Security
Headlines
HeadlinesLatestCVEs

Tag

#sap

Red Hat Security Advisory 2024-7794-03

Red Hat Security Advisory 2024-7794-03 - An update for skopeo is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

Packet Storm
Open in Source
#vulnerability#linux#red_hat#js#sap
Red Hat Security Advisory 2024-7793-03

Red Hat Security Advisory 2024-7793-03 - An update for buildah is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

Red Hat Security Advisory 2024-7792-03

Red Hat Security Advisory 2024-7792-03 - An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

Red Hat Security Advisory 2024-7791-03

Red Hat Security Advisory 2024-7791-03 - An update for podman is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

Red Hat Security Advisory 2024-7704-03

Red Hat Security Advisory 2024-7704-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include bypass and denial of service vulnerabilities.

Red Hat Security Advisory 2024-7703-03

Red Hat Security Advisory 2024-7703-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include bypass and denial of service vulnerabilities.

CVE-2024-43574: Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An attacker could exploit a use after free vulnerability within the OS SAPI component to execute arbitrary code in the context of the compromised user to disclose sensitive information, compromise system integrity or impact the availability of the victim's system.

GHSA-6339-gv7w-g5f4: SAP HANA Node.js client package vulnerable to Prototype Pollution

The SAP HANA Node.js client package versions from 2.0.0 before 2.21.31 is impacted by Prototype Pollution vulnerability allowing an attacker to add arbitrary properties to global object prototypes. This is due to improper user input sanitation when using the nestTables feature causing low impact on the availability of the application. This has no impact on Confidentiality and Integrity.

Large scale Google Ads campaign targets utility software

Malicious Google sponsored results disguised as software downloads lead to malware.

Debian Security Advisory 5784-1

Debian Linux Security Advisory 5784-1 - Fabian Vogt reported that the PAM module in oath-toolkit, a collection of components to build one-time password authentication systems, does not safely perform file operations in users's home directories when using the usersfile feature (allowing to place the OTP state in the home directory of the to-be-authenticated user). A local user can take advantage of this flaw for root privilege escalation.