Astra Linux - уязвимость в sudo

The “sudoedit” personality of Sudo before version 1.9.5 might allow a local unprivileged user to perform arbitrary directory existence tests by exploiting a race condition in the “sudoedit.c” code, which allows a user-controlled directory to be replaced with a symlink pointing to an arbitrary pat...

CVE-2025-42955

Due to a missing authorization check in SAP Cloud Connector, an attacker on an adjacent network with low privileges could send a crafted request to the endpoint responsible for testing LDAP connections. A successful exploit could lead to reduced performance, hence a low-impact on availability of...

CVE-2025-42955 Missing authorization check in SAP Cloud Connector

Due to a missing authorization check in SAP Cloud Connector, an attacker on an adjacent network with low privileges could send a crafted request to the endpoint responsible for testing LDAP connections. A successful exploit could lead to reduced performance, hence a low-impact on availability of...

PT-2025-32612 · Sap · Sap Cloud Connector

Name of the Vulnerable Software and Affected Versions: SAP Cloud Connector affected versions not specified Description: A missing authorization check in SAP Cloud Connector allows an attacker on an adjacent network with low privileges to send a crafted request to the endpoint responsible for...

For iis write permissions of use-vulnerability warning-the black bar safety net

We may have seen the remote analysis of IIS settings, which iis a variety of settings for the analysis, I here for iis write permissions to the analysis, the following reference to the remote analysis of IIS Settings article for iis write permissions to the analysis of the content: Write...