CVE-2024-2105 JBL: Improper validation of ICM field in connection requests

An unauthorised attacker within bluetooth range may use an improper validation during the BLE connection request to deadlock the affected devices...

CVE-2024-2105 JBL: Improper validation of ICM field in connection requests

An unauthorised attacker within bluetooth range may use an improper validation during the BLE connection request to deadlock the affected devices...

CVE-2025-12556

CVE-2025-12556 affects IDIS ICM Viewer. A parameter/argument injection vulnerability could allow an attacker to execute arbitrary code in the host environment (remote code execution). Public details confirm affected product and impact; some sources note that specific vulnerable versions and a fix...

CVE-2025-12556 IDIS ICM Viewer Argument Injection

An argument injection vulnerability exists in the affected product that could allow an attacker to execute arbitrary code within the context of the host machine...

CVE-2025-12556 IDIS ICM Viewer Argument Injection

An argument injection vulnerability exists in the affected product that could allow an attacker to execute arbitrary code within the context of the host machine...

PT-2025-45186

Name of the Vulnerable Software and Affected Versions IDIS ICM VIEWER affected versions not specified Description An argument injection issue exists that may allow an attacker to execute arbitrary code on the host machine. This could lead to remote code execution. Recommendations At the moment,...

IDIS ICM Viewer 参数注入漏洞

IDIS ICM Viewer is a desktop client software for video surveillance systems from IDIS Corporation. IDIS ICM Viewer suffers from a parameter injection vulnerability that stems from parameter injection and could lead to an attacker executing arbitrary code in the host environment...

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-308-01 Fuji Electric Monitouch V-SFT-6 ICSA-25-308-02 Survision License Plate Recognition Camera...

Exploit for HTTP Request Smuggling in Sap Content_Server

CVE-2022-22536 Batch Scanner This is a fast, socket-level bat...

Exploit for HTTP Request Smuggling in Sap Content_Server

CVE-2022-22536 SAP Rquest Smuggling Scanner This is a fast, s...

EUVD-2014-2776

Malware in sbrugna...

Design/Logic Flaw

Under certain conditions, Internet Communication Manager ICM or SAP Web Dispatcher - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22EXT, WEBDISP 7.22EXT, WEBDISP 7.53, WEBDISP 7.54, could allow an attacker to access...

CVE-2024-22124 Information Disclosure vulnerability in SAP NetWeaver Internet Communication Manager

Under certain conditions, Internet Communication Manager ICM or SAP Web Dispatcher - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22EXT, WEBDISP 7.22EXT, WEBDISP 7.53, WEBDISP 7.54, could allow an attacker to access...

CVE-2022-45968

creationtimestamp| type| source ---|---|--- 2022-12-12 16:25:57+00:00| seen| https://t.me/cibsecurity/54316 2025-04-22 21:04:14+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12977...

CVE-2022-27656

The Web administration UI of SAP Web Dispatcher and the Internet Communication Manager ICM does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

CVE-2022-27656

CVE-2022-27656 affects SAP Web Dispatcher Web Administration UI and the Internet Communication Manager (ICM). It stems from insufficient encoding of user‑controlled inputs, enabling Cross‑Site Scripting (XSS). CVSS v3.1 base score 6.1 (MEDIUM); vectors: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N. No exp...

SAP Web Dispatcher和Internet Communication Manager拒绝服务漏洞

SAP Web dispatcher and SAP Internet Communication Manager SAP ICM are both products of SAP Germany. SAP Internet Communication Manager is a component of the SAP NetWeaver application server. SAP Web Dispatcher and SAP Internet Communication Manager suffer from a denial-of-service vulnerability th...

SAP to Give Threat Briefing on Uber-Severe ‘ICMAD’ Bugs

There’s a trio of critical vulnerabilities, fixed on Tuesday, in SAP business applications that use the ubiquitous Internet Communication Manager ICM: the component that gives SAP products the HTTPS web server they need to connect to the internet or talk to each other. The vulnerabilities,...

SAP customers are urged to patch critical vulnerabilities in multiple products

German enterprise software maker SAP has patched three critical vulnerabilities affecting Internet Communication Manager ICM, a core component of SAP business applications. Customers are urged by both SAP and CISA to address these critical vulnerabilities as soon as possible. On February 8, SAP...

CVE-2021-40496

SAP Internet Communication framework ICM - versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 785, allows an attacker with logon functionality, to exploit the authentication function by using POST and form field to repeat executions of the initial command by a GET request a...