8 matches found
CVE-2021-28165
In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.
CVE-2017-7657
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as...
CVE-2022-23234
SnapCenter versions prior to 4.5 are susceptible to a vulnerability which could allow a local authenticated attacker to discover plaintext HANA credentials.
CVE-2023-27313
SnapCenter versions 3.x and 4.x prior to 4.9 are susceptible to avulnerability which may allow an authenticated unprivileged user to gainaccess as an admin user.
CVE-2022-38732
SnapCenter versions prior to 4.7 shipped without Content Security Policy (CSP) implemented which could allow certain types of attacks that otherwise would be prevented.
CVE-2024-21993
SnapCenter versions prior to 5.0p1 are susceptible to a vulnerabilitywhich could allow an authenticated attacker to discover plaintextcredentials.
CVE-2023-27316
SnapCenter versions 4.8 through 4.9 are susceptible to avulnerability which may allow an authenticated SnapCenter Server user tobecome an admin user on a remote system where a SnapCenter plug-in hasbeen installed.
CVE-2024-21987
SnapCenter versions 4.8 prior to 5.0 are susceptible to avulnerability which could allow an authenticated SnapCenter Server userto modify system logging configuration settings