CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7047 matches found

IBM Security Bulletins•added 2023/03/03 8:42 p.m.•91 views

Security Bulletin: Multiple Vulnerabilities in Json4j Affects Watson Machine Learning Accelerator

Summary Watson Machine Learning Accelerator is affected by multiple json4j CVEs CVE-2022-23529, CVE-2022-23539, CVE-2022-23540, CVE-2022-23541, CVE-2022-45690, CVE-2022-46175, CVE-2022-4742. We fixed by removing json4j. Vulnerability Details Refer to the security bulletins listed in the...

9.8CVSS7.1AI score0.09304EPSS

Exploits2Affected Software1

Microsoft Secure•added 2023/03/02 4:0 p.m.•24 views

New research, tooling, and partnerships for more secure AI and machine learning

Today we’re on the verge of a monumental shift in the technology landscape that will forever change the security community. AI and machine learning may embody the most consequential technology advances of our lifetime, bringing huge opportunities to build, discover, and create a better world. Bra...

7.3AI score

Exploits0

Prion•added 2023/03/01 9:15 p.m.•17 views

Information disclosure

vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. Assigning existing users to a different organizations is currently possible. It may lead to unintended access: if a user from organization A is accidentally assigned to organization B, they will retain...

4CVSS6.2AI score0.00375EPSS

Exploits0References2Affected Software1

OSV•added 2023/03/01 9:15 p.m.•19 views

PYSEC-2023-53

6.5CVSS5.8AI score0.00375EPSS

Exploits0References2

Vulnrichment•added 2023/03/01 8:22 p.m.•7 views

CVE-2023-22738 Improper Preservation of Permissions in vantage6

6.3CVSS6.8AI score0.00375EPSS

Exploits0References2

Cvelist•added 2023/03/01 8:22 p.m.•14 views

CVE-2023-22738 Improper Preservation of Permissions in vantage6

6.3CVSS6.4AI score0.00375EPSS

Exploits0References2

CVE•added 2023/03/01 8:22 p.m.•80 views

CVE-2023-22738

CVE-2023-22738 affects vantage6, a privacy-preserving federated learning infrastructure. The issue is improper preservation of permissions when assigning existing users to different organizations, enabling possible access to resources they should not reach. The description consistently notes this...

6.5CVSS6AI score0.00375EPSS

Exploits0References2Affected Software1

OSV•added 2023/03/01 8:22 p.m.•23 views

CVE-2023-22738 Improper Preservation of Permissions in vantage6

6.3CVSS6.3AI score0.00375EPSS

Exploits0References4

PyPA•added 2023/03/01 5:15 p.m.•6 views

PYSEC-2023-313

vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. vantage6 does not inform the user of wrong username/password combination if the username actually exists. This is an attempt to prevent bots from obtaining usernames. However, if a wrong password is...

6.5CVSS6.5AI score0.00591EPSS

Exploits0References4Affected Software1

NVD•added 2023/03/01 5:15 p.m.•43 views

CVE-2022-39228

6.5CVSS5.6AI score0.00591EPSS

Exploits0References4

OSV•added 2023/03/01 5:15 p.m.•5 views

PYSEC-2023-313

6.5CVSS6.5AI score0.00591EPSS

Exploits0References4

Prion•added 2023/03/01 5:15 p.m.•11 views

Default credentials

6.4CVSS6.5AI score0.00591EPSS

Exploits0References4Affected Software1

OSV•added 2023/03/01 5:15 p.m.•22 views

PYSEC-2023-52

6.5CVSS6.7AI score0.00591EPSS

Exploits0References4

CVE•added 2023/03/01 4:23 p.m.•60 views

CVE-2022-39228

CVE-2022-39228 affects vantage6, a privacy-preserving federated learning infrastructure. The issue is an information-disclosure bug where the system does not clearly reveal whether a username exists when credentials are entered, enabling a potential username enumeration risk. The vulnerability is...

6.5CVSS5.8AI score0.00591EPSS

Exploits0References4Affected Software1

Cvelist•added 2023/03/01 4:23 p.m.•50 views

CVE-2022-39228 Observable Response Discrepancy in vantage6

5.3CVSS6.7AI score0.00591EPSS

Exploits0References4

OSV•added 2023/03/01 4:23 p.m.•21 views

CVE-2022-39228 Observable Response Discrepancy in vantage6

5.3CVSS6.4AI score0.00591EPSS

Exploits0References6

CNNVD•added 2023/03/01 12:0 a.m.•3 views

vantage6 安全漏洞

vantage6 is vantage6 open source an open source priVAcy preserviNg federalTed leArningG infrastructure for Secure Insight eXchange. A security vulnerability exists in versions prior to vantage6 3.8.0 that stems from the system assigning existing users to different organizations, which could lead ...

6.5CVSS6.4AI score0.00375EPSS

Exploits0References3

CNNVD•added 2023/03/01 12:0 a.m.•13 views

vantage6 安全漏洞

vantage6 is vantage6 open source an open source priVAcy preserviNg federalTed leArningG infrastructure for Secure Insight eXchange. A security vulnerability exists in vantage6 versions prior to 3.8.0 that stems from the presence of an information leak...

6.5CVSS6.3AI score0.00591EPSS

Exploits0References5

Schneier on Security•added 2023/02/28 12:19 p.m.•52 views

Side-Channel Attack against CRYSTALS-Kyber

CRYSTALS-Kyber is one of the public-key algorithms currently recommended by NIST as part of its post-quantum cryptography standardization process. Researchers have just published a side-channel attack--using power consumption--against an implementation of the algorithm that was supposed to be...

2.3AI score

Exploits0

Positive Technologies•added 2023/02/28 12:0 a.m.•3 views

PT-2023-13714 · Vantage6 · Vantage6

Name of the Vulnerable Software and Affected Versions: vantage6 versions prior to 3.8.0 Description: vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. It does not inform the user of wrong username/password combination if the username actually exists, ...

6.9CVSS6.3AI score0.00591EPSS

Exploits0References13

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by