qt3d (FEDORA-2024-2e27372d4c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...