CVE-2023-25616

In some scenario, SAP Business Objects Business Intelligence Platform CMC - versions 420, 430, Program Object execution can lead to code injection vulnerability which could allow an attacker to gain access to resources that are allowed by extra privileges. Successful attack could highly impact th...

CVE-2023-25617

SAP Business Object Adaptive Job Server - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the...

Code injection

In some scenario, SAP Business Objects Business Intelligence Platform CMC - versions 420, 430, Program Object execution can lead to code injection vulnerability which could allow an attacker to gain access to resources that are allowed by extra privileges. Successful attack could highly impact th...

CVE-2023-25617 OS Command Execution vulnerability in SAP Business Objects Business Intelligence Platform (Adaptive Job Server)

SAP Business Object Adaptive Job Server - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the...

CVE-2023-25616 Code Injection vulnerability in SAP Business Objects Business Intelligence Platform (CMC)

In some scenario, SAP Business Objects Business Intelligence Platform CMC - versions 420, 430, Program Object execution can lead to code injection vulnerability which could allow an attacker to gain access to resources that are allowed by extra privileges. Successful attack could highly impact th...

CVE-2023-25616

CVE-2023-25616 affects SAP BusinessObjects BI Platform (CMC) versions 420 and 430 via a code injection vulnerability in the Program Object execution path. Root cause described as improper handling leading to code injection, enabling an attacker to access resources with extra privileges and potent...

CVE-2023-25616 Code Injection vulnerability in SAP Business Objects Business Intelligence Platform (CMC)

In some scenario, SAP Business Objects Business Intelligence Platform CMC - versions 420, 430, Program Object execution can lead to code injection vulnerability which could allow an attacker to gain access to resources that are allowed by extra privileges. Successful attack could highly impact th...

[SECURITY] Fedora 38 Update: kstars-3.6.3-1.fc38

KStars is a Desktop Planetarium. It provides an accurate graphical simulation of the night sky, from any location on Earth, at any date and time. The display includes up to 100 million stars, 13,000 deep-sky objects, all 8 planets, the Sun and Moon, and thousands of comets and asteroids...

SAP Business Objects 操作系统命令注入漏洞

SAP Business Objects is a business intelligence suite from SAP, a German company. An operating system command injection vulnerability exists in SAP Business Objects versions 420 and 430, which originates from allowing arbitrary commands to be executed remotely on Unix when program object executio...

Vulnerabilities fixed in SAP products

SAP has released updates for several products, including SAP ERP, Netweaver, HAMA, Business Objects and SAP Solution Manager. A malicious party could potentially exploit the vulnerabilities and cause damage cause damage in the categories listed below: Cross-Site Scripting XSS Denial-of-Service Do...

SAP BusinessObjects Business Intelligence Platform 代码问题漏洞

SAP Business Objects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP, Germany. The product features report generation, analytics, and data visualization. A code issue vulnerability exists in SAP BusinessObjects Business...

SAP BusinessObjects Business Intelligence Platform 信息泄露漏洞

SAP BusinessObjects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP. The product has report generation, analysis, data visualization and other functions. An information disclosure vulnerability exists in SAP BusinessObjects...

SAP Business Objects Business Intelligence Platform 注入漏洞

SAP Business Objects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP, Germany. The product features report generation, analytics, and data visualization. An injection vulnerability exists in SAP Business Objects Business...

Fedora: Security Advisory for python-werkzeug (FEDORA-2023-729a50a7e1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 38 : python-cryptography (2023-749dd47c79)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-749dd47c79 advisory. Security fix for CVE-2023-23931 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected...

Foxit PDF Reader XFA Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

SUSE CVE-2023-25731

Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox 110...

Threat landscape for industrial automation systems for H2 2022

Year 2022 in numbers Parameter | H1 2022 | H2 2022 | 2022 ---|---|---|--- Percentage of attacked ICS computers globally | 31.8% | 34.3% | 40.6% Main threat sources Internet | 16.5% | 19.9% | 24.0% Email clients | 7.0% | 6.4% | 7.9% Removable devices | 3.5% | 3.8% | 5.2% Network folders | 0.6% |...

The vulnerability in operating systems macOS, iOS, and iPadOS, related to operations beyond the buffer when processing objects in memory, allows attackers to execute arbitrary code.

The vulnerability of operating systems macOS, iOS, and iPadOS stems from the operation of operations beyond the buffer when processing objects in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code...