SAP Business Warehouse和SAP Plug-In Basis 安全漏洞

SAP Business Warehouse and SAP Plug-In Basis are both products of SAP, Germany.SAP Business Warehouse is a key component for executing business processes that allows users to design, implement, and manage business processes, ensure process compliance, and reduce the need for manual operations...

Microsoft Windows UPnP 安全漏洞

Microsoft Windows UPnP is a device agent from Microsoft Corporation USA. Providing a proxy allows a Windows network connection to recognize the IP address of the ZoneDirector. A security vulnerability exists in Microsoft Windows UPnP. An attacker could exploit the vulnerability to elevate...

PT-2025-28275 · Sap · Sap Plug-In Basis +1

Name of the Vulnerable Software and Affected Versions: SAP Business Warehouse and SAP Plug-In Basis affected versions not specified Description: The issue allows an authenticated attacker to add fields to arbitrary SAP database tables and/or structures, potentially rendering the system unusable. ...

PT-2025-28550 · Microsoft · Windows Universal Plug/Play (Upnp) Device Host +1

Name of the Vulnerable Software and Affected Versions: Windows Universal Plug and Play UPnP Device Host affected versions not specified Description: The issue concerns sensitive data storage in improperly locked memory, allowing an authorized attacker to elevate privileges over an adjacent networ...

PT-2025-28552 · Microsoft · Windows Universal Plug/Play (Upnp) Device Host +1

Name of the Vulnerable Software and Affected Versions: Windows Universal Plug and Play UPnP Device Host affected versions not specified Description: The issue is related to a use after free condition in the Windows Universal Plug and Play UPnP Device Host, which allows an authorized attacker to...

Microsoft Windows UPnP 资源管理错误漏洞

Microsoft Windows UPnP is a device agent from Microsoft Corporation USA. A proxy is provided to allow Windows network connections to recognize the IP address of the ZoneDirector. A resource management error vulnerability exists in Microsoft Windows UPnP. An attacker could exploit the vulnerabilit...

BackFed: an Efficient and Standardized Benchmark Suite for Backdoor Attacks in Federated Learning

Federated Learning FL systems are vulnerable to backdoor attacks, where adversaries train their local models on poisoned data and submit poisoned model updates to compromise the global model. Despite numerous proposed attacks and defenses, divergent experimental settings, implementation errors, a...

Exploit for Incorrect Default Permissions in Ui Unifi_Controller

CallStranger This script created by Yunus Çadırcı https://twitter.com/yunuscadirci to check against CallStranger CVE-2020-12695 vulnerability. An attacker can use this vulnerability for: Bypassing DLP for exfiltrating data Using millions of Internet-facing UPnP device as source of amplified...

CVE-2025-38140

In the Linux kernel, the following vulnerability has been resolved: dm: limit swapping tables for devices with zone write plugs dmrevalidatezones only allowed new or previously unzoned devices to call blkrevalidatediskzones. If the device was already zoned, disk-nrzones would always equal...

Can One Safety Loop Guard Them All? Agentic Guard Rails for Federated Computing

We propose Guardian-FC, a novel two-layer framework for privacy preserving federated computing that unifies safety enforcement across diverse privacy preserving mechanisms, including cryptographic back-ends like fully homomorphic encryption FHE and multiparty computation MPC, as well as statistic...

Important: Red Hat Security Advisory: libblockdev security update

An update for libblockdev is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

ROS-20250616-10

The vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to the fact that the software saves confidential information in log files when processing incorrect data using the KVv2 plug-in. processing incorrect data using the KVv2 plug-in...

The vulnerability of the SAP Plug-In Basis plugin of the SAP Business Warehouse system, related to deficiencies in the authentication process, allows an intruder to gain unauthorized access to protected information.

The vulnerability of the SAP Plug-In Basis component of the SAP Business Warehouse system is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

CVE-2025-6035

A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel imgbpp, which can result in allocating insufficient memory and subsequently performi...

CVE-2025-6035

A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel imgbpp, which can result in allocating insufficient memory and subsequently performi...

CVE-2025-6035 Gimp: gimp integer overflow

A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel imgbpp, which can result in allocating insufficient memory and subsequently performi...

CVE-2025-6035

A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel imgbpp, which can result in allocating insufficient memory and subsequently performi...

CVE-2025-42983

Affected product: SAP Business Warehouse and SAP Plug-In Basis. vulnerability: missing authorization checks allow an authenticated attacker to drop arbitrary SAP database tables and delete entries, potentially causing data loss and system unavailability; no data reading is possible. root cause: l...

SAP Business Warehouse和SAP Plug-In Basis 安全漏洞

SAP Business Warehouse and SAP Plug-In Basis are both products of SAP, Germany.SAP Business Warehouse is a key component for executing business processes that allows users to design, implement, and manage business processes, ensure process compliance, and reduce the need for manual operations...

[SECURITY] Fedora 41 Update: mingw-gstreamer1-plugins-bad-free-1.24.10-3.fc41

GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality...