M. Li

**Name of the Vulnerable Software and Affected Versions** SAP NetWeaver Application Server ABAP, Application Server Java, ABAP Platform and HANA Database versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, SAPHOSTAGENT 7.22 **Description** The issue concerns the SAP startservice, specifically the s-bit helper program sapuxuserchk on Unix systems, which can be physically abused, resulting in a privilege escalation for an attacker. This leads to a low impact on confidentiality and integrity but a significant impact on availability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Platinum Mobile version 1.0.4.850 **Description** A critical issue was found, affecting the "/MobileHandler.ashx" API endpoint, which leads to broken access control. The attack requires authentication. **Recommendations** For Platinum Mobile version 1.0.4.850, upgrade to version 1.0.4.851 to address this issue. It is recommended to upgrade the affected component.

**Name of the Vulnerable Software and Affected Versions** Azure DevOps Server (affected versions not specified) **Description** The issue is related to the failure to protect the web page structure, which can lead to cross-site scripting attacks. A remote attacker can exploit this to conduct such attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.