VYPR

CVEs

100,472 total · page 1319 of 2,010

  • CVE-2021-24224HigApr 12, 2021
    risk 0.57cvss 8.8epss 0.02

    The EFBP_verify_upload_file AJAX action of the Easy Form Builder WordPress plugin through 1.0, available to authenticated users, does not have any security in place to verify uploaded files, allowing low privilege users to upload arbitrary files, leading to RCE.

  • CVE-2021-24221HigApr 12, 2021
    risk 0.57cvss 8.8epss 0.02

    The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin before 7.1.12 did not sanitise the result_id GET parameter on pages with the [qsm_result] shortcode without id attribute, concatenating it in a SQL statement and leading to an SQL injection.…

  • CVE-2021-24218HigApr 12, 2021
    risk 0.57cvss 8.8epss 0.01

    The wp_ajax_save_fbe_settings and wp_ajax_delete_fbe_settings AJAX actions of the Facebook for WordPress plugin before 3.0.4 were vulnerable to CSRF due to a lack of nonce protection. The settings in the saveFbeSettings function had no sanitization allowing for script tags to be…

  • CVE-2021-24217HigApr 12, 2021
    risk 0.53cvss 8.1epss 0.04

    The run_action function of the Facebook for WordPress plugin before 3.0.0 deserializes user supplied data making it possible for PHP objects to be supplied creating an Object Injection vulnerability. There was also a useable magic method in the plugin that could be used to…

  • CVE-2021-24198HigApr 12, 2021
    risk 0.53cvss 8.1epss 0.01

    The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to delete the data of another user that are present in the…

  • CVE-2021-24197HigApr 12, 2021
    risk 0.53cvss 8.1epss 0.01

    The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to access the data of another user that are present in the…

  • CVE-2021-23370HigApr 12, 2021
    risk 0.42cvss 7.5epss 0.02

    This affects the package swiper before 6.5.1.

  • CVE-2021-23371HigApr 12, 2021
    risk 0.42cvss 7.5epss 0.02

    This affects the package chrono-node before 2.2.4. It hangs on a date-like string with lots of embedded spaces.

  • CVE-2020-24285HigApr 12, 2021
    risk 0.49cvss 7.5epss 0.04

    INTELBRAS TELEFONE IP TIP200 version 60.61.75.22 allows an attacker to obtain sensitive information through /cgi-bin/cgiServer.exx.

  • CVE-2021-29379HigApr 12, 2021
    risk 0.57cvss 8.8epss 0.04

    An issue was discovered on D-Link DIR-802 A1 devices through 1.00b05. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can perform command injection by injecting a payload into the Search Target (ST) field of the SSDP M-SEARCH discover packet. NOTE:…

  • CVE-2021-28878HigApr 11, 2021
    risk 0.00cvss 7.5epss 0.02

    In the standard library in Rust before 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. This bug could lead to a memory safety violation due to an unmet…

  • CVE-2021-28877HigApr 11, 2021
    risk 0.00cvss 7.5epss 0.01

    In the standard library in Rust before 1.51.0, the Zip implementation calls __iterator_get_unchecked() for the same index more than once when nested. This bug can lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait.

  • CVE-2021-28875HigApr 11, 2021
    risk 0.00cvss 7.5epss 0.02

    In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow.

  • CVE-2020-36317HigApr 11, 2021
    risk 0.42cvss 7.5epss 0.02

    In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8…

  • CVE-2015-20001HigApr 11, 2021
    risk 0.42cvss 7.5epss 0.01

    In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside sift_up or sift_down_range panics. This bug leads to a drop of zeroed memory as an arbitrary type, which…

  • CVE-2021-30481HigApr 10, 2021
    risk 0.52cvss 8.0epss 0.04

    Valve Steam before 2021-04-17, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.

  • CVE-2021-30480HigApr 9, 2021
    risk 0.56cvss 8.5epss 0.06

    Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific…

  • CVE-2021-21199HigApr 9, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21198HigApr 9, 2021
    risk 0.48cvss 7.4epss 0.02

    Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2021-21197HigApr 9, 2021
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21196HigApr 9, 2021
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21195HigApr 9, 2021
    risk 0.57cvss 8.8epss 0.02

    Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21194HigApr 9, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-25374HigApr 9, 2021
    risk 0.56cvss 8.6epss 0.03

    An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account.

  • CVE-2021-25361HigApr 9, 2021
    risk 0.51cvss 7.9epss 0.00

    An improper access control vulnerability in stickerCenter prior to SMR APR-2021 Release 1 allows local attackers to read or write arbitrary files of system process via untrusted applications.

  • CVE-2021-25356HigApr 9, 2021
    risk 0.46cvss 7.1epss 0.00

    An improper caller check vulnerability in Managed Provisioning prior to SMR APR-2021 Release 1 allows unprivileged application to install arbitrary application, grant device admin permission and then delete several installed application.

  • CVE-2021-21432HigApr 9, 2021
    risk 0.42cvss 7.5epss 0.01

    Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. An authentication mechanism added in version 0.7.0 enables some malicious user to obtain secrets utilizing the injected credentials within the `~/.netrc` file. Refer to the…

  • CVE-2021-20022HigKEVApr 9, 2021
    risk 0.66cvss 7.2epss 0.17

    SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host.

  • CVE-2020-13592HigApr 9, 2021
    risk 0.57cvss 8.8epss 0.02

    An exploitable SQL injection vulnerability exists in "global_lists/choices" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability, this…

  • CVE-2020-13591HigApr 9, 2021
    risk 0.57cvss 8.8epss 0.02

    An exploitable SQL injection vulnerability exists in the "access_rules/rules_form" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability,…

  • CVE-2020-13587HigApr 9, 2021
    risk 0.57cvss 8.8epss 0.02

    An exploitable SQL injection vulnerability exists in the "forms_fields_rules/rules" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability,…

  • CVE-2020-13534HigApr 9, 2021
    risk 0.51cvss 7.8epss 0.01

    A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers (CLSID), installed by Dream Report 5 20-2, reference LocalServer32 and InprocServer32 with weak privileges which can lead to privilege escalation when used. An attacker can provide a…

  • CVE-2020-13533HigApr 9, 2021
    risk 0.51cvss 7.8epss 0.00

    A privilege escalation vulnerability exists in Dream Report 5 R20-2. IIn the default configuration, the following registry keys, which reference binaries with weak permissions, can be abused by attackers to effectively ‘backdoor’ the installation files and escalate…

  • CVE-2020-13532HigApr 9, 2021
    risk 0.51cvss 7.8epss 0.00

    A privilege escalation vulnerability exists in Dream Report 5 R20-2. In the default configuration, the Syncfusion Dashboard Service service binary can be replaced by attackers to escalate privileges to NT SYSTEM. An attacker can provide a malicious file to trigger this…

  • CVE-2021-21431HigApr 9, 2021
    risk 0.42cvss 7.6epss 0.01

    sopel-channelmgnt is a channelmgnt plugin for sopel. In versions prior to 2.0.1, on some IRC servers, restrictions around the removal of the bot using the kick/kickban command could be bypassed when kicking multiple users at once. We also believe it may have been possible to…

  • CVE-2021-29221HigApr 9, 2021
    risk 0.46cvss 7.0epss 0.01

    A local privilege escalation vulnerability was discovered in Erlang/OTP prior to version 23.2.3. By adding files to an existing installation's directory, a local attacker could hijack accounts of other users running Erlang programs or possibly coerce a service running with…

  • CVE-2021-25328HigApr 9, 2021
    risk 0.58cvss 8.8epss 0.04

    Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service (DoS) or possible code execution on…

  • CVE-2020-21884HigApr 9, 2021
    risk 0.57cvss 8.8epss 0.01

    Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a cross-site request forgery (CSRF) vulnerability in /tools/network-trace, /list_users, /list_byod?usertype=raduser, /dhcp_leases, /go?rid=202 in which a specially crafted HTTP request may…

  • CVE-2020-21883HigApr 9, 2021
    risk 0.58cvss 8.8epss 0.06

    Unibox U-50 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a OS command injection vulnerability in /tools/ping, which can leads to complete device takeover.

  • CVE-2020-6590HigApr 8, 2021
    risk 0.49cvss 7.5epss 0.01

    Forcepoint Web Security Content Gateway versions prior to 8.5.4 improperly process XML input, leading to information disclosure.

  • CVE-2021-29154HigApr 8, 2021
    risk 0.00cvss 7.8epss 0.01

    BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.

  • CVE-2021-3146HigApr 8, 2021
    risk 0.51cvss 7.8epss 0.00

    The Dolby Audio X2 (DAX2) API service before 0.8.8.90 on Windows allows local users to gain privileges.

  • CVE-2021-3328HigApr 8, 2021
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Aprelium Abyss Web Server X1 2.12.1 and 2.14. A crafted HTTP request can lead to an out-of-bounds read that crashes the application.

  • CVE-2020-14104HigApr 8, 2021
    risk 0.53cvss 8.1epss 0.01

    A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50.

  • CVE-2020-14099HigApr 8, 2021
    risk 0.49cvss 7.5epss 0.01

    On Xiaomi router AX1800 rom version < 1.0.336 and RM1800 root version < 1.0.26, the encryption scheme for a user's backup files uses hard-coded keys, which can expose sensitive information such as a user's password.

  • CVE-2020-23539HigApr 8, 2021
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Realtek rtl8723de BLE Stack <= 4.1 that allows remote attackers to cause a Denial of Service via the interval field to the CONNECT_REQ message.

  • CVE-2021-27522HigApr 8, 2021
    risk 0.57cvss 8.8epss 0.01

    Learnsite 1.2.5.0 contains a remote privilege escalation vulnerability in /Manager/index.aspx through the JudgIsAdmin() function. By modifying the initial letter of the key of a user cookie, the key of the administrator cookie can be obtained.

  • CVE-2021-30463HigApr 8, 2021
    risk 0.51cvss 7.8epss 0.01

    VestaCP through 0.9.8-24 allows attackers to gain privileges by creating symlinks to files for which they lack permissions. After reading the RKEY value from user.conf under the /usr/local/vesta/data/users/admin directory, the admin password can be changed via a…

  • CVE-2021-30462HigApr 8, 2021
    risk 0.47cvss 7.2epss 0.02

    VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts.

  • CVE-2021-28685HigApr 8, 2021
    risk 0.51cvss 7.8epss 0.00

    AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to interact directly with physical memory (by calling one of several driver routines that map physical memory into the virtual address space of the calling process) and to interact with…