CVE-2026-24309 Missing Authorization check in SAP NetWeaver Application Server for ABAP

Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the database configuration table of the ABAP system. This unauthorized content change could lead to reduced...

PT-2026-24154

Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the database configuration table of the ABAP system. This unauthorized content change could lead to reduced...

CVE-2024-49858

In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...

CVE-2024-49858 efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption

In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...

CVE-2024-49858

CVE-2024-49858: Linux kernel TPM event log handling (efistub/tpm) used EFI_LOADER_DATA, leaving the region unreserved in the EFI 64-bit memory map (via E820) and passed to the kernel via kexec, risking memory corruption. The fix substitutes EFI_ACPI_RECLAIM_MEMORY, which EFI/ACPI treats as reserv...

CVE-2024-49858 efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption

In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...

CVE-2024-49858 efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption

In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...

CVE-2023-47110

blockreassurance adds an information block aimed at offering helpful information to reassure customers that their store is trustworthy. An ajax function in module blockreassurance allows modifying any value in the configuration table. This vulnerability has been patched in version 5.1.4...

Design/Logic Flaw

blockreassurance adds an information block aimed at offering helpful information to reassure customers that their store is trustworthy. An ajax function in module blockreassurance allows modifying any value in the configuration table. This vulnerability has been patched in version 5.1.4...

Any value can be changed in the configuration table by an employee having access to block reassurance module

Impact An ajax function in module blockreassurance allows modifying any value in the configuration table Patches v5.1.4 Workarounds no workaround available References...

GHSA-XFM3-HJCC-GV78 Any value can be changed in the configuration table by an employee having access to block reassurance module

Impact An ajax function in module blockreassurance allows modifying any value in the configuration table Patches v5.1.4 Workarounds no workaround available References...

CVE-2023-47110 Any value can be changed in the configuration table by an employee having access to block reassurance module

blockreassurance adds an information block aimed at offering helpful information to reassure customers that their store is trustworthy. An ajax function in module blockreassurance allows modifying any value in the configuration table. This vulnerability has been patched in version 5.1.4...

CVE-2023-47110 Any value can be changed in the configuration table by an employee having access to block reassurance module

blockreassurance adds an information block aimed at offering helpful information to reassure customers that their store is trustworthy. An ajax function in module blockreassurance allows modifying any value in the configuration table. This vulnerability has been patched in version 5.1.4...

CVE-2023-47110 Any value can be changed in the configuration table by an employee having access to block reassurance module

blockreassurance adds an information block aimed at offering helpful information to reassure customers that their store is trustworthy. An ajax function in module blockreassurance allows modifying any value in the configuration table. This vulnerability has been patched in version 5.1.4...

PT-2023-30315 · Unknown · Blockreassurance

Name of the Vulnerable Software and Affected Versions: blockreassurance versions prior to 5.1.4 Description: The issue concerns an AJAX function in the blockreassurance module that allows modification of any value in the configuration table, potentially compromising the trustworthiness of a store...

Huawei Emui and Magic UI Any Management Issue Vulnerability

Huawei Emui is a mobile operating system developed on Android. magic Ui is a mobile operating system developed on Android. Huawei Emui and Magic UI are vulnerable to a trust management issue, which stems from improper management of device to credentials. An attacker could use this vulnerability t...

Design/Logic Flaw

There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may induce users to grant permissions on modifying items in the configuration table,causing system exceptions...

CVE-2021-22351

There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may induce users to grant permissions on modifying items in the configuration table,causing system exceptions...