Decompression Bomb

Pillow is vulnerable to Decompression bomb attacks. The vulnerability is due to not limiting the amount of GZIP-compressed data read when decoding a FITS image, where a specially crafted FITS file could cause unbounded memory consumption, and attackers can exploit it by providing maliciously...

EUVD-2006-0980

Malware in sbrugna...

EUVD-2006-5944

Malware in sbrugna...

EUVD-2018-14296

Malware in sbrugna...

EUVD-2023-36382

Malicious code in bioql PyPI...

CVE-2023-32114

SAP NetWeaver Change and Transport System - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact ...

CVE-2023-32114

SAP NetWeaver Change and Transport System - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact ...

Design/Logic Flaw

SAP NetWeaver Change and Transport System - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact ...

CVE-2023-32114

CVE-2023-32114 affects SAP NetWeaver Change and Transport System (CTS) for versions 702–757. An authenticated user with admin privileges can repeatedly run a benchmark program, causing resource exhaustion and a denial of service with limited impact on availability; confidentiality and integrity a...

PT-2023-3748 · Sap · Sap Netweaver

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Change and Transport System versions 702 through 757 Description: The issue is related to a lack of resource control mechanism in the Change and Transport System component of SAP NetWeaver. This allows an authenticated user with...

CVE-2018-2441

Under certain conditions the SAP Change and Transport System ABAP, SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49, 7.53 and 7.73, allows an attacker to transport information which would otherwis...

CVE-2018-2441

Under certain conditions the SAP Change and Transport System ABAP, SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49, 7.53 and 7.73, allows an attacker to transport information which would otherwis...

CVE-2018-2441

CVE-2018-2441 affects SAP Change and Transport System (ABAP) and SAP KERNEL variants including 32/64 NUC/Unicode across multiple 7.x releases (7.21, 7.21EXT, 7.22, 7.22EXT, 7.45, 7.49, 7.53, 7.73). Root cause details are not provided in the documents. The vulnerability would allow an attacker to ...

CVE-2017-11753

The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service heap-based buffer over-read via a crafted Flexible Image Transport System FITS file...

CVE-2017-11753

The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service heap-based buffer over-read via a crafted Flexible Image Transport System FITS file...

Network Audio System: Multiple vulnerabilities

Background Network Audio System is a network transparent, client/server audio transport system. Description Multiple vulnerabilities have been discovered in Network Audio System. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker could possibly...

Department of Transport UK - SQL Injection Vulnerability

Document Title: =============== Department of Transport UK - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=732 Release Date: ============= 2013-08-28 Vulnerability Laboratory ID VL-ID: ==================================== 73...

Mercury Mail Transport System Buffer Overflow (CVE-2005-4411)

The Mercury Mail Transport System server is an implementation of an Internet mail server. The product offers services which are implementations of the server side of several protocols such as SMTP, POP3, IMAP and Computing and Communications Services Office Nameserver protocol also know as the...

Mercury Mail SMTP AUTH CRAM-MD5 buffer overflow

Added: 10/05/2007 CVE: CVE-2007-4440 BID: 25357 OSVDB: 39669 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem A buffer overflow vulnerability in the SMTP service allows remote attackers to execute arbitrary commands by sending a specially craft...

Mercury IMAP Server SEARCH Command Remote Buffer Overflow

The remote host is running the Mercury Mail Transport System, a free suite of server products for Windows and NetWare associated with Pegasus Mail. The remote installation of Mercury Mail includes an IMAP server that is affected by a buffer overflow vulnerability. Using a specially- crafted SEARC...