CVE-2025-43010

SAP S/4HANA Cloud Private Edition or on Premise SCM Master Data Layer MDL allows an authenticated attacker with SAP standard authorization to execute a certain function module remotely and replace arbitrary ABAP programs, including SAP standard programs. This is due to lack of input validation an...

SAP S/4HANA Cloud Private 代码注入漏洞

SAP S/4HANA Cloud Private is a private cloud-deployed, enterprise-grade, intelligent ERP suite based on in-memory computing architecture from SAP, Germany. A code injection vulnerability exists in SAP S/4HANA Cloud Private, which stems from a lack of input validation and authorization checking an...

PT-2024-21683 · Toshiba · Toshiba Printers

Name of the Vulnerable Software and Affected Versions: Toshiba printers affected versions not specified Description: The issue concerns a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer, and the programs can be replaced by malicious programs by an...

Multiple Huawei phone authentication bypass vulnerabilities

ALP-AL00B\BLA-AL00B and others are smartphones launched by Huawei. Authentication bypass vulnerability exists in several Huawei phones, which can be exploited by an attacker with access to a user's phone to replace the startup program, allowing the attacker to access information in the phone and...

CVE-2004-1149

Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including 7.0.1.4, installs its files with insecure permissions ACLs, which allows local users to gain privileges by replacing critical programs with malicious ones, as demonstrated using VetMsg.exe...