37008 matches found
CVE-2025-31332
CVE-2025-31332 concerns insecure file permissions in SAP BusinessObjects Business Intelligence Platform. A local attacker could modify files, potentially disrupting operations or causing service downtime, leading to high impact on integrity and availability . The vulnerability does not disclose s...
CVE-2025-31332 Insecure File permissions vulnerability in SAP BusinessObjects Business Intelligence Platform
Due to insecure file permissions in SAP BusinessObjects Business Intelligence Platform, an attacker who has local access to the system could modify files potentially disrupting operations or cause service downtime hence leading to a high impact on integrity and availability. However, this...
CVE-2025-23186 Mixed Dynamic RFC Destination vulnerability through Remote Function Call (RFC) in SAP NetWeaver Application Server ABAP
In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call RFC request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely...
CVE-2025-3406
A vulnerability was found in Nothings stb up to f056911. It has been classified as problematic. Affected is the function stbhwbuildtilesetfromimage of the component Header Array Handler. The manipulation of the argument w leads to out-of-bounds read. It is possible to launch the attack remotely...
CVE-2024-38797
A flaw was found in EDK2. This vulnerability allows an attacker to cause an out-of-bounds read, potentially leading to a loss of integrity and/or availability via a crafted data pointer and length sent over an adjacent network. Mitigation Mitigation for this issue is either not available or the...
PT-2025-15363 · Sap · Sap Netweaver Application Server Abap
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server ABAP affected versions not specified Description: The issue allows an authenticated attacker to craft a Remote Function Call RFC request to restricted destinations, exposing credentials for a remote service...
PT-2025-15342
Name of the Vulnerable Software and Affected Versions: InputManager version SMR Apr-2025 Release 1 Description: The issue is related to improper access control in InputManager, allowing local attackers to access the scancode of a specific input device. Recommendations: For InputManager version SM...
📄 InfluxDB OSS 2.7.11 Privilege Escalation
InfluxDB OSS versions 2.7.11 and below suffer from a privilege escalation vulnerability. Exploit Title: InfluxDB OSS Operator Privilege Escalation via BusinessLogic Flaw Date: 22/03/2024 Exploit Author: Andrea Pasin Xenom0rph97 Researcher Homepage: https://xenom0rph97.github.io/xeno/ GitHub Explo...
KLA82886 DoS vulnerability in Apache Tomcat
Out of bounds memory read vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Denial of Service via invalid HTTP priority header Related products Apache-Tomcat CVE list CVE-2025-31650 critical Solution Update to...
DEBIAN-CVE-2024-38797
EDK2 contains a vulnerability in the HashPeImageByType. A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network. A successful exploit of this vulnerability may lead to a loss of Integrity and/or Availability...
CVE-2024-38797
EDK2 contains a vulnerability in the HashPeImageByType. A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network. A successful exploit of this vulnerability may lead to a loss of Integrity and/or Availability...
CVE-2024-38797
EDK2 contains a vulnerability in the HashPeImageByType. A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network. A successful exploit of this vulnerability may lead to a loss of Integrity and/or Availability...
CVE-2024-38797
CVE-2024-38797 is a HashPeImageByType() read-bounds vulnerability in EDK2. Multiple advisories (EulerOS, Oracle Linux, Ubuntu, TencentOS) report that a corrupted data pointer/length sent over adjacent network can cause read out of bounds, with potential impact to integrity and availability. Explo...
CVE-2024-38797 Out-of-bounds Read in HashPeImageByType()
EDK2 contains a vulnerability in the HashPeImageByType. A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network. A successful exploit of this vulnerability may lead to a loss of Integrity and/or Availability...
CVE-2024-58115
Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-58116
Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-58115
Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-58116
Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-58112
Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-58113
Vulnerability of improper resource management in the memory management module Impact: Successful exploitation of this vulnerability may affect availability...