Lucene search
K

90 matches found

OSV
OSV
added 2022/03/18 11:18 p.m.23 views

GHSA-JX8F-CPX7-FV47 Allocation of Resources Without Limits or Throttling in nvflare

Impact NVIDIA FLARE contains a vulnerability in Admin Interface, where an un-authorized attacker can cause Allocation of Resources Without Limits or Throttling, which may lead to cause system unavailable All versions before 2.0.16 are affected. Patches The patch will be included in nvflare==2.0.1...

7.5CVSS7.4AI score0.01017EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/03/17 9:15 p.m.5 views

CVE-2022-21822

NVIDIA FLARE contains a vulnerability in the admin interface, where an un-authorized attacker can cause Allocation of Resources Without Limits or Throttling, which may lead to cause system unavailable...

7.8CVSS7.1AI score0.01017EPSS
Exploits0References2
Prion
Prion
added 2022/03/17 9:15 p.m.19 views

Design/Logic Flaw

NVIDIA FLARE contains a vulnerability in the admin interface, where an un-authorized attacker can cause Allocation of Resources Without Limits or Throttling, which may lead to cause system unavailable...

7.8CVSS7.4AI score0.01017EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/03/17 12:0 a.m.5 views

NVIDIA FLARE 安全漏洞

NVIDIA FLARE is an open source FL SDK from NVIDIA, Inc. that allows researchers and data scientists to adapt existing ML/DL workflows to a federated paradigm and enables platform developers to build secure, privacy-preserving products for distributed multi-party collaboration. A security...

7.8CVSS7.3AI score0.01017EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/07/19 12:0 a.m.42 views

SAP NetWeaver AS ABAP Code Injection (3048657)

A code injection vulnerability exists in SAP NetWeaver Application Server ABAP Reconciliation Framework. ABAP Server and ABAP Platform may allow a high privileged attacker to inject code that can be executed by the application. An attacker could potentially delete critical information and make th...

7.5CVSS7AI score0.02546EPSS
Exploits2References3
NVD
NVD
added 2021/07/14 12:15 p.m.25 views

CVE-2021-33678

A function module of SAP NetWeaver AS ABAP Reconciliation Framework, versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75B, 75C, 75D, 75E, 75F, allows a high privileged attacker to inject code that can be executed by the application. An attacker could thereby delete some...

7.5CVSS0.02546EPSS
Exploits2References4
Cvelist
Cvelist
added 2021/07/14 11:4 a.m.34 views

CVE-2021-33678

A function module of SAP NetWeaver AS ABAP Reconciliation Framework, versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75B, 75C, 75D, 75E, 75F, allows a high privileged attacker to inject code that can be executed by the application. An attacker could thereby delete some...

6.5CVSS6.4AI score0.02546EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2021/07/14 12:0 a.m.5 views

PT-2021-20256 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP Reconciliation Framework versions 700 through 75F Description: A function module in the Reconciliation Framework of SAP NetWeaver AS ABAP allows a high-privileged attacker to inject code that can be executed by the...

7.5CVSS6.6AI score0.02546EPSS
Exploits2References8
OSV
OSV
added 2021/06/09 2:15 p.m.5 views

CVE-2021-27631

SAP NetWeaver ABAP Server and ABAP Platform Enqueue Server, versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73, allows an unauthenticated attacker without specific knowledge of the system to send a...

7.5CVSS7.1AI score0.01508EPSS
Exploits0References2
OSV
OSV
added 2021/06/09 2:15 p.m.4 views

CVE-2021-27630

SAP NetWeaver ABAP Server and ABAP Platform Enqueue Server, versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73, allows an unauthenticated attacker without specific knowledge of the system to send a...

7.5CVSS7.1AI score0.01508EPSS
Exploits0References2
OSV
OSV
added 2021/06/09 2:15 p.m.5 views

CVE-2021-27622

SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CDrawRaster::LoadImageFromMemory whic...

5.9CVSS7.3AI score0.01208EPSS
Exploits0References2
NVD
NVD
added 2021/06/09 2:15 p.m.38 views

CVE-2021-27620

SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method Ups::AddPart which will trigger an...

5.9CVSS0.01208EPSS
Exploits0References2
Kaspersky
Kaspersky
added 2021/03/10 12:0 a.m.29 views

KLA12291 DoS vulnerability in Apache Tomcat

A denial of service vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Apache Tomcat 8.5.x vulnerabilities Apache Tomcat 9.x vulnerabilities Apache Tomcat 10.0.x vulnerabilities Related products Apache-Tomcat CV...

7.5CVSS6.8AI score0.06687EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2021/03/09 6:15 p.m.33 views

CVE-2021-20243

A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...

5.5CVSS6.8AI score0.01058EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2021/03/09 12:0 a.m.44 views

CVE-2021-20246

A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...

7.1CVSS6AI score0.01228EPSS
Exploits0
Veracode
Veracode
added 2021/02/24 5:20 p.m.32 views

Denial Of Service (DoS)

nodejs is vulnerable to denial of serviceDoS attacks. A remote attacker could cause memory exhaustion via too many connection attempts with an 'unknownProtocol' leading to system unavailability...

7.5CVSS3.7AI score0.77385EPSS
Exploits0References17Affected Software4
NVD
NVD
added 2020/12/09 5:15 p.m.24 views

CVE-2020-26832

SAP AS ABAP SAP Landscape Transformation, versions - 20111620, 20111640, 20111700, 20111710, 20111730, 20111731, 20111752, 2020 and SAP S4 HANA SAP Landscape Transformation, versions - 101, 102, 103, 104, 105, allows a high privileged user to execute a RFC function module to which access should b...

7.6CVSS7.3AI score0.02162EPSS
Exploits2References4
NVD
NVD
added 2020/10/20 2:15 p.m.17 views

CVE-2020-6362

SAP Banking Services version 500, use an incorrect authorization object in some of its reports. Although the affected reports are protected with otherauthorization objects, exploitation of the vulnerability could lead to privilege escalation and violation in segregation of duties, which in turn...

6.8CVSS0.01028EPSS
Exploits0References2
Prion
Prion
added 2020/10/20 2:15 p.m.16 views

Authorization

SAP Banking Services version 500, use an incorrect authorization object in some of its reports. Although the affected reports are protected with otherauthorization objects, exploitation of the vulnerability could lead to privilege escalation and violation in segregation of duties, which in turn...

6.8CVSS6.7AI score0.01028EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/10/20 1:31 p.m.16 views

CVE-2020-6362

SAP Banking Services version 500, use an incorrect authorization object in some of its reports. Although the affected reports are protected with otherauthorization objects, exploitation of the vulnerability could lead to privilege escalation and violation in segregation of duties, which in turn...

4.3CVSS6.7AI score0.01028EPSS
Exploits0References2
Rows per page
Query Builder