#sap

An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, can get access to lcmbiar file and further decrypt the file. After this attacker can gain access to BI user’s passwords and depending on the privileges of the BI user, the attacker can perform operations that can completely compromise the application.

Red Hat Security Advisory 2023-1549-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include privilege escalation and use-after-free vulnerabilities.

An issue found in APUS Group Launcher v.3.10.73 and v.3.10.88 allows a remote attacker to execute arbitrary code via the FONT_FILE parameter.

By Owais Sultan You’re sitting with your iPhone in hand, gazing at the screen with annoyance, fury, and helplessness. You need… This is a post from HackRead.com Read the original post: How to Create and Manage Groups on iPhone

By Owais Sultan In today’s world, censorship and suppression of free speech are rampant in many parts of the globe. Governments… This is a post from HackRead.com Read the original post: Meet Anthalon, fighting for freedom of the press

App developers are ignoring laws and guidelines regulating data protection measures aimed at minors, putting their monetization plans in jeopardy and risking user trust.

In next-gen, credential-harvesting attacks, phishing emails use cloud services and are free from the typical bad grammar or typos they've traditionally used (and which users have learned to spot).

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-25690: A vulnerability was found in httpd. This security issue occurs when some mod_proxy configurations on Apache HTTP Server allow an HTTP Request Smuggling attack. Configurations a...

Red Hat Security Advisory 2023-1666-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

Unified Remote version 3.13.0 suffers from a remote code execution vulnerability.