CVE-2022-41181

Due to lack of proper memory management, when a victim opens manipulated Portable Document Format .pdf, PDFPublishing.dll file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the use...

CVE-2022-39013

Under certain conditions an authenticated attacker can get access to OS credentials. Getting access to OS credentials enables the attacker to modify system data and make the system unavailable leading to high impact on confidentiality and low impact on integrity and availability of the applicatio...

CVE-2022-39013

Under certain conditions an authenticated attacker can get access to OS credentials. Getting access to OS credentials enables the attacker to modify system data and make the system unavailable leading to high impact on confidentiality and low impact on integrity and availability of the applicatio...

PT-2022-25701 · Sap · Sap 3D Visual Enterprise Author

Name of the Vulnerable Software and Affected Versions: SAP 3D Visual Enterprise Author version 9 Description: The issue arises due to improper memory management when handling manipulated IGES Part and Assembly files received from untrusted sources. This can cause the application to crash, becomin...

PT-2022-24669 · Sap Se +1 · Sap Businessobjects Business Intelligence Platform

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue allows an authenticated attacker to access OS credentials under certain conditions. This access enables the attacker to modify system data and potentially make the system...

Unbounded loop in BaseV1-core.sol could lead to a griefing/DOS attack

Lines of code Vulnerability details Denial Of Service Attack Denial-of-service attacks: Attacks that cause DoS are called DoS attacks. The purpose is to disable the computer or network from providing normal service. Description: As this array can grow quite large, the transaction’s gas cost could...

CVE-2022-39194

An issue was discovered in the MediaWiki through 1.38.2. The community configuration pages for the GrowthExperiments extension could cause a site to become unavailable due to insufficient validation when certain actions including page moves were performed...

CVE-2022-39194

An issue was discovered in the MediaWiki through 1.38.2. The community configuration pages for the GrowthExperiments extension could cause a site to become unavailable due to insufficient validation when certain actions including page moves were performed...

Apache SkyWalking NodeJS Agent can lose availability if header includes illegal SkyWalking header

A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent can't establish the connection...

CVE-2022-36127

A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent can't establish the connection...

CVE-2022-36127

A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent can't establish the connection...

Code injection

A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent can't establish the connection...

CVE-2022-36127 Service unavailability impact in NodeJS agent(version <= 0.5.0)

A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent can't establish the connection...

PSA: Sudden Increase In Attacks On Modern WPBakery Page Builder Addons Vulnerability

The Wordfence Threat Intelligence team has been monitoring a sudden increase in attack attempts targeting Kaswara Modern WPBakery Page Builder Addons. This ongoing campaign is attempting to take advantage of an arbitrary file upload vulnerability, tracked as CVE-2021-24284, which has been...

Huawei EulerOS: Security Advisory for openjpeg (EulerOS-SA-2022-1907)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-32243

When a user opens manipulated Scalable Vector Graphics .svg, svg.x3d files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application...

CVE-2022-32241

When a user opens manipulated Portable Document Format .pdf, PDFView.x3d files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application...

CVE-2022-32239

When a user opens manipulated JPEG 2000 .jp2, jp2k.x3d files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application...

CVE-2022-32238

When a user opens manipulated Encapsulated Post Script .eps, ai.x3d files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application...

CVE-2022-31754

Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features...