.NET 9.0 Update - October 14, 2025 (KB5068332)

.NET 9.0 Update - October 14, 2025 KB5068332 .NET 9.0 has been refreshed with the latest update as of October 14, 2025. This update contains security and non-security fixes. See the release notes for details about updated packages..NET 9.0 servicing updates are upgrades. The latest servicing upda...

Storage Spaces Direct Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows High Availability Services allows an authorized attacker to disclose information locally...

CVE-2025-41699

An low privileged remote attacker with an account for the Web-based management can change the system configuration to perform a command injection as root, resulting in a total loss of confidentiality, availability and integrity due to improper control of generation of code 'Code Injection'...

CVE-2025-41699 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers

An low privileged remote attacker with an account for the Web-based management can change the system configuration to perform a command injection as root, resulting in a total loss of confidentiality, availability and integrity due to improper control of generation of code 'Code Injection'...

CVE-2025-42937

SAP Print Service SAPSprint performs insufficient validation of path information provided by users. An unauthenticated attacker could traverse to the parent directory and over-write system files causing high impact on confidentiality integrity and availability of the application...

CVE-2025-42937 Directory Traversal vulnerability in SAP Print Service

SAP Print Service SAPSprint performs insufficient validation of path information provided by users. An unauthenticated attacker could traverse to the parent directory and over-write system files causing high impact on confidentiality integrity and availability of the application...

EUVD-2025-34122

Due to a Cross-Site Request Forgery CSRF vulnerability in SAP NetWeaver Application Server for ABAP, an authenticated attacker could initiate transactions directly via the session manager, bypassing the first transaction screen and the associated authorization check. This vulnerability could allo...

CVE-2025-42906

CVE-2025-42906 corresponds to a path traversal vulnerability in SAP Commerce Cloud that could allow access to web applications (e.g., Administration Console) from non-deployed addresses, bypassing access controls. The provided documents describe a low confidentiality impact with no integrity or a...

CVE-2025-42902

The CVE-2025-42902 issue affects SAP NetWeaver AS ABAP and ABAP Platform. A memory corruption flaw allows an unauthenticated attacker to send a corrupted SAP Logon Ticket or SAP Assertion Ticket, causing a NULL pointer dereference and crashing the SAP work process. This yields impact on availabil...

CVE-2025-42902 Memory Corruption vulnerability in SAP Netweaver AS ABAP and ABAP Platform

Due to the memory corruption vulnerability in SAP NetWeaver AS ABAP and ABAP Platform, an unauthenticated attacker can send a corrupted SAP Logon Ticket or SAP Assertion Ticket to the SAP application server. This leads to a dereference of NULL which makes the work process crash. As a result, it h...

CVE-2025-42902 Memory Corruption vulnerability in SAP Netweaver AS ABAP and ABAP Platform

Due to the memory corruption vulnerability in SAP NetWeaver AS ABAP and ABAP Platform, an unauthenticated attacker can send a corrupted SAP Logon Ticket or SAP Assertion Ticket to the SAP application server. This leads to a dereference of NULL which makes the work process crash. As a result, it h...

PT-2025-41842

Name of the Vulnerable Software and Affected Versions SAP Supplier Relationship Management affected versions not specified Description SAP Supplier Relationship Management does not properly verify the type or content of uploaded files. This allows an authenticated attacker to upload arbitrary...

PT-2025-41859

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description A flaw exists in a web-based management interface that allows a low-privileged remote attacker with an account to execute arbitrary commands with root privilege...

PT-2025-42076

Name of the Vulnerable Software and Affected Versions Windows High Availability Services affected versions not specified Description An issue exists in Windows High Availability Services that allows an authorized attacker to disclose information locally. The issue involves the exposure of sensiti...

PT-2025-41922

Name of the Vulnerable Software and Affected Versions APTIOV affected versions not specified Description APTIOV BIOS contains a flaw that allows a local attacker to trigger an Out-of-bounds Write. Successful exploitation of this issue may result in data corruption and a loss of system availabilit...

AMI APTIOV 安全漏洞

AMI AptioV is a firmware-related editor from American AMI. A security vulnerability exists in AMI APTIOV that originates from the presence of a local out-of-bounds write in the BIOS, which could result in data corruption and loss of availability...

AMI AptioV 安全漏洞

AMI AptioV is a firmware-related editor from AMI USA. A security vulnerability exists in AMI AptioV that stems from improperly restricted memory buffer manipulation, which could result in memory corruption and affect integrity and availability...

PT-2025-41837

Name of the Vulnerable Software and Affected Versions SAP NetWeaver AS ABAP and ABAP Platform affected versions not specified Description A memory corruption issue exists in SAP NetWeaver AS ABAP and ABAP Platform. An unauthenticated attacker can exploit this by sending a corrupted SAP Logon Tick...

PT-2025-41921

Name of the Vulnerable Software and Affected Versions APTIOV affected versions not specified Description APTIOV BIOS contains a flaw that allows a local attacker to trigger an Out-of-bounds Write. Successful exploitation of this issue may result in data corruption and a loss of system availabilit...

PT-2025-41924

Name of the Vulnerable Software and Affected Versions APTIOV affected versions not specified Description APTIOV BIOS contains a flaw that allows a local attacker to perform an Improper Restriction of Operations within the Bounds of a Memory Buffer. Successful exploitation of this issue could lead...