CVE-2025-23185

Vulnerability summary: SAP Business Objects Business Intelligence Platform exposes internal technical details due to improper error handling. What is affected: SAP Business Objects BI Platform (information disclosure vulnerability). Root cause: Exceptions and stack traces reveal application inter...

CVE-2025-23185 Information Disclosure in SAP Business Objects Business Intelligence Platform

Due to improper error handling in SAP Business Objects Business Intelligence Platform, technical details of the application are revealed in exceptions thrown to the user and in stack traces. Only an attacker with administrator level privileges has access to this disclosed information, and they...

CVE-2025-23185 Information Disclosure in SAP Business Objects Business Intelligence Platform

Due to improper error handling in SAP Business Objects Business Intelligence Platform, technical details of the application are revealed in exceptions thrown to the user and in stack traces. Only an attacker with administrator level privileges has access to this disclosed information, and they...

SAP Business Objects Business Intelligence Platform 跨站脚本漏洞

SAP Business Objects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP. SAP Business Objects Business Intelligence Platform suffers from a cross-site scripting vulnerability that stems from the application's lack of effective...

SAP Business Objects Business Intelligence Platform 安全漏洞

SAP Business Objects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP. An information disclosure vulnerability exists in SAP Business Objects Business Intelligence Platform, which stems from the application's inadequate...

SAP BusinessObjects Business Intelligence Platform 跨站脚本漏洞

SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and quickly and...

CVE-2025-25306 Misskey's Incomplete Patch of CVE-2024-52591 Leads to Forgery of Federated Notes

Misskey is an open source, federated social media platform. The patch for CVE-2024-52591 did not sufficiently validate the relation between the id and url fields of ActivityPub objects. An attacker can forge an object where they claim authority in the url field even if the specific ActivityPub...

CVE-2025-25306 Misskey's Incomplete Patch of CVE-2024-52591 Leads to Forgery of Federated Notes

Misskey is an open source, federated social media platform. The patch for CVE-2024-52591 did not sufficiently validate the relation between the id and url fields of ActivityPub objects. An attacker can forge an object where they claim authority in the url field even if the specific ActivityPub...

UBUNTU-CVE-2025-21843

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: avoid garbage value in panthorioctldevquery 'prioritiesinfo' is uninitialized, and the uninitialized value is copied to user object when calling PANTHORUOBJSET. Using memset to initialize 'prioritiesinfo' to avoid th...

Linux Distros Unpatched Vulnerability : CVE-2021-47490

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/ttm: fix memleak in ttmtransfereddestroy We need to cleanup the fences for ghost objects as well. Bug: https://bugzilla.kernel.org/showbug.cgi?id=214029 Bug...

Linux Distros Unpatched Vulnerability : CVE-2021-42717

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could result in the web serve...

CVE-2025-0889

Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where an EPM policy allows for automatic privilege elevation of a user process...

SUSE CVE-2022-49259

In the Linux kernel, the following vulnerability has been resolved: block: don't delete queue kobject before its children kobjects aren't supposed to be deleted before their child kobjects are deleted. Apparently this is usually benign; however, a WARN will be triggered if one of the child kobjec...

SUSE CVE-2022-49358

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: memleak flow rule from commit path Abort path release flow rule object, however, commit path does not. Update code to destroy these objects before releasing the transaction...

PT-2025-20505

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free race bug exists in the Linux kernel, specifically in the drm/amdkfd component. This issue occurs when the HW scheduler hangs and a mode1 reset is used to recover the GPU...

CVE-2025-0889

Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where an EPM policy allows for automatic privilege elevation of a user process...

DEBIAN-CVE-2022-49358

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: memleak flow rule from commit path Abort path release flow rule object, however, commit path does not. Update code to destroy these objects before releasing the transaction...

UBUNTU-CVE-2022-49672

In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun file and device destruction. NAPIs live in struct tunfile which can get destroyed before the netdev so we have to del them explicitly. The current...

UBUNTU-CVE-2022-49358

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: memleak flow rule from commit path Abort path release flow rule object, however, commit path does not. Update code to destroy these objects before releasing the transaction...

UBUNTU-CVE-2022-49092

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix route with nexthop object delete warning FRR folks have hit a kernel warning1 while deleting routes2 which is caused by trying to delete a route pointing to a nexthop id without specifying nhid but matching on an...