CVE-2025-42963 – SAP NetWeaver Application Server for Java Java Object Deserialization Remote Code Execution Vulnerability

July 7, 2025

CVE ID : CVE-2025-42963

Published : July 8, 2025, 1:15 a.m. | 35 minutes ago

Description : A critical vulnerability in SAP NetWeaver Application server for Java Log Viewer enables authenticated administrator users to exploit unsafe Java object deserialization. Successful exploitation can lead to full operating system compromise, granting attackers complete control over the affected system. This results in a severe impact on the confidentiality, integrity, and availability of the application and host environment.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-42964 – SAP NetWeaver Enterprise Portal Remote Code Execution Vulnerability

Next Article CVE-2025-42962 – SAP Business Warehouse Cross-Site Scripting (XSS)

Highlights

CVE-2025-5163 – “Yangshare WarehouseManager Remote Unauthenticated Access Control Bypass”

May 26, 2025

CVE ID : CVE-2025-5163

Published : May 26, 2025, 2:15 a.m. | 2 hours, 55 minutes ago

Description : A vulnerability, which was classified as problematic, was found in yangshare 技术杨工 warehouseManager 仓库管理系统 1.0. This affects an unknown part. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

This week in AI dev tools: Gemini API Batch Mode, Amazon SageMaker AI updates, and more (July 11, 2025)

JFrog finds MCP-related vulnerability, highlighting need for stronger focus on security in MCP ecosystem

8 Key Questions Every CEO Should Ask Before Hiring a Node.js Development Company in 2025

Vibe Loop: AI-native reliability engineering for the real world

Most AI projects are abandoned – 5 ways to ensure your data efforts succeed

How agentic AI is transforming the very foundations of business strategy

The best Xbox and PC headset I’ve used for the last couple years is on sale

These 5 free add-ons make Minecraft Bedrock Edition feel brand new

The details of TC39’s last meeting

The details of TC39’s last meeting

new Date(“wtf”) – How well do you know JavaScript’s Date class?

Francisco Bergeret Paves the Way Through Strong Leadership at Perficient

Word for the Web Finally Gets Proper Header and Footer Editing

Word for the Web Finally Gets Proper Header and Footer Editing

Windows 11 Build 27898 Adds Small Taskbar Icons, Quick Recovery, Smarter Sharing

Windows 11 Build 27898 Bug Brings Back Classic Vista Startup Sound, Again

CVE-2025-42963 – SAP NetWeaver Application Server for Java Java Object Deserialization Remote Code Execution Vulnerability

Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials

Best Buy is giving away $300 gift cards when you buy a Hisense TV – here’s how to qualify

ToyMaker’s Playbook: Cisco Talos Exposes IAB Tactics Leading to Cactus Ransomware

Cloudflare Closes Security Gap That Could Leak Visitor URLs

Classify call center conversations with Amazon Bedrock batch inference

CVE-2025-5163 – “Yangshare WarehouseManager Remote Unauthenticated Access Control Bypass”

Earth Kurma Targets Southeast Asia With Rootkits and Cloud-Based Data Theft Tools

CVE-2024-52561 – Parallels Desktop for Mac Privilege Escalation Vulnerability

CVE-2025-46786 – Zoom Workplace Apps XML External Entity (XXE) Injection Vulnerability

CVE-2025-42963 – SAP NetWeaver Application Server for Java Java Object Deserialization Remote Code Execution Vulnerability

Related Posts