VYPR

CVEs

101,972 total · page 1263 of 2,040

  • CVE-2021-25470HigOct 6, 2021
    risk 0.51cvss 7.9epss 0.00

    An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE.

  • CVE-2021-38925HigOct 6, 2021
    risk 0.49cvss 7.5epss 0.01

    IBM Sterling B2B Integrator Standard Edition 5.2.0. 0 through 6.1.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210171.

  • CVE-2021-29837HigOct 6, 2021
    risk 0.57cvss 8.8epss 0.00

    IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 204913.

  • CVE-2021-20264HigOct 6, 2021
    risk 0.51cvss 7.8epss 0.00

    An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and escalate their privileges. The highest threat from this vulnerability is to…

  • CVE-2021-0692HigOct 6, 2021
    risk 0.51cvss 7.8epss 0.00

    In sendBroadcastToInstaller of FirstScreenBroadcast.java, there is a possible activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-0688HigOct 6, 2021
    risk 0.46cvss 7.0epss 0.00

    In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10…

  • CVE-2021-0685HigOct 6, 2021
    risk 0.51cvss 7.8epss 0.00

    In ParsedIntentInfo of ParsedIntentInfo.java, there is a possible parcel serialization/deserialization mismatch due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2021-0684HigOct 6, 2021
    risk 0.51cvss 7.8epss 0.00

    In TouchInputMapper::sync of TouchInputMapper.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-0683HigOct 6, 2021
    risk 0.51cvss 7.8epss 0.00

    In runTraceIpcStop of ActivityManagerShellCommand.java, there is a possible deletion of system files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2021-0636HigOct 6, 2021
    risk 0.51cvss 7.8epss 0.00

    When extracting the incorrectly formatted avi file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed. This problem may lead to hacker malicious code attacks, resulting in the loss of user rights.Product:…

  • CVE-2021-0635HigOct 6, 2021
    risk 0.51cvss 7.8epss 0.00

    When extracting the incorrectly formatted flv file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed. This problem may lead to hacker malicious code attacks, resulting in the loss of user rights.Product:…

  • CVE-2021-0598HigOct 6, 2021
    risk 0.47cvss 7.3epss 0.00

    In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2021-0595HigOct 6, 2021
    risk 0.51cvss 7.8epss 0.00

    In lockAllProfileTasks of RootWindowContainer.java, there is a possible way to access the work profile without the profile PIN, after logging in. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2021-28702HigOct 6, 2021
    risk 0.49cvss 7.6epss 0.00

    PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR"). These are typically used for platform tasks such as legacy USB emulation. If such a device is…

  • CVE-2021-24019HigOct 6, 2021
    risk 0.53cvss 8.1epss 0.04

    An insufficient session expiration vulnerability [CWE- 613] in FortiClientEMS versions 6.4.2 and below, 6.2.8 and below may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID (via other,…

  • CVE-2021-31988HigOct 5, 2021
    risk 0.57cvss 8.8epss 0.01

    A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email.

  • CVE-2021-31987HigOct 5, 2021
    risk 0.49cvss 7.5epss 0.01

    A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients.

  • CVE-2020-21503HigOct 5, 2021
    risk 0.49cvss 7.5epss 0.01

    waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=gift&a=addsave credit parameter to -1, the product is sold for free.

  • CVE-2021-41124HigOct 5, 2021
    risk 0.41cvss 7.4epss 0.01

    Scrapy-splash is a library which provides Scrapy and JavaScript integration. In affected versions users who use [`HttpAuthMiddleware`](http://doc.scrapy.org/en/latest/topics/downloader-middleware.html#module-scrapy.downloadermiddlewares.httpauth) (i.e. the `http_user` and…

  • CVE-2021-41120HigOct 5, 2021
    risk 0.42cvss 7.5epss 0.01

    sylius/paypal-plugin is a paypal plugin for the Sylius development platform. In affected versions the URL to the payment page done after checkout was created with autoincremented payment id (/pay-with-paypal/{id}) and therefore it was easy to predict. The problem is that the…

  • CVE-2021-3581HigOct 5, 2021
    risk 0.46cvss 7.0epss 0.00

    Buffer Access with Incorrect Length Value in zephyr. Zephyr versions >= >=2.5.0 contain Buffer Access with Incorrect Length Value (CWE-805). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8q65-5gqf-fmw5

  • CVE-2021-3510HigOct 5, 2021
    risk 0.49cvss 7.5epss 0.01

    Zephyr JSON decoder incorrectly decodes array of array. Zephyr versions >= >1.14.0, >= >2.5.0 contain Attempt to Access Child of a Non-structure Pointer (CWE-588). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-289f-7mw3-2qf4

  • CVE-2021-41116HigOct 5, 2021
    risk 0.47cvss 8.2epss 0.03

    Composer is an open source dependency manager for the PHP language. In affected versions windows users running Composer to install untrusted dependencies are subject to command injection and should upgrade their composer version. Other OSs and WSL are not affected. The issue has…

  • CVE-2021-41113HigOct 5, 2021
    risk 0.50cvss 8.8epss 0.01

    TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the new TYPO3 v11 feature that allows users to create and share deep links in the backend user interface is vulnerable to cross-site-request-forgery. The…

  • CVE-2021-35497HigOct 5, 2021
    risk 0.49cvss 7.5epss 0.00

    The FTL Server (tibftlserver) and Docker images containing tibftlserver components of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, TIBCO ActiveSpaces - Enterprise Edition, TIBCO FTL - Community Edition, TIBCO FTL -…

  • CVE-2021-41286HigOct 5, 2021
    risk 0.51cvss 7.8epss 0.00

    Omikron MultiCash Desktop 4.00.008.SP5 relies on a client-side authentication mechanism. When a user logs into the application, the validity of the password is checked locally. All communication to the database backend is made via the same technical account. Consequently, an…

  • CVE-2021-35491HigOct 5, 2021
    risk 0.53cvss 8.1epss 0.01

    A Cross-Site Request Forgery (CSRF) vulnerability in Wowza Streaming Engine through 4.8.11+5 allows a remote attacker to delete a user account via the /enginemanager/server/user/delete.htm userName parameter. The application does not implement a CSRF token for the GET request.…

  • CVE-2021-41554HigOct 5, 2021
    risk 0.57cvss 8.8epss 0.01

    ARCHIBUS Web Central 21.3.3.815 (a version from 2014) does not properly validate requests for access to data and functionality in these affected endpoints: /archibus/schema/ab-edit-users.axvw, /archibus/schema/ab-data-dictionary-table.axvw, /archibus/schema/ab-schema-add-field.ax…

  • CVE-2021-22261HigOct 5, 2021
    risk 0.48cvss 7.3epss 0.01

    A stored Cross-Site Scripting vulnerability in the Jira integration in all GitLab versions starting from 13.9 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 allows an attacker to execute arbitrary JavaScript code…

  • CVE-2021-39887HigOct 5, 2021
    risk 0.48cvss 7.3epss 0.01

    A stored Cross-Site Scripting vulnerability in the GitLab Flavored Markdown in GitLab CE/EE version 8.4 and above allowed an attacker to execute arbitrary JavaScript code on the victim's behalf.

  • CVE-2021-35505HigOct 5, 2021
    risk 0.47cvss 7.2epss 0.03

    Afian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path value for the magick binary.

  • CVE-2021-35504HigOct 5, 2021
    risk 0.47cvss 7.2epss 0.03

    Afian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path value for the ffmpeg binary.

  • CVE-2021-41524HigOct 5, 2021
    risk 0.51cvss 7.5epss 0.25

    While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is…

  • CVE-2021-42008HigOct 5, 2021
    risk 0.00cvss 7.8epss 0.01

    The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.

  • CVE-2021-42006HigOct 4, 2021
    risk 0.57cvss 8.8epss 0.01

    An out-of-bounds access in GffLine::GffLine in gff.cpp in GCLib 0.12.7 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted GFF file.

  • CVE-2021-32765HigOct 4, 2021
    risk 0.00cvss 8.8epss 0.02

    Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted `RESP` `mult-bulk` protocol data. When parsing `multi-bulk` (array-like) replies, hiredis fails to check…

  • CVE-2021-39433HigOct 4, 2021
    risk 0.49cvss 7.5epss 0.08

    A local file inclusion (LFI) vulnerability exists in version BIQS IT Biqs-drive v1.83 and below when sending a specific payload as the file parameter to download/index.php. This allows the attacker to read arbitrary files from the server with the permissions of the configured…

  • CVE-2020-21386HigOct 4, 2021
    risk 0.57cvss 8.8epss 0.00

    A Cross-Site Request Forgery (CSRF) in the component admin.php/admin/type/info.html of Maccms 10 allows attackers to gain administrator privileges.

  • CVE-2021-41651HigOct 4, 2021
    risk 0.49cvss 7.5epss 0.02

    A blind SQL injection vulnerability exists in the Raymart DG / Ahmed Helal Hotel-mgmt-system. A malicious attacker can retrieve sensitive database information and interact with the database using the vulnerable cid parameter in process_update_profile.php.

  • CVE-2021-41100HigOct 4, 2021
    risk 0.48cvss 7.4epss 0.01

    Wire-server is the backing server for the open source wire secure messaging application. In affected versions it is possible to trigger email address change of a user with only the short-lived session token in the `Authorization` header. As the short-lived token is only meant as…

  • CVE-2021-41093HigOct 4, 2021
    risk 0.00cvss 7.4epss 0.01

    Wire is an open source secure messenger. In affected versions if the an attacker gets an old but valid access token they can take over an account by changing the email. This issue has been resolved in version 3.86 which uses a new endpoint which additionally requires an…

  • CVE-2021-41579HigOct 4, 2021
    risk 0.51cvss 7.8epss 0.01

    LCDS LAquis SCADA through 4.3.1.1085 is vulnerable to a control bypass and path traversal. If an attacker can get a victim to load a malicious els project file and use the play feature, then the attacker can bypass a consent popup and write arbitrary files to OS locations where…

  • CVE-2021-41578HigOct 4, 2021
    risk 0.52cvss 7.8epss 0.10

    mySCADA myDESIGNER 8.20.0 and below allows Directory Traversal attacks when importing project files. If an attacker can trick a victim into importing a malicious mep file, then they gain the ability to write arbitrary files to OS locations where the user has permission. This…

  • CVE-2021-41099HigOct 4, 2021
    risk 0.00cvss 7.5epss 0.03

    Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default…

  • CVE-2021-38618HigOct 4, 2021
    risk 0.48cvss 7.4epss 0.01

    In GFOS Workforce Management 4.8.272.1, the login page of application is prone to authentication bypass, allowing anyone (who knows a user's credentials except the password) to get access to an account. This occurs because of JSESSIONID mismanagement.

  • CVE-2021-32762HigOct 4, 2021
    risk 0.00cvss 7.5epss 0.03

    Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the…

  • CVE-2021-32687HigOct 4, 2021
    risk 0.00cvss 7.5epss 0.04

    Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting all versions of Redis can be exploited to corrupt the heap and potentially be used to leak arbitrary contents of the heap or trigger remote code execution. The vulnerability…

  • CVE-2021-32675HigOct 4, 2021
    risk 0.01cvss 7.5epss 0.16

    Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol (RESP) request, Redis allocates memory according to user-specified values which determine the number of elements (in the multi-bulk header) and size of each…

  • CVE-2021-32628HigOct 4, 2021
    risk 0.00cvss 7.5epss 0.04

    Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the ziplist data structure used by all versions of Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves modifying the…

  • CVE-2021-32627HigOct 4, 2021
    risk 0.00cvss 7.5epss 0.04

    Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves changing the default proto-max-bulk-len and…