CVE-2023-23857 Improper Access Control in SAP NetWeaver AS for Java

Due to missing authentication check, SAP NetWeaver AS for Java - version 7.50, allows an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and services...

SUSE CVE-2021-3468

A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the clientwork function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is...

CVE-2018-7935

There is a vulnerability in 21.328.01.00.00 version of the E5573Cs-322. Remote attackers could exploit this vulnerability to make the network where the E5573Cs-322 is running temporarily unavailable...

Design/Logic Flaw

There is a vulnerability in 21.328.01.00.00 version of the E5573Cs-322. Remote attackers could exploit this vulnerability to make the network where the E5573Cs-322 is running temporarily unavailable...

CVE-2018-7935

The CVE-2018-7935 entry applies to Huawei E5573Cs-322, firmware version 21.328.01.00.00. According to connected sources, remote attackers could cause the device’s network to become temporarily unavailable (a denial of service condition). The vulnerability is documented across multiple feeds (NVD ...

Arista Networks EOS 资源管理错误漏洞

Arista Networks EOS is a scalable operating system for data centers and cloud network centers from Arista Networks, Inc. Arista EOS builds cloud architectures that scale to hundreds of thousands of compute and storage nodes with management and provisioning capabilities for large-scale jobs. Throu...

CVE-2021-28510

CVE-2021-28510 affects Arista EOS: a PTP management/signaling TLV with an invalid Type-Length-Value can cause the PTP agent to restart, leading to service unavailability. Affected EOS releases include 4.27.x (4.27.1 and earlier), 4.26.x (4.26.4 and earlier), 4.25.x (4.25.6 and earlier), and 4.24....

CVE-2019-17442

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...

CVE-2022-46313

The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and microphone...

CVE-2022-46313

The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and microphone...

CVE-2022-46313

The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and microphone...

CVE-2022-3999 WooCommerce Shipping - DPD baltic < 1.2.57 - Subscriber+ Arbitrary Options Deletion

The DPD Baltic Shipping WordPress plugin before 1.2.57 does not have authorisation and CSRF in an AJAX action, which could allow any authenticated users, such as subscriber to delete arbitrary options from the blog, which could make the blog unavailable...

WooCommerce Shipping - DPD baltic < 1.2.57 - Subscriber+ Arbitrary Options Deletion

The plugin does not have authorisation and CSRF in an AJAX action, which could allow any authenticated users, such as subscriber to delete arbitrary options from the blog, which could make the blog unavailable. PoC Run the below command in the developer console of the web browser while being on t...

CVE-2022-44555

The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable...

Design/Logic Flaw

The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable...

CVE-2022-44555

The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable...

PT-2022-27240 · Unknown · Ddmp/Odmf Module

Name of the Vulnerable Software and Affected Versions: DDMP/ODMF module affected versions not specified Description: The issue concerns a service hijacking vulnerability in the DDMP/ODMF module. If exploited, this could lead to services becoming unavailable. Recommendations: At the moment, there ...

SAP 3D Visual Enterprise Author Buffer Overflow Vulnerability

SAP 3D Visual Enterprise Author is a desktop application from SAP Germany for managing 2D, 3D, animation, video and audio assets. SAP 3D Visual Enterprise Author suffers from a buffer overflow vulnerability that stems from a lack of proper memory management and could be exploited by an attacker t...

CVE-2022-41181

Due to lack of proper memory management, when a victim opens manipulated Portable Document Format .pdf, PDFPublishing.dll file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the use...

CVE-2022-39013

Under certain conditions an authenticated attacker can get access to OS credentials. Getting access to OS credentials enables the attacker to modify system data and make the system unavailable leading to high impact on confidentiality and low impact on integrity and availability of the applicatio...