VYPR

CVEs

101,963 total · page 1282 of 2,040

  • CVE-2021-22027HigAug 30, 2021
    risk 0.49cvss 7.5epss 0.01

    The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information…

  • CVE-2021-22026HigAug 30, 2021
    risk 0.49cvss 7.5epss 0.01

    The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information…

  • CVE-2021-22025HigAug 30, 2021
    risk 0.49cvss 7.5epss 0.01

    The vRealize Operations Manager API (8.x prior to 8.5) contains a broken access control vulnerability leading to unauthenticated API access. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can add new nodes to existing vROps cluster.

  • CVE-2021-22024HigAug 30, 2021
    risk 0.49cvss 7.5epss 0.01

    The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary log-file read vulnerability. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can read any log file resulting in sensitive information disclosure.

  • CVE-2021-22023HigAug 30, 2021
    risk 0.47cvss 7.2epss 0.01

    The vRealize Operations Manager API (8.x prior to 8.5) has insecure object reference vulnerability. A malicious actor with administrative access to vRealize Operations Manager API may be able to modify other users information leading to an account takeover.

  • CVE-2020-35635HigAug 30, 2021
    risk 0.57cvss 8.8epss 0.02

    A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() store_sm_boundary_item() Sloop_of OOB read. A specially crafted malformed file can lead to an out-of-bounds read and…

  • CVE-2020-35634HigAug 30, 2021
    risk 0.57cvss 8.8epss 0.02

    A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->boundary_entry_objects Sloop_of. A specially crafted malformed file can lead…

  • CVE-2020-35633HigAug 30, 2021
    risk 0.57cvss 8.8epss 0.02

    A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() store_sm_boundary_item() Edge_of.A specially crafted malformed file can lead to…

  • CVE-2020-18121HigAug 30, 2021
    risk 0.57cvss 8.8epss 0.01

    A configuration issue in Indexhibit 2.1.5 allows authenticated attackers to modify .php files, leading to getshell.

  • CVE-2021-29723HigAug 30, 2021
    risk 0.49cvss 7.5epss 0.01

    IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-ForceID: 201100.

  • CVE-2021-29722HigAug 30, 2021
    risk 0.49cvss 7.5epss 0.01

    IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 201095.

  • CVE-2021-27912HigAug 30, 2021
    risk 0.46cvss 7.1epss 0.01

    Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. This can only be leveraged by an authenticated user with permission to create or edit…

  • CVE-2021-27911HigAug 30, 2021
    risk 0.54cvss 8.3epss 0.01

    Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack through the contact's first or last name and triggered when viewing a contact's details page then clicking on the action drop down and hovering over the Campaigns button. Contact first and last name can…

  • CVE-2021-27910HigAug 30, 2021
    risk 0.46cvss 8.2epss 0.01

    Insufficient sanitization / filtering allows for arbitrary JavaScript Injection in Mautic using the bounce management callback function. The values submitted in the "error" and "error_related_to" parameters of the POST request of the bounce management callback will be…

  • CVE-2021-37911HigAug 30, 2021
    risk 0.57cvss 8.8epss 0.01

    The management interface of BenQ smart wireless conference projector does not properly control user's privilege. Attackers can access any system directory of this device through the interface and execute arbitrary commands if he enters the local subnetwork.

  • CVE-2021-24581HigAug 30, 2021
    risk 0.61cvss 8.8epss 0.04

    The Blue Admin WordPress plugin through 21.06.01 does not sanitise or escape its "Logo Title" setting before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin does not have CSRF check in place when saving its settings, allowing the…

  • CVE-2021-24580HigAug 30, 2021
    risk 0.57cvss 8.8epss 0.01

    The Side Menu Lite WordPress plugin before 2.2.6 does not sanitise user input from the List page in the admin dashboard before using it in SQL statement, leading to a SQL Injection issue

  • CVE-2021-24579HigAug 30, 2021
    risk 0.58cvss 8.8epss 0.08

    The bt_bb_get_grid AJAX action of the Bold Page Builder WordPress plugin before 3.1.6 passes user input into the unserialize() function without any validation or sanitisation, which could lead to a PHP Object Injection. Even though the plugin did not contain a suitable gadget to…

  • CVE-2021-39113HigAug 30, 2021
    risk 0.49cvss 7.5epss 0.02

    Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to continue to view cached content even after losing permissions, via a Broken Access Control vulnerability in the allowlist feature. The affected versions are before version 8.13.9, and…

  • CVE-2021-39271HigAug 30, 2021
    risk 0.57cvss 8.8epss 0.04

    OrbiTeam BSCW Classic before 7.4.3 allows authenticated remote code execution (RCE) during archive extraction via attacker-supplied Python code in the class attribute of a .bscw file. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and 7.4.3.

  • CVE-2021-38385HigAug 30, 2021
    risk 0.49cvss 7.5epss 0.02

    Tor before 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature verification and single-signature verification, leading to a remote assertion failure, aka TROVE-2021-007.

  • CVE-2021-36359HigAug 30, 2021
    risk 0.58cvss 8.8epss 0.04

    OrbiTeam BSCW Classic before 7.4.3 allows exportpdf authenticated remote code execution (RCE) via XML tag injection because reportlab\platypus\paraparser.py (reached via bscw.cgi op=_editfolder.EditFolder) calls eval on attacker-supplied Python code. This is fixed in 5.0.12,…

  • CVE-2021-40174HigAug 29, 2021
    risk 0.57cvss 8.8epss 0.01

    Zoho ManageEngine Log360 before Build 5224 allows a CSRF attack for disabling the logon security settings.

  • CVE-2021-40173HigAug 29, 2021
    risk 0.57cvss 8.8epss 0.01

    Zoho ManageEngine Cloud Security Plus before Build 4117 allows a CSRF attack on the server proxy settings.

  • CVE-2021-40172HigAug 29, 2021
    risk 0.57cvss 8.8epss 0.01

    Zoho ManageEngine Log360 before Build 5219 allows a CSRF attack on proxy settings.

  • CVE-2021-38154HigAug 29, 2021
    risk 0.49cvss 7.5epss 0.04

    Certain Canon devices manufactured in 2012 through 2020 (such as imageRUNNER ADVANCE iR-ADV C5250), when Catwalk Server is enabled for HTTP access, allow remote attackers to modify an e-mail address setting, and thus cause the device to send sensitive information through e-mail…

  • CVE-2021-39174HigAug 28, 2021
    risk 0.58cvss 8.8epss 0.04

    Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can leak the value of any configuration entry of the dotenv file, e.g. the application secret (`APP_KEY`) and various passwords (email,…

  • CVE-2021-39173HigAug 27, 2021
    risk 0.57cvss 8.8epss 0.02

    Cachet is an open source status page system. Prior to version 2.5.1 authenticated users, regardless of their privileges (User or Admin), can trick Cachet and install the instance again, leading to arbitrary code execution on the server. This issue was addressed in version 2.5.1…

  • CVE-2021-39172HigAug 27, 2021
    risk 0.53cvss 8.8epss 0.29

    Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can exploit a new line injection in the configuration edition feature (e.g. mail settings) and gain arbitrary code execution on the server.…

  • CVE-2021-32759HigAug 27, 2021
    risk 0.40cvss 7.2epss 0.01

    OpenMage magento-lts is an alternative to the Magento CE official releases. Due to missing sanitation in data flow in versions prior to 19.4.15 and 20.0.13, it was possible for admin users to upload arbitrary executable files to the server. OpenMage versions 19.4.15 and 20.0.13…

  • CVE-2020-18116HigAug 27, 2021
    risk 0.57cvss 8.8epss 0.01

    A lack of filtering for searched keywords in the search bar of YouDianCMS 8.0 allows attackers to perform SQL injection.

  • CVE-2021-3264HigAug 27, 2021
    risk 0.47cvss 7.2epss 0.01

    SQL Injection vulnerability in cxuucms 3.1 ivia the pid parameter in public/admin.php.

  • CVE-2021-28697HigAug 27, 2021
    risk 0.51cvss 7.8epss 0.00

    grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get…

  • CVE-2021-28233HigAug 27, 2021
    risk 0.57cvss 8.8epss 0.01

    Heap-based Buffer Overflow vulnerability exists in ok-file-formats 1 via the ok_jpg_generate_huffman_table function in ok_jpg.c.

  • CVE-2021-32758HigAug 27, 2021
    risk 0.40cvss 7.2epss 0.02

    OpenMage Magento LTS is an alternative to the Magento CE official releases. Prior to versions 19.4.15 and 20.0.11, layout XML enabled admin users to execute arbitrary commands via block methods. The latest OpenMage Versions up from v19.4.15 and v20.0.11 have this Issue patched.

  • CVE-2021-36531HigAug 27, 2021
    risk 0.57cvss 8.8epss 0.01

    ngiflib 0.4 has a heap overflow in GetByte() at ngiflib.c:70 in NGIFLIB_NO_FILE mode, GetByte() reads memory buffer without checking the boundary.

  • CVE-2021-36530HigAug 27, 2021
    risk 0.57cvss 8.8epss 0.01

    ngiflib 0.4 has a heap overflow in GetByteStr() at ngiflib.c:108 in NGIFLIB_NO_FILE mode, GetByteStr() copy memory buffer without checking the boundary.

  • CVE-2021-40153HigAug 27, 2021
    risk 0.00cvss 8.1epss 0.03

    squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows…

  • CVE-2021-39169HigAug 27, 2021
    risk 0.00cvss 8.0epss 0.01

    Misskey is a decentralized microblogging platform. In versions of Misskey prior to 12.51.0, malicious actors can use the web client built-in dialog to display a malicious string, leading to cross-site scripting (XSS). XSS could compromise the API request token. This issue has…

  • CVE-2021-35342HigAug 27, 2021
    risk 0.49cvss 7.5epss 0.01

    The useradm service 1.14.0 (in Northern.tech Mender Enterprise 2.7.x before 2.7.1) and 1.13.0 (in Northern.tech Mender Enterprise 2.6.x before 2.6.1) allows users to access the system with their JWT token after logout, because of missing invalidation (if the JWT verification…

  • CVE-2021-40142HigAug 27, 2021
    risk 0.49cvss 7.5epss 0.03

    In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer.

  • CVE-2021-39165HigAug 26, 2021
    risk 0.46cvss 8.1epss 0.10

    Cachet is an open source status page. With Cachet prior to and including 2.3.18, there is a SQL injection which is in the `SearchableTrait#scopeSearch()`. Attackers without authentication can utilize this vulnerability to exfiltrate sensitive data from the database such as…

  • CVE-2021-29801HigAug 26, 2021
    risk 0.51cvss 7.8epss 0.00

    IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the kernel to gain root privileges. IBM X-Force ID: 203977.

  • CVE-2021-32648HigKEVAug 26, 2021
    risk 0.12cvss 8.2epss 0.90

    octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request. The issue has been patched in Build 472…

  • CVE-2021-29487HigAug 26, 2021
    risk 0.41cvss 7.4epss 0.01

    octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can exploit this vulnerability to bypass authentication and takeover of and user account on an October CMS server. The vulnerability is exploitable by…

  • CVE-2021-30604HigAug 26, 2021
    risk 0.57cvss 8.8epss 0.03

    Use after free in ANGLE in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-30603HigAug 26, 2021
    risk 0.49cvss 7.5epss 0.04

    Data race in WebAudio in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-30602HigAug 26, 2021
    risk 0.57cvss 8.8epss 0.02

    Use after free in WebRTC in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to visit a malicious website to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-30601HigAug 26, 2021
    risk 0.57cvss 8.8epss 0.02

    Use after free in Extensions API in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-30600HigAug 26, 2021
    risk 0.57cvss 8.8epss 0.03

    Use after free in Printing in Google Chrome prior to 92.0.4515.159 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.