VYPR

CVEs

101,975 total · page 1270 of 2,040

  • CVE-2020-20892HigSep 20, 2021
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in function filter_frame in libavfilter/vf_lenscorrection.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts due to a division by zero.

  • CVE-2020-20891HigSep 20, 2021
    risk 0.57cvss 8.8epss 0.01

    Buffer Overflow vulnerability in function config_input in libavfilter/vf_gblur.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.

  • CVE-2021-39402HigSep 20, 2021
    risk 0.47cvss 7.2epss 0.01

    MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel. The injected payload is reflected on the affiliate main page for all authenticated and unauthenticated visitors.

  • CVE-2021-24663HigSep 20, 2021
    risk 0.47cvss 7.2epss 0.01

    The Simple Schools Staff Directory WordPress plugin through 1.1 does not validate uploaded logo pictures to ensure that are indeed images, allowing high privilege users such as admin to upload arbitrary file like PHP, leading to RCE

  • CVE-2021-24639HigSep 20, 2021
    risk 0.53cvss 8.1epss 0.01

    The OMGF WordPress plugin before 4.5.4 does not enforce path validation, authorisation and CSRF checks in the omgf_ajax_empty_dir AJAX action, which allows any authenticated users to delete arbitrary files or folders on the server.

  • CVE-2021-24636HigSep 20, 2021
    risk 0.53cvss 8.1epss 0.01

    The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce (CSRF) checks, which allows attackers to make logged in administrators deactivate the Print My Blog plugin and delete all saved data for that plugin by tricking them to open a malicious link

  • CVE-2021-24606HigSep 20, 2021
    risk 0.57cvss 8.8epss 0.01

    The Availability Calendar WordPress plugin before 1.2.1 does not escape the category attribute from its shortcode before using it in a SQL statement, leading to a SQL Injection issue, which can be exploited by any user able to add shortcode to posts/pages, such as contributor+

  • CVE-2021-24511HigSep 20, 2021
    risk 0.47cvss 7.2epss 0.02

    The fetch_product_ajax functionality in the Product Feed on WooCommerce WordPress plugin before 3.3.1.0 uses a `product_id` POST parameter which is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.

  • CVE-2021-24404HigSep 20, 2021
    risk 0.58cvss 8.8epss 0.05

    The options.php file of the WP-Board WordPress plugin through 1.1 beta accepts a postid parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. This is a time based SQLI and in the same function vulnerable parameter…

  • CVE-2021-24403HigSep 20, 2021
    risk 0.47cvss 7.2epss 0.02

    The Orders functionality in the WordPress Page Contact plugin through 1.0 has an order_id parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. The feature is available to low privilege users such as contributors

  • CVE-2021-24402HigSep 20, 2021
    risk 0.47cvss 7.2epss 0.05

    The Orders functionality in the WP iCommerce WordPress plugin through 1.1.1 has an `order_id` parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. The feature is available to low privilege users such as contributors

  • CVE-2021-24401HigSep 20, 2021
    risk 0.47cvss 7.2epss 0.05

    The Edit domain functionality in the WP Domain Redirect WordPress plugin through 1.0 has an `editid` parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.

  • CVE-2021-24400HigSep 20, 2021
    risk 0.47cvss 7.2epss 0.02

    The Edit Role functionality in the Display Users WordPress plugin through 2.0.0 had an `id` parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.

  • CVE-2021-24399HigSep 20, 2021
    risk 0.47cvss 7.2epss 0.02

    The check_order function of The Sorter WordPress plugin through 1.0 uses an `area_id` parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.

  • CVE-2021-24398HigSep 20, 2021
    risk 0.47cvss 7.2epss 0.02

    The Add new scene functionality in the Responsive 3D Slider WordPress plugin through 1.2 uses an id parameter which is not sanitised, escaped or validated before being inserted to a SQL statement, leading to SQL injection. This is a time based SQLI and in the same function…

  • CVE-2021-24397HigSep 20, 2021
    risk 0.47cvss 7.2epss 0.02

    The edit functionality in the MicroCopy WordPress plugin through 1.1.0 makes a get request to fetch the related option. The id parameter used is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.

  • CVE-2021-24396HigSep 20, 2021
    risk 0.47cvss 7.2epss 0.02

    A pageid GET parameter of the GSEOR – WordPress SEO Plugin WordPress plugin through 1.3 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.

  • CVE-2021-38300HigSep 20, 2021
    risk 0.00cvss 7.8epss 0.01

    arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of…

  • CVE-2021-40690HigSep 19, 2021
    risk 0.50cvss 7.5epss 0.11

    All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform…

  • CVE-2021-41073HigSep 19, 2021
    risk 0.00cvss 7.8epss 0.02

    loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc//maps for exploitation.

  • CVE-2021-41390HigSep 17, 2021
    risk 0.52cvss 8.0epss 0.01

    In Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulnerable to CSV Injection.

  • CVE-2021-41387HigSep 17, 2021
    risk 0.57cvss 8.8epss 0.01

    seatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and may be installed setuid root.

  • CVE-2020-21548HigSep 17, 2021
    risk 0.57cvss 8.8epss 0.01

    Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c.

  • CVE-2020-21547HigSep 17, 2021
    risk 0.57cvss 8.8epss 0.01

    Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c.

  • CVE-2021-41383HigSep 17, 2021
    risk 0.47cvss 7.2epss 0.02

    setup.cgi on NETGEAR R6020 1.0.0.48 devices allows an admin to execute arbitrary shell commands via shell metacharacters in the ntp_server field.

  • CVE-2021-38406HigKEVSep 17, 2021
    risk 0.69cvss 7.8epss 0.78

    Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in multiple out-of-bounds write instances. An attacker could leverage this vulnerability to execute code in the context of…

  • CVE-2021-38404HigSep 17, 2021
    risk 0.51cvss 7.8epss 0.01

    Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the…

  • CVE-2021-38402HigSep 17, 2021
    risk 0.51cvss 7.8epss 0.08

    Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could lead to a stack-based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage…

  • CVE-2020-12080HigSep 17, 2021
    risk 0.49cvss 7.5epss 0.02

    A Denial of Service vulnerability has been identified in FlexNet Publisher's lmadmin.exe version 11.16.6. A certain message protocol can be exploited to cause lmadmin to crash.

  • CVE-2021-40825HigSep 17, 2021
    risk 0.56cvss 8.6epss 0.01

    nLight ECLYPSE (nECY) system Controllers running software prior to 1.17.21245.754 contain a default key vulnerability. The nECY does not force a change to the key upon the initial configuration of an affected device. nECY system controllers utilize an encrypted channel to secure…

  • CVE-2021-38304HigSep 17, 2021
    risk 0.51cvss 7.8epss 0.00

    Improper input validation in the National Instruments NI-PAL driver in versions 20.0.0 and prior may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2019-9060HigSep 17, 2021
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in CMS Made Simple 2.2.8. It is possible to achieve unauthenticated path traversal in the CGExtensions module (in the file action.setdefaulttemplate.php) with the m1_filename parameter; and through the action.showmessage.php file, it is possible to read…

  • CVE-2021-41316HigSep 17, 2021
    risk 0.53cvss 8.1epss 0.01

    The Device42 Main Appliance before 17.05.01 does not sanitize user input in its Nmap Discovery utility. An attacker (with permissions to add or edit jobs run by this utility) can inject an extra argument to overwrite arbitrary files as the root user on the Remote Collector.

  • CVE-2021-41315HigSep 17, 2021
    risk 0.57cvss 8.8epss 0.01

    The Device42 Remote Collector before 17.05.01 does not sanitize user input in its SNMP Connectivity utility. This allows an authenticated attacker (with access to the console application) to execute arbitrary OS commands and escalate privileges.

  • CVE-2021-31845HigSep 17, 2021
    risk 0.55cvss 8.4epss 0.01

    A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Discover prior to 11.6.100 allows an attacker in the same network as the DLP Discover to execute arbitrary code through placing carefully constructed Ami Pro (.sam) files onto a machine and having DLP Discover…

  • CVE-2021-31844HigSep 17, 2021
    risk 0.53cvss 8.2epss 0.00

    A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a local attacker to execute arbitrary code with elevated privileges through placing carefully constructed Ami Pro (.sam) files onto the local system and triggering…

  • CVE-2021-31843HigSep 17, 2021
    risk 0.47cvss 7.3epss 0.00

    Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to…

  • CVE-2021-23442HigSep 17, 2021
    risk 0.49cvss 8.6epss 0.02

    This affects all versions of package @cookiex/deep. The global proto object can be polluted using the __proto__ object.

  • CVE-2021-3810HigSep 17, 2021
    risk 0.42cvss 7.5epss 0.01

    code-server is vulnerable to Inefficient Regular Expression Complexity

  • CVE-2021-3807HigSep 17, 2021
    risk 0.42cvss 7.5epss 0.04

    ansi-regex is vulnerable to Inefficient Regular Expression Complexity

  • CVE-2021-3804HigSep 17, 2021
    risk 0.42cvss 7.5epss 0.01

    taro is vulnerable to Inefficient Regular Expression Complexity

  • CVE-2021-3803HigSep 17, 2021
    risk 0.42cvss 7.5epss 0.02

    nth-check is vulnerable to Inefficient Regular Expression Complexity

  • CVE-2021-30261HigSep 17, 2021
    risk 0.55cvss 8.4epss 0.00

    Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon…

  • CVE-2021-30260HigSep 17, 2021
    risk 0.55cvss 8.4epss 0.00

    Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,…

  • CVE-2021-1947HigSep 17, 2021
    risk 0.55cvss 8.4epss 0.00

    Use-after-free vulnerability in kernel graphics driver because of storing an invalid pointer in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

  • CVE-2021-1939HigSep 17, 2021
    risk 0.55cvss 8.4epss 0.00

    Null pointer dereference occurs due to improper validation when the preemption feature enablement is toggled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

  • CVE-2021-3805HigSep 17, 2021
    risk 0.42cvss 7.5epss 0.02

    object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

  • CVE-2021-41314HigSep 16, 2021
    risk 0.58cvss 8.8epss 0.14

    Certain NETGEAR smart switches are affected by a \n injection in the web UI's password field, which - due to several faulty aspects of the authentication scheme - allows the attacker to create (or overwrite) a file with specific content (e.g., the "2" string). This leads to…

  • CVE-2020-21598HigSep 16, 2021
    risk 0.57cvss 8.8epss 0.02

    libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file.

  • CVE-2021-29825HigSep 16, 2021
    risk 0.49cvss 7.5epss 0.02

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could disclose sensitive information when using ADMIN_CMD with LOAD or BACKUP. IBM X-Force ID: 204470.