90 matches found
GHSA-JX8F-CPX7-FV47 Allocation of Resources Without Limits or Throttling in nvflare
Impact NVIDIA FLARE contains a vulnerability in Admin Interface, where an un-authorized attacker can cause Allocation of Resources Without Limits or Throttling, which may lead to cause system unavailable All versions before 2.0.16 are affected. Patches The patch will be included in nvflare==2.0.1...
CVE-2022-21822
NVIDIA FLARE contains a vulnerability in the admin interface, where an un-authorized attacker can cause Allocation of Resources Without Limits or Throttling, which may lead to cause system unavailable...
Design/Logic Flaw
NVIDIA FLARE contains a vulnerability in the admin interface, where an un-authorized attacker can cause Allocation of Resources Without Limits or Throttling, which may lead to cause system unavailable...
NVIDIA FLARE 安全漏洞
NVIDIA FLARE is an open source FL SDK from NVIDIA, Inc. that allows researchers and data scientists to adapt existing ML/DL workflows to a federated paradigm and enables platform developers to build secure, privacy-preserving products for distributed multi-party collaboration. A security...
SAP NetWeaver AS ABAP Code Injection (3048657)
A code injection vulnerability exists in SAP NetWeaver Application Server ABAP Reconciliation Framework. ABAP Server and ABAP Platform may allow a high privileged attacker to inject code that can be executed by the application. An attacker could potentially delete critical information and make th...
CVE-2021-33678
A function module of SAP NetWeaver AS ABAP Reconciliation Framework, versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75B, 75C, 75D, 75E, 75F, allows a high privileged attacker to inject code that can be executed by the application. An attacker could thereby delete some...
CVE-2021-33678
A function module of SAP NetWeaver AS ABAP Reconciliation Framework, versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75B, 75C, 75D, 75E, 75F, allows a high privileged attacker to inject code that can be executed by the application. An attacker could thereby delete some...
PT-2021-20256 · Sap · Sap Netweaver As Abap
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP Reconciliation Framework versions 700 through 75F Description: A function module in the Reconciliation Framework of SAP NetWeaver AS ABAP allows a high-privileged attacker to inject code that can be executed by the...
CVE-2021-27631
SAP NetWeaver ABAP Server and ABAP Platform Enqueue Server, versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73, allows an unauthenticated attacker without specific knowledge of the system to send a...
CVE-2021-27630
SAP NetWeaver ABAP Server and ABAP Platform Enqueue Server, versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73, allows an unauthenticated attacker without specific knowledge of the system to send a...
CVE-2021-27622
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CDrawRaster::LoadImageFromMemory whic...
CVE-2021-27620
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method Ups::AddPart which will trigger an...
KLA12291 DoS vulnerability in Apache Tomcat
A denial of service vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Apache Tomcat 8.5.x vulnerabilities Apache Tomcat 9.x vulnerabilities Apache Tomcat 10.0.x vulnerabilities Related products Apache-Tomcat CV...
CVE-2021-20243
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...
CVE-2021-20246
A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...
Denial Of Service (DoS)
nodejs is vulnerable to denial of serviceDoS attacks. A remote attacker could cause memory exhaustion via too many connection attempts with an 'unknownProtocol' leading to system unavailability...
CVE-2020-26832
SAP AS ABAP SAP Landscape Transformation, versions - 20111620, 20111640, 20111700, 20111710, 20111730, 20111731, 20111752, 2020 and SAP S4 HANA SAP Landscape Transformation, versions - 101, 102, 103, 104, 105, allows a high privileged user to execute a RFC function module to which access should b...
CVE-2020-6362
SAP Banking Services version 500, use an incorrect authorization object in some of its reports. Although the affected reports are protected with otherauthorization objects, exploitation of the vulnerability could lead to privilege escalation and violation in segregation of duties, which in turn...
Authorization
SAP Banking Services version 500, use an incorrect authorization object in some of its reports. Although the affected reports are protected with otherauthorization objects, exploitation of the vulnerability could lead to privilege escalation and violation in segregation of duties, which in turn...
CVE-2020-6362
SAP Banking Services version 500, use an incorrect authorization object in some of its reports. Although the affected reports are protected with otherauthorization objects, exploitation of the vulnerability could lead to privilege escalation and violation in segregation of duties, which in turn...