Lucene search
+L

235 matches found

nvd
nvd
added 2021/06/09 2:15 p.m.23 views

CVE-2021-27627

SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method ChartInterpreter::DoIt which will...

5.9CVSS0.01208EPSS
Exploits0References2
nvd
nvd
added 2021/06/09 2:15 p.m.26 views

CVE-2021-27622

SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CDrawRaster::LoadImageFromMemory whic...

5.9CVSS0.01208EPSS
Exploits0References2
prion
prion
added 2021/06/09 2:15 p.m.20 views

Input validation

SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CXmlUtility::CheckLength which will...

4.3CVSS6AI score0.00863EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2021/06/07 12:0 a.m.4 views

PT-2021-19386 · Opentext · Opentext Brava! Desktop

Name of the Vulnerable Software and Affected Versions: OpenText Brava! Desktop version 16.6.3.84 package 16.6.3.134 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or op...

7.8CVSS7.8AI score0.01384EPSS
Exploits0References7
zdi
zdi
added 2021/06/07 12:0 a.m.62 views

OpenText Brava! Desktop IGS File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS5.5AI score0.01384EPSS
Exploits0
metasploit
metasploit
added 2020/10/07 5:41 p.m.60 views

SAP Internet Graphics Server (IGS) XMLCHART XXE

This module exploits CVE-2018-2392 and CVE-2018-2393, two XXE vulnerabilities within the XMLCHART page of SAP Internet Graphics Servers IGS running versions 7.20, 7.20EXT, 7.45, 7.49, or 7.53. These vulnerabilities occur due to a lack of appropriate validation on the Extension HTML tag when...

7.5CVSS7.5AI score0.40993EPSS
Exploits2
prion
prion
added 2018/07/10 6:29 p.m.17 views

Design/Logic Flaw

The SAP Internet Graphics Server IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, has several denial-of-service vulnerabilities that allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service...

5CVSS7.6AI score0.01969EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2018/07/10 6:0 p.m.21 views

CVE-2018-2437

The SAP Internet Graphics Service IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to externally trigger IGS command executions which can lead to: disclosure of information and malicious file insertion or modification...

9.1AI score0.03298EPSS
Exploits0References3
cve
cve
added 2018/07/10 6:0 p.m.46 views

CVE-2018-2437

CVE-2018-2437 affects SAP Internet Graphics Service (IGS) versions 7.20, 7.20EXT, 7.45, 7.49, 7.53. The vulnerability allows an attacker to externally trigger IGS command executions, resulting in disclosure of information and potential malicious file insertion or modification. Root cause details ...

9.1CVSS8.9AI score0.03298EPSS
Exploits0References3Affected Software1
cve
cve
added 2018/07/10 6:0 p.m.46 views

CVE-2018-2439

CVE-2018-2439 refers to the SAP Internet Graphics Server (IGS) affecting versions 7.20, 7.20EXT, 7.45, 7.49, 7.53. The issue is insufficient input validation in multiple IGS components (HTTP and RFC listener, portwatcher registration with the multiplexer, and the multiplexer itself), which can al...

5.9CVSS5.7AI score0.01556EPSS
Exploits0References3Affected Software1
cve
cve
added 2018/07/10 6:0 p.m.44 views

CVE-2018-2438

The CVE-2018-2438 entry concerns SAP Internet Graphics Server (IGS) with affected versions including 7.20, 7.20EXT, 7.45, 7.49, and 7.53. The vulnerability type is denial-of-service, enabling an attacker to prevent legitimate users from accessing the service by crashing or flooding it. The issue ...

7.5CVSS7.5AI score0.01969EPSS
Exploits0References3Affected Software1
openbugbounty
openbugbounty
added 2018/06/22 6:31 a.m.7 views

igs-frankenthal.de Improper Access Control vulnerability

Open Bug Bounty ID: OBB-635199 Description| Value ---|--- Affected Website:| igs-frankenthal.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Other Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...

0.1AI score
Exploits0
nvd
nvd
added 2018/05/09 8:29 p.m.24 views

CVE-2018-2420

SAP Internet Graphics Server IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to upload any file including script files without proper file format validation...

9.8CVSS7.2AI score0.0158EPSS
Exploits0References3
cve
cve
added 2018/05/09 8:0 p.m.44 views

CVE-2018-2421

CVE-2018-2421 concerns SAP Internet Graphics Server (IGS) Portwatcher and affects listed Portwatcher versions within SAP IGS. The vulnerability enables a denial-of-service by preventing legitimate users from accessing the service, either by crashing or flooding it. The issue is associated with th...

7.5CVSS7.4AI score0.02522EPSS
Exploits0References3Affected Software1
cve
cve
added 2018/05/09 8:0 p.m.46 views

CVE-2018-2422

The CVE-2018-2422 entry concerns SAP Internet Graphics Server (IGS) Portwatcher. Affected versions include 7.20, 7.20EXT, 7.45, 7.49, and 7.53. The vulnerability enables a Denial of Service where an attacker can crash or flood the Portwatcher, preventing legitimate users from accessing the servic...

7.5CVSS7.4AI score0.01944EPSS
Exploits0References3Affected Software1
cve
cve
added 2018/05/09 8:0 p.m.42 views

CVE-2018-2423

CVE-2018-2423 concerns SAP Internet Graphics Server (IGS) when running on versions 7.20, 7.20EXT, 7.45, 7.49, and 7.53. The issue affects the HTTP and RFC listeners, allowing an attacker to deny service to legitimate users by crashing or flooding the service (availability impact). CVSS metrics in...

7.5CVSS7.4AI score0.02522EPSS
Exploits0References3Affected Software1
cve
cve
added 2018/05/09 8:0 p.m.49 views

CVE-2018-2420

CVE-2018-2420 affects SAP Internet Graphics Server (IGS) across versions 7.20, 7.20EXT, 7.45, 7.49, 7.53. Root cause: improper validation of file formats during upload allows an attacker to upload arbitrary files (including script files). Impact: potential confidentiality, integrity, and availabi...

9.8CVSS9.3AI score0.0158EPSS
Exploits0References3Affected Software1
nvd
nvd
added 2018/02/14 12:29 p.m.20 views

CVE-2018-2393

Under certain conditions SAP Internet Graphics Server IGS 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server IGS to become unavailable...

7.5CVSS7.5AI score0.18204EPSS
Exploits2References2
nvd
nvd
added 2018/02/14 12:29 p.m.28 views

CVE-2018-2392

Under certain conditions SAP Internet Graphics Server IGS 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server IGS to become unavailable...

7.5CVSS7.5AI score0.40993EPSS
Exploits2References2
nvd
nvd
added 2018/02/14 12:29 p.m.20 views

CVE-2018-2390

Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS Chart service...

6.5CVSS6.5AI score0.00924EPSS
Exploits0References2
Rows per page
Query Builder