10 matches found
CVE-2025-42909
SAP Cloud Appliance Library Appliances allows an attacker with high privileges to leverage an insecure S/4HANA default profile setting in an existing SAP CAL appliances to gain access to other appliances. This has low impact on confidentiality of the application, integrity and availability is not...
CVE-2025-42909
SAP Cloud Appliance Library Appliances allows an attacker with high privileges to leverage an insecure S/4HANA default profile setting in an existing SAP CAL appliances to gain access to other appliances. This has low impact on confidentiality of the application, integrity and availability is not...
CVE-2025-42909 Security Misconfiguration vulnerability in SAP Cloud Appliance Library Appliances
SAP Cloud Appliance Library Appliances allows an attacker with high privileges to leverage an insecure S/4HANA default profile setting in an existing SAP CAL appliances to gain access to other appliances. This has low impact on confidentiality of the application, integrity and availability is not...
PT-2025-41841
Name of the Vulnerable Software and Affected Versions SAP Cloud Appliance Library Appliances affected versions not specified Description An attacker with high privileges can exploit an insecure default profile setting within existing SAP CAL appliances to gain access to other appliances. The issu...
SAP Cloud Appliance Library Appliances 安全漏洞
SAP Cloud Appliance Library Appliances is a cloud mirroring and system deployment platform from SAP, Germany. A security vulnerability exists in SAP Cloud Appliance Library Appliances that stems from an insecure S/4HANA default profile setting, which could allow an attacker to access other...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: return EIO on RAID1 block group write pointer mismatch There was a bug report about a NULL pointer dereference in btrfsaddfreespacezoned that ultimately happens because a conversion from the default metadata profile...
CVE-2023-51749
ScaleFusion 10.5.2 does not properly limit users to the Edge application because a search can be made from a tooltip. NOTE: the vendor's position is "Not vulnerable if the default Windows device profile configuration is used which utilizes modern management with website allow-listing rules."...
Chrome Gather Cookies
Read all cookies from the Default Chrome profile of the target user. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Chrome Gather Cookies', 'Description' = 'Read all cookies from the Default...
Hindsight - Internet History Forensics For Google Chrome/Chromium
Hindsight is a free tool for analyzing web artifacts. It started with the browsing history of the Google Chrome web browser and has expanded to support other Chromium-based applications with more to come!. Hindsight can parse a number of different types of web artifacts, including URLs, download...
Juniper JSNAPy Global Writable Default Profile Permissions Vulnerability
JSNAPy is Juniper developed Junos Snapshot Administrator open source python version. Juniper JSNAPy is vulnerable to a global writable default configuration file permissions vulnerability. An unprivileged local user could use this insecure file and directory permissions to change files in this...