CVE-2025-43011 – SAP Landscape Transformation Authorization Bypass Vulnerability

May 13, 2025

CVE ID : CVE-2025-43011

Published : May 13, 2025, 1:15 a.m. | 1 hour, 49 minutes ago

Description : Under certain conditions, SAP Landscape Transformation’s PCL Basis module does not perform the necessary authorization checks, allowing authenticated users to access restricted functionalities or data. This can lead to a high impact on confidentiality with no impact on the integrity or availability of the application.

Severity: 7.7 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-35471 – Conda Forge OpenSSL-Feedstock Local Privilege Escalation

Next Article CVE-2025-43009 – SAP Service Parts Management Privilege Escalation Vulnerability

Highlights

CVE-2025-47947 – ModSecurity Denial of Service Vulnerability

May 21, 2025

CVE ID : CVE-2025-47947

Published : May 21, 2025, 10:15 p.m. | 35 minutes ago

Description : ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Versions up to and including 2.9.8 are vulnerable to denial of service in one special case (in stable released versions): when the payload’s content type is `application/json`, and there is at least one rule which does a `sanitiseMatchedBytes` action. A patch is available at pull request 3389 and expected to be part of version 2.9.9. No known workarounds are available.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

The coming AI smartphone: Redefining personal tech

Modern React animation libraries: Real examples for engaging UIs

How Debian 13’s little improvements add up to the distro’s surprisingly big leap forward

Why xAI is giving you ‘limited’ free access to Grok 4

How Apple may revamp Siri to a voice assistant I’d actually use (and ditch Gemini for)

I jump-started a bus from the 1930s with this power bank – here’s the verdict

Laravel’s UsePolicy Attribute: Explicit Authorization Control

Laravel’s UsePolicy Attribute: Explicit Authorization Control

The Laravel Way to Build AI Agents That Actually Work

The Laravel Way to Build AI Agents That Actually Work

Microsoft sued over killing support for Windows 10

Microsoft sued over killing support for Windows 10

Grok 4 rolled out for free-tier users worldwide, with some limits

Firefox AI slammed for hogging CPU and draining battery

CVE-2025-43011 – SAP Landscape Transformation Authorization Bypass Vulnerability

WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately

BadCam Attack Turns Trusted Linux Webcams into Stealthy USB Weapons

LWiAI Podcast #208 – Claude Integrations, ChatGPT Sycophancy, Leaderboard Cheats

APT-C-36 Hackers Attacking Government Institutions, Financial Organizations, and Critical Infrastructure

Laravel Request Content Type Inspection Methods

Intel’s latest Arc graphics driver is ready for DOOM: The Dark Ages, launching for Premium Edition owners on PC today

CVE-2025-47947 – ModSecurity Denial of Service Vulnerability

Clair Obscur: Expedition 33 preorders are open — Which version of the game is right for you?

Email Security Is Stuck in the Antivirus Era: Why It Needs a Modern Approach

Security Best Practices in Sitecore XM Cloud

CVE-2025-43011 – SAP Landscape Transformation Authorization Bypass Vulnerability

Related Posts