CVE-2026-50226 Firmware Theft & IMEI Spoofing via Connect-OTA

Fixed AES-128-CBC keys inside the AcerConnect OTA application let attackers forge authorization credentials for arbitrary IMEI numbers. This allows unauthorized actors to list catalog items and extract protected binaries from pre-signed cloud links...

CVE-2023-40306

SAP S/4HANA Manage Catalog Items and Cross-Catalog searches Fiori apps allow an attacker to redirect users to a malicious site due to insufficient URL validation. As a result, it may have a slight impact on confidentiality and integrity...

Input validation

SAP S/4HANA Manage Catalog Items and Cross-Catalog searches Fiori apps allow an attacker to redirect users to a malicious site due to insufficient URL validation. As a result, it may have a slight impact on confidentiality and integrity...

PT-2023-4944 · Sap · Sap S/4Hana

Name of the Vulnerable Software and Affected Versions: SAP S/4HANA affected versions not specified Description: The issue is related to insufficient URL validation in the Manage Catalog Items and Cross-Catalog searches Fiori apps, allowing an attacker to redirect users to a malicious site. This m...