| CVE-2025-43863 |
unknown |
— |
— |
|
|
|
1y ago |
vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. If attacker gets access to an authenticated… |
| CVE-2024-32969 |
unknown |
— |
— |
|
|
|
2y ago |
vantage6 collaboration admins can extend their influence by expanding the collaboration |
| CVE-2024-24770 |
unknown |
— |
— |
|
|
|
2y ago |
vantage6 vulnerable to a username timing attack on recover password/MFA token |
| CVE-2024-23823 |
unknown |
— |
— |
|
|
|
2y ago |
vantage6's CORS settings overly permissive |
| CVE-2024-22193 |
unknown |
— |
— |
|
|
|
2y ago |
The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). There are no checks on whether the input is encrypt… |
| CVE-2024-21671 |
unknown |
— |
— |
|
|
|
2y ago |
The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). It is possible to find out usernames from the resp… |
| CVE-2024-21653 |
unknown |
— |
— |
|
|
|
2y ago |
The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). Nodes and servers get a ssh config by default that… |
| CVE-2024-21649 |
unknown |
— |
— |
|
|
|
2y ago |
The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). Prior to 4.2.0, authenticated users could inject co… |
| CVE-2023-41881 |
unknown |
— |
— |
|
|
|
3y ago |
vantage6 is privacy preserving federated learning infrastructure. When a collaboration is deleted, the linked resources (such as tasks from that collaboration) should be deleted. This is partly to ma… |
| CVE-2023-28635 |
unknown |
— |
— |
|
|
|
3y ago |
vantage6 is privacy preserving federated learning infrastructure. Prior to version 4.0.0, malicious users may try to get access to resources they are not allowed to see, by creating resources with in… |
| CVE-2023-41882 |
unknown |
— |
— |
|
|
|
3y ago |
vantage6 is privacy preserving federated learning infrastructure. The endpoint /api/collaboration/{id}/task is used to collect all tasks from a certain collaboration. To get such tasks, a user should… |
| CVE-2023-23930 |
unknown |
— |
— |
|
|
|
3y ago |
vantage6 is privacy preserving federated learning infrastructure. Versions prior to 4.0.0 use pickle, which has known security issue, as a default serialization module but that has known security iss… |
| CVE-2023-23929 |
unknown |
— |
— |
|
|
|
3y ago |
vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. Currently, the refresh token is valid indefinitely. The refresh token should get a validity of 24-48 ho… |
| CVE-2023-22738 |
unknown |
— |
— |
|
|
|
3y ago |
vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. Assigning existing users to a different organizations is currently possible. It may lead to unintended … |
| CVE-2022-39228 |
unknown |
— |
— |
|
|
|
3y ago |
vantage6 vulnerable to Observable Response Discrepancy |