7688 matches found
Vulnerabilities fixed in SAP products
SAP has released updates for several products, including SAP ERP, Netweaver, HAMA, Business Objects and SAP Solution Manager. A malicious party could potentially exploit the vulnerabilities and cause damage cause damage in the categories listed below: Cross-Site Scripting XSS Denial-of-Service Do...
SAP Business Objects 操作系统命令注入漏洞
SAP Business Objects is a business intelligence suite from SAP, a German company. An operating system command injection vulnerability exists in SAP Business Objects versions 420 and 430, which originates from allowing arbitrary commands to be executed remotely on Unix when program object executio...
SAP BusinessObjects Business Intelligence Platform 代码问题漏洞
SAP Business Objects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP, Germany. The product features report generation, analytics, and data visualization. A code issue vulnerability exists in SAP BusinessObjects Business...
SAP BusinessObjects Business Intelligence Platform 信息泄露漏洞
SAP BusinessObjects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP. The product has report generation, analysis, data visualization and other functions. An information disclosure vulnerability exists in SAP BusinessObjects...
SAP Business Objects Business Intelligence Platform 注入漏洞
SAP Business Objects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP, Germany. The product features report generation, analytics, and data visualization. An injection vulnerability exists in SAP Business Objects Business...
Fedora: Security Advisory for python-werkzeug (FEDORA-2023-729a50a7e1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 38 : python-cryptography (2023-749dd47c79)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-749dd47c79 advisory. Security fix for CVE-2023-23931 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected...
Foxit PDF Reader XFA Annotation Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
SUSE CVE-2023-25731
Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox 110...
Threat landscape for industrial automation systems for H2 2022
Year 2022 in numbers Parameter | H1 2022 | H2 2022 | 2022 ---|---|---|--- Percentage of attacked ICS computers globally | 31.8% | 34.3% | 40.6% Main threat sources Internet | 16.5% | 19.9% | 24.0% Email clients | 7.0% | 6.4% | 7.9% Removable devices | 3.5% | 3.8% | 5.2% Network folders | 0.6% |...
The vulnerability in operating systems macOS, iOS, and iPadOS, related to operations beyond the buffer when processing objects in memory, allows attackers to execute arbitrary code.
The vulnerability of operating systems macOS, iOS, and iPadOS stems from the operation of operations beyond the buffer when processing objects in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code...
Ubuntu: Security Advisory (USN-5898-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2023-35663 · Git +1 · Libredwg
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow read issue has been identified, potentially causing a crash. The crash state involves functions such as json cquote, dwg json LTYP...
json5: Prototype Pollution in JSON5 via Parse Method
A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse...
GHSA-JH36-Q97C-9928 Kubernetes vulnerable to validation bypass
Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to...
Kubernetes vulnerable to validation bypass
Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to...
CVE-2022-3294
Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to...
CVE-2022-3294
Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to...
Input validation
Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to...