Lucene search
K

90 matches found

Kaspersky
Kaspersky
added 2024/11/20 12:0 a.m.16 views

KLA77561 DoS vulnerability in Wireshark

Denial of service vulnerability was found in Wireshark. Malicious users can exploit this vulnerability to cause denial of service. Original advisories wnpa-sec-2024-14 · FiveCo RAP dissector infinite loop Related products Wireshark CVE list CVE-2024-11595 high Solution Update to the latest versio...

7.8CVSS6.4AI score0.00268EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/11/05 1:22 a.m.3 views

kernel: of: module: add buffer overflow check in of_modalias()

A buffer overflow flaw was found in ofmodalias in the Linux kernel, occurring after the first snprintf call. This issue could result in loss of availability of the system...

9.8CVSS7.3AI score0.01483EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/05 12:54 a.m.3 views

kernel: of: module: add buffer overflow check in of_modalias()

A buffer overflow flaw was found in ofmodalias in the Linux kernel, occurring after the first snprintf call. This issue could result in loss of availability of the system...

9.8CVSS7.3AI score0.01483EPSS
Exploits0References5
NVD
NVD
added 2024/06/27 7:15 p.m.22 views

CVE-2024-6038

A Regular Expression Denial of Service ReDoS vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability is located in the filterhistory function within the utils.py module. This function takes a user-provided keyword and attempts to match it against chat history...

7.5CVSS0.00652EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/06/27 12:0 a.m.5 views

PT-2024-37336 · Unknown · Gaizhenbiao/Chuanhuchatgpt

Name of the Vulnerable Software and Affected Versions: gaizhenbiao/chuanhuchatgpt affected versions not specified Description: A Regular Expression Denial of Service ReDoS issue exists, located in the filter history function within the utils.py module. This function uses a regular expression sear...

7.5CVSS7.4AI score0.00652EPSS
Exploits1References4
Prion
Prion
added 2024/02/16 7:15 p.m.23 views

Privilege escalation

A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform FTSP. If exploited, a malicious user with basic user group privileges could potentially sign into the software and receive FTSP Administrator Group privileges. A threat actor could potentially read an...

5.1CVSS7.2AI score0.0099EPSS
Exploits0References1
NVD
NVD
added 2024/02/13 3:15 a.m.30 views

CVE-2024-22131

In SAP ABA Application Basis - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75I, an attacker authenticated as a user with a remote execution authorization can use a vulnerable interface. This allows the attacker to use the interface to invoke an application function to perform actions...

9.1CVSS9.1AI score0.01079EPSS
Exploits0References2
Prion
Prion
added 2024/02/13 3:15 a.m.26 views

Authorization

In SAP ABA Application Basis - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75I, an attacker authenticated as a user with a remote execution authorization can use a vulnerable interface. This allows the attacker to use the interface to invoke an application function to perform actions...

5.8CVSS7AI score0.01079EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/13 2:30 a.m.29 views

CVE-2024-22131 Code Injection vulnerability in SAP ABA (Application Basis)

In SAP ABA Application Basis - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75I, an attacker authenticated as a user with a remote execution authorization can use a vulnerable interface. This allows the attacker to use the interface to invoke an application function to perform actions...

9.1CVSS9.2AI score0.01079EPSS
Exploits0References2
Prion
Prion
added 2023/11/30 5:15 p.m.22 views

Design/Logic Flaw

An allocation of resources without limits or throttling vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to make the system unavailable for an indefinite amount of time. See product Instruction Manual Appendix A dated 20230830 for more...

4CVSS6.9AI score0.00664EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/08/08 1:15 a.m.34 views

CVE-2023-37491

The ACL Access Control List of SAP Message Server - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, RNL64UC 7.22, RNL64UC 7.22EXT, RNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22EXT, can be bypassed in certain conditions, which may enable an authenticated malicious user to enter the...

8.8CVSS7.6AI score0.0044EPSS
Exploits0References2
NVD
NVD
added 2023/05/09 1:15 a.m.26 views

CVE-2023-28762

SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker with administrator privileges to get the login token of any logged-in BI user over the network without any user interaction. The attacker can impersonate any user on the platform resulting int...

9.1CVSS9.2AI score0.00709EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/09 12:53 a.m.30 views

CVE-2023-28762 Information Disclosure in SAP BusinessObjects Intelligence Platform

SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker with administrator privileges to get the login token of any logged-in BI user over the network without any user interaction. The attacker can impersonate any user on the platform resulting int...

9.1CVSS9.3AI score0.00709EPSS
Exploits0References2
CVE
CVE
added 2023/05/09 12:53 a.m.46 views

CVE-2023-28762

Affected product: SAP BusinessObjects Business Intelligence Platform (versions 420 and 430). Vulnerability summary: An authenticated attacker with administrator privileges can obtain the login token of any logged-in BI user over the network without user interaction, enabling impersonation of any ...

9.1CVSS7.1AI score0.00709EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/11 12:0 a.m.6 views

PT-2023-22189 · Sap · Sap Netweaver

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver BI CONT ADDON versions 707, 737, 747, 757 Description: The issue allows an attacker to exploit a directory traversal flaw in a report to upload and overwrite files on the SAP server. Although data cannot be read, a remote attack...

8.7CVSS6.5AI score0.23035EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2023/03/14 4:36 a.m.8 views

CVE-2023-23857 Improper Access Control in SAP NetWeaver AS for Java

Due to missing authentication check, SAP NetWeaver AS for Java - version 7.50, allows an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and services...

9.9CVSS9.4AI score0.00544EPSS
Exploits0References2
OSV
OSV
added 2022/10/11 9:15 p.m.5 views

CVE-2022-39013

Under certain conditions an authenticated attacker can get access to OS credentials. Getting access to OS credentials enables the attacker to modify system data and make the system unavailable leading to high impact on confidentiality and low impact on integrity and availability of the applicatio...

7.6CVSS5.8AI score0.00601EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/10/11 12:0 a.m.5 views

PT-2022-24669 · Sap Se +1 · Sap Businessobjects Business Intelligence Platform

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue allows an authenticated attacker to access OS credentials under certain conditions. This access enables the attacker to modify system data and potentially make the system...

7.6CVSS7.2AI score0.00601EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/10/11 12:0 a.m.32 views

CVE-2022-39013

Under certain conditions an authenticated attacker can get access to OS credentials. Getting access to OS credentials enables the attacker to modify system data and make the system unavailable leading to high impact on confidentiality and low impact on integrity and availability of the applicatio...

7.5AI score0.00601EPSS
Exploits0References2
Code423n4
Code423n4
added 2022/05/02 12:0 a.m.10 views

ChainlinkInceptionPriceFeed can report stale price

Lines of code Vulnerability details As stale price is determined by time since last timestamp, the price that is most recent, but wasn't updated for more than PRICEORACLESTALETHRESHOLD say there were no trades on the market will be rejected, which makes system unavailable in such a case. This can...

6.7AI score
Exploits0
Rows per page
Query Builder