PT-2025-32612 · Sap · Sap Cloud Connector

Name of the Vulnerable Software and Affected Versions: SAP Cloud Connector affected versions not specified Description: A missing authorization check in SAP Cloud Connector allows an attacker on an adjacent network with low privileges to send a crafted request to the endpoint responsible for...

PT-2025-32613

Name of the Vulnerable Software and Affected Versions SAP S/4HANA versions prior to August 2025 Description SAP S/4HANA contains a critical vulnerability that allows an attacker with user privileges to exploit a flaw in a function module exposed via RFC. This allows the injection of arbitrary ABA...

PT-2025-32611 · Sap · Sap Business One

Name of the Vulnerable Software and Affected Versions: SAP Business One SLD affected versions not specified Description: SAP Business One SLD suffers from a broken authorization issue. An authenticated attacker can gain administrator privileges on a database by invoking the corresponding API. Thi...

PT-2025-32671 · American Megatrends · Aptiov

Name of the Vulnerable Software and Affected Versions: APTIOV affected versions not specified Description: APTIOV BIOS contains a vulnerability where a skilled user with local access may cause a “Race Condition”. Successful exploitation may lead to resource exhaustion, impacting confidentiality,...

PT-2025-32607 · Sap · Sap S/4Hana

Name of the Vulnerable Software and Affected Versions: SAP S/4HANA Bank Communication Management affected versions not specified Description: A directory traversal issue exists in SAP S/4HANA Bank Communication Management. An attacker with elevated privileges and access to a specific transaction...

PT-2025-32604 · Sap · Sap Netweaver Application Server Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server for ABAP affected versions not specified Description: SAP NetWeaver Application Server for ABAP is susceptible to a cross-site scripting issue. An unauthenticated attacker can create a URL containing a malicio...

Fortinet Fortigate Integer Overflow on SSL-VPN bookmarks (FG-IR-24-364)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-364 advisory. - An Integer Overflow or Wraparound vulnerability CWE-190 in FortiOS version 7.6.2 and below, version 7.4.7 and below, versio...

Fortinet多款产品 输入验证错误漏洞

Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy SSL VPN is a software application.Fortinet FortiPAM is a platform for privilege access control. An input validation...

PT-2025-32602 · Sap · Sap Netweaver Application Server Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server for ABAP affected versions not specified Description: The application server does not allow administrators to assign distinguished authorizations for different user roles. This allows authenticated users to...

PT-2025-32672 · Ami · Ami Aptiov

Name of the Vulnerable Software and Affected Versions: AMI APTIOV affected versions not specified Description: AMI APTIOV BIOS contains a flaw that allows a local user to cause an “Improper Initialization” condition. Successful exploitation may result in an unexpected system state, potentially...

PT-2025-32603 · Sap · Sap Fiori

Name of the Vulnerable Software and Affected Versions: SAP Fiori Launchpad affected versions not specified Description: SAP Fiori Launchpad is susceptible to a Reverse Tabnabbing issue stemming from insufficient external navigation protection for its link elements . An attacker with administrativ...

OPENSUSE-SU-2025:15433-1 framework-inputmodule-control-0.2.0-3.1 on GA media

These are all security issues fixed in the framework-inputmodule-control-0.2.0-3.1 package on the GA media of openSUSE Tumbleweed...

Linux Distros Unpatched Vulnerability : CVE-2020-25636

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Ansible Base when using the awsssm connection plugin as there is no namespace separation for file transfers. Files are written directly to t...

Linux Distros Unpatched Vulnerability : CVE-2021-20268

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls...

ROS-20250812-03

The MIFF component of the GraphicsMagick cross-platform graphics library is vulnerable to authorization errors. authorization errors. Exploitation of the vulnerability could allow an attacker to compromise the confidentiality, integrity, and availability of protected information. confidentiality,...

WordPress RT Easy Builder plugin <= 2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zer0gh0st in WordPress Plugin RT Easy Builder – Advanced addons for Elementor versions = 2.3...

BIT-LIBPYTHON-2021-3737

A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability...

BIT-LIBPYTHON-2021-3733

There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client such as web browser connects to, could trigger a Regular Expression Denial of Service ReDOS during an authentication request with a specially crafted payload that is sen...

BIT-LIBPYTHON-2020-10735

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int"text", a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16, and 32 are no...

The vulnerability of the br_multicast_port_ctx_init() function in the net/bridge/br_multicast.c module, which is part of the Linux kernel’s networking functions, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the br Multicast Port Context Initialization function in the net/bridge/br Multicast.c module, which implements networking functions in the Linux kernel, is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to...