VYPR

CVEs

101,963 total · page 1281 of 2,040

  • CVE-2021-22003HigAug 31, 2021
    risk 0.49cvss 7.5epss 0.01

    VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443. A malicious actor with network access to port 7443 may attempt user enumeration or brute force the login endpoint, which may or may not be practical based on lockout policy…

  • CVE-2021-22029HigAug 31, 2021
    risk 0.49cvss 7.5epss 0.01

    VMware Workspace ONE UEM REST API contains a denial of service vulnerability. A malicious actor with access to /API/system/admins/session could cause an API denial of service due to improper rate limiting.

  • CVE-2021-39180HigAug 31, 2021
    risk 0.00cvss 8.1epss 0.02

    OpenOLAT is a web-based learning management system (LMS). A path traversal vulnerability exists in versions prior to 15.3.18, 15.5.3, and 16.0.0. Using a specially prepared ZIP file, it is possible to overwrite any file that is writable by the application server user (e.g. the…

  • CVE-2021-39176HigAug 31, 2021
    risk 0.42cvss 7.5epss 0.02

    detect-character-encoding is a package for detecting character encoding using ICU. In detect-character-encoding v0.3.0 and earlier, allocated memory is not released. The problem has been patched in detect-character-encoding v0.3.1.

  • CVE-2021-36232HigAug 31, 2021
    risk 0.57cvss 8.8epss 0.01

    Improper Authorization in multiple functions in MIK.starlight 7.9.5.24363 allows an authenticated attacker to escalate privileges.

  • CVE-2021-36231HigAug 31, 2021
    risk 0.57cvss 8.8epss 0.03

    Deserialization of untrusted data in multiple functions in MIK.starlight 7.9.5.24363 allows authenticated remote attackers to execute operating system commands by crafting serialized objects.

  • CVE-2021-39135HigAug 31, 2021
    risk 0.53cvss 8.2epss 0.01

    `@npmcli/arborist`, the library that calculates dependency trees and manages the node_modules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed…

  • CVE-2021-39134HigAug 31, 2021
    risk 0.53cvss 8.2epss 0.01

    `@npmcli/arborist`, the library that calculates dependency trees and manages the `node_modules` folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed…

  • CVE-2021-37713HigAug 31, 2021
    risk 0.46cvss 8.2epss 0.01

    The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be outside of the extraction target directory is not…

  • CVE-2021-37712HigAug 31, 2021
    risk 0.46cvss 8.2epss 0.02

    The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This…

  • CVE-2021-37701HigAug 31, 2021
    risk 0.54cvss 8.2epss 0.03

    The npm package "tar" (aka node-tar) before versions 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This…

  • CVE-2021-35212HigAug 31, 2021
    risk 0.58cvss 8.9epss 0.02

    An SQL injection Privilege Escalation Vulnerability was discovered in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user.

  • CVE-2021-22944HigAug 31, 2021
    risk 0.52cvss 8.0epss 0.00

    A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0…

  • CVE-2021-22684HigAug 31, 2021
    risk 0.49cvss 7.5epss 0.01

    Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around in functions_calloc and mm_zalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash

  • CVE-2021-35239HigAug 31, 2021
    risk 0.49cvss 7.5epss 0.01

    A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink.

  • CVE-2021-35223HigAug 31, 2021
    risk 0.55cvss 8.5epss 0.03

    The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution.

  • CVE-2021-35213HigAug 31, 2021
    risk 0.58cvss 8.9epss 0.03

    An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the…

  • CVE-2021-29907HigAug 31, 2021
    risk 0.57cvss 8.8epss 0.01

    IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticated user to upload a file that could execute arbitrary code on the system. IBM X-Force ID: 207633.

  • CVE-2021-21680HigAug 31, 2021
    risk 0.39cvss 7.1epss 0.01

    Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity (XXE) attacks.

  • CVE-2021-21679HigAug 31, 2021
    risk 0.50cvss 8.8epss 0.01

    Jenkins Azure AD Plugin 179.vf6841393099e and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.

  • CVE-2021-21678HigAug 31, 2021
    risk 0.50cvss 8.8epss 0.01

    Jenkins SAML Plugin 2.0.7 and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.

  • CVE-2021-21677HigAug 31, 2021
    risk 0.50cvss 8.8epss 0.02

    Jenkins Code Coverage API Plugin 1.4.0 and earlier does not apply Jenkins JEP-200 deserialization protection to Java objects it deserializes from disk, resulting in a remote code execution vulnerability.

  • CVE-2020-19047HigAug 31, 2021
    risk 0.57cvss 8.8epss 0.01

    Cross Site Request Forgey (CSRF) in iWebShop v5.3 allows remote atatckers to execute arbitrary code via malicious POST request to the component '/index.php?controller=system&action=admin_edit_act'.

  • CVE-2021-35222HigAug 31, 2021
    risk 0.52cvss 8.0epss 0.03

    This vulnerability allows attackers to impersonate users and perform arbitrary actions leading to a Remote Code Execution (RCE) from the Alerts Settings page.

  • CVE-2021-39316HigAug 31, 2021
    risk 0.57cvss 7.5epss 0.67

    The Zoomsounds plugin <= 6.45 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the `dzsap_download` action using directory traversal in the `link` parameter.

  • CVE-2021-35220HigAug 31, 2021
    risk 0.53cvss 8.1epss 0.02

    Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.

  • CVE-2021-3749HigAug 31, 2021
    risk 0.42cvss 7.5epss 0.09

    axios is vulnerable to Inefficient Regular Expression Complexity

  • CVE-2021-34581HigAug 31, 2021
    risk 0.49cvss 7.5epss 0.01

    Missing Release of Resource after Effective Lifetime vulnerability in OpenSSL implementation of WAGO 750-831/xxx-xxx, 750-880/xxx-xxx, 750-881, 750-889 in versions FW4 up to FW15 allows an unauthenticated attacker to cause DoS on the device.

  • CVE-2021-34561HigAug 31, 2021
    risk 0.49cvss 7.5epss 0.01

    In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally accessible or uses IP-based access restrictions. Attackers can use DNS Rebinding to bypass any IP or firewall based access restrictions that may be in place, by proxying…

  • CVE-2021-33555HigAug 31, 2021
    risk 0.49cvss 7.5epss 0.01

    In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.7 the filename parameter is vulnerable to unauthenticated path traversal attacks, enabling read access to arbitrary files on the server.

  • CVE-2021-40330HigAug 31, 2021
    risk 0.00cvss 7.5epss 0.03

    git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring.

  • CVE-2021-36981HigAug 31, 2021
    risk 0.58cvss 8.8epss 0.06

    In the server in SerNet verinice before 1.22.2, insecure Java deserialization allows remote authenticated attackers to execute arbitrary code.

  • CVE-2021-27556HigAug 31, 2021
    risk 0.47cvss 7.2epss 0.04

    The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers (who have admin access) to execute arbitrary code by setting the type parameter to System.

  • CVE-2021-39178HigAug 31, 2021
    risk 0.42cvss 7.5epss 0.01

    Next.js is a React framework. Versions of Next.js between 10.0.0 and 11.0.0 contain a cross-site scripting vulnerability. In order for an instance to be affected by the vulnerability, the `next.config.js` file must have `images.domains` array assigned and the image host assigned…

  • CVE-2021-39177HigAug 30, 2021
    risk 0.41cvss 7.4epss 0.01

    Geyser is a bridge between Minecraft: Bedrock Edition and Minecraft: Java Edition. Versions of Geyser prior to 1.4.2-SNAPSHOT allow anyone that can connect to the server to forge a LoginPacket with manipulated JWT token allowing impersonation as any user. Version 1.4.2-SNAPSHOT…

  • CVE-2021-39175HigAug 30, 2021
    risk 0.00cvss 8.1epss 0.01

    HedgeDoc is a platform to write and share markdown. In versions prior to 1.9.0, an unauthenticated attacker can inject arbitrary JavaScript into the speaker-notes of the slide-mode feature by embedding an iframe hosting the malicious code into the slides or by embedding the…

  • CVE-2021-32831HigAug 30, 2021
    risk 0.42cvss 7.5epss 0.01

    Total.js framework (npm package total.js) is a framework for Node.js platfrom written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP.NET MVC. In total.js framework before version 3.4.9, calling the utils.set function with user-controlled values leads to…

  • CVE-2021-39133HigAug 30, 2021
    risk 0.40cvss 7.2epss 0.00

    Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Prior to version 3.3.14 and version 3.4.3, a user with `admin` access to the `system` resource type is potentially vulnerable to a CSRF attack that could cause the server to run…

  • CVE-2021-39132HigAug 30, 2021
    risk 0.50cvss 8.8epss 0.01

    Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Prior to version 3.3.14 and version 3.4.3, an authorized user can upload a zip-format plugin with a crafted plugin.yaml, or a crafted aclpolicy yaml file, or upload an untrusted…

  • CVE-2021-36691HigAug 30, 2021
    risk 0.49cvss 7.5epss 0.01

    libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image.cc jxl::PlaneBase::PlaneBase(). When encoding a malicous GIF file using cjxl, an attacker can trigger a denial of service.

  • CVE-2021-35062HigAug 30, 2021
    risk 0.53cvss 8.1epss 0.01

    A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung March-2021 allow an attacker with a valid token of a COVID-19 test result to execute shell commands with the permissions of the web server.

  • CVE-2021-38342HigAug 30, 2021
    risk 0.53cvss 8.1epss 0.00

    The Nested Pages WordPress plugin <= 3.1.15 was vulnerable to Cross-Site Request Forgery via the `npBulkAction`s and `npBulkEdit` `admin_post` actions, which allowed attackers to trash or permanently purge arbitrary posts as well as changing their status, reassigning their…

  • CVE-2021-36370HigAug 30, 2021
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity.

  • CVE-2021-29630HigAug 30, 2021
    risk 0.53cvss 8.1epss 0.02

    In FreeBSD 13.0-STABLE before n246938-0729ba2f49c9, 12.2-STABLE before r370383, 11.4-STABLE before r370381, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, the ggatec daemon does not validate the size of a response before writing it to a fixed-sized…

  • CVE-2021-33019HigAug 30, 2021
    risk 0.51cvss 7.8epss 0.02

    A stack-based buffer overflow vulnerability in Delta Electronics DOPSoft Version 4.00.11 and prior may be exploited by processing a specially crafted project file, which may allow an attacker to execute arbitrary code.

  • CVE-2021-33007HigAug 30, 2021
    risk 0.51cvss 7.8epss 0.01

    A heap-based buffer overflow in Delta Electronics TPEditor: v1.98.06 and prior may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code.

  • CVE-2021-29631HigAug 30, 2021
    risk 0.51cvss 7.8epss 0.00

    In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before r370400, 11.4-STABLE before r370399, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, certain VirtIO-based device models in bhyve failed to handle errors when fetching I/O…

  • CVE-2021-27663HigAug 30, 2021
    risk 0.53cvss 8.2epss 0.02

    A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a remote attacker to access to the system without adequate authorization. This issue affects: Johnson Controls CEM Systems AC2000 10.1; 10.2; 10.3; 10.4; 10.5.

  • CVE-2021-27020HigAug 30, 2021
    risk 0.57cvss 8.8epss 0.01

    Puppet Enterprise presented a security risk by not sanitizing user input when doing a CSV export.

  • CVE-2021-27018HigAug 30, 2021
    risk 0.49cvss 7.5epss 0.01

    The mechanism which performs certificate validation was discovered to have a flaw that resulted in certificates signed by an internal certificate authority to not be properly validated. This issue only affects clients that are configured to utilize Tenable.sc as the…