VYPR

CVEs

100,082 total · page 1331 of 2,002

  • CVE-2021-27516HigFeb 22, 2021
    risk 0.42cvss 7.5epss 0.02

    URI.js (aka urijs) before 1.19.6 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path.

  • CVE-2021-27513HigFeb 22, 2021
    risk 0.59cvss 8.8epss 0.28

    The module admin_ITSM in EyesOfNetwork 5.3-10 allows remote authenticated users to upload arbitrary .xml.php files because it relies on "le filtre userside."

  • CVE-2020-28248HigFeb 20, 2021
    risk 0.50cvss 8.8epss 0.02

    An integer overflow in the PngImg::InitStorage_() function of png-img before 3.1.0 leads to an under-allocation of heap memory and subsequently an exploitable heap-based buffer overflow when loading a crafted PNG file.

  • CVE-2021-27509HigFeb 19, 2021
    risk 0.49cvss 7.5epss 0.01

    In Visualware MyConnection Server before 11.0b build 5382, each published report is not associated with its own access code.

  • CVE-2020-27997HigFeb 19, 2021
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in SmartStoreNET before 4.1.0. Lack of Cross Site Request Forgery (CSRF) protection may lead to elevation of privileges (e.g., /admin/customer/create to create an admin account).

  • CVE-2020-24617HigFeb 19, 2021
    risk 0.00cvss 8.8epss 0.01

    Mailtrain through 1.24.1 allows SQL Injection in statsClickedSubscribersByColumn in lib/models/campaigns.js via /campaigns/clicked/ajax because variable column names are not properly escaped.

  • CVE-2020-12873HigFeb 19, 2021
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in Alfresco Enterprise Content Management (ECM) before 6.2.1. A user with privileges to edit a FreeMarker template (e.g., a webscript) may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running…

  • CVE-2021-20588HigFeb 19, 2021
    risk 0.49cvss 7.5epss 0.06

    Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions…

  • CVE-2021-20587HigFeb 19, 2021
    risk 0.49cvss 7.5epss 0.04

    Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR…

  • CVE-2020-9050HigFeb 19, 2021
    risk 0.49cvss 7.5epss 0.02

    Path Traversal vulnerability exists in Metasys Reporting Engine (MRE) Web Services which could allow a remote unauthenticated attacker to access and download arbitrary files from the system.

  • CVE-2020-25171HigFeb 19, 2021
    risk 0.51cvss 7.8epss 0.01

    The affected Fuji Electric V-Server Lite versions prior to 3.3.24.0 are vulnerable to an out-of-bounds write, which may allow an attacker to remotely execute arbitrary code.

  • CVE-2021-23342HigFeb 19, 2021
    risk 0.49cvss 8.6epss 0.02

    This affects the package docsify before 4.12.0. It is possible to bypass the remediation done by CVE-2020-7680 and execute malicious JavaScript through the following methods 1) When parsing HTML from remote URLs, the HTML code on the main page is sanitized, but this sanitization…

  • CVE-2021-21512HigFeb 19, 2021
    risk 0.51cvss 7.9epss 0.00

    Dell EMC PowerProtect Cyber Recovery, version 19.7.0.1, contains an Information Disclosure vulnerability. A locally authenticated high privileged Cyber Recovery user may potentially exploit this vulnerability leading to the takeover of the notification email account.

  • CVE-2020-13549HigFeb 19, 2021
    risk 0.51cvss 7.8epss 0.00

    An exploitable local privilege elevation vulnerability exists in the file system permissions of Sytech XL Reporter v14.0.1 install directory. Depending on the vector chosen, an attacker can overwrite service executables and execute arbitrary code with privileges of user set to…

  • CVE-2021-22703HigFeb 19, 2021
    risk 0.49cvss 7.5epss 0.01

    A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause disclosure of user credentials when a malicious…

  • CVE-2021-22702HigFeb 19, 2021
    risk 0.49cvss 7.5epss 0.01

    A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION7700/73xx, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause disclosure of user credentials…

  • CVE-2021-26296HigFeb 19, 2021
    risk 0.42cvss 7.5epss 0.03

    In the default configuration, Apache MyFaces Core versions 2.2.0 to 2.2.13, 2.3.0 to 2.3.7, 2.3-next-M1 to 2.3-next-M4, and 3.0.0-RC1 use cryptographically weak implicit and explicit cross-site request forgery (CSRF) tokens. Due to that limitation, it is possible (although…

  • CVE-2020-36249HigFeb 19, 2021
    risk 0.49cvss 7.5epss 0.01

    The File Firewall before 2.8.0 for ownCloud Server does not properly enforce file-type restrictions for public shares.

  • CVE-2020-10252HigFeb 19, 2021
    risk 0.54cvss 8.3epss 0.01

    An issue was discovered in ownCloud before 10.4. Because of an SSRF issue (via the apps/files_sharing/external remote parameter), an authenticated attacker can interact with local services blindly (aka Blind SSRF) or conduct a Denial Of Service attack.

  • CVE-2020-36247HigFeb 19, 2021
    risk 0.50cvss 8.8epss 0.00

    Open OnDemand before 1.5.7 and 1.6.x before 1.6.22 allows CSRF.

  • CVE-2020-24908HigFeb 19, 2021
    risk 0.51cvss 7.8epss 0.00

    Checkmk before 1.6.0p17 allows local users to obtain SYSTEM privileges via a Trojan horse shell script in the %PROGRAMDATA%\checkmk\agent\local directory.

  • CVE-2021-27405HigFeb 19, 2021
    risk 0.00cvss 7.5epss 0.02

    A ReDoS (regular expression denial of service) flaw was found in the @progfay/scrapbox-parser package before 6.0.3 for Node.js.

  • CVE-2020-36246HigFeb 19, 2021
    risk 0.44cvss 7.8epss 0.00

    Amaze File Manager before 3.5.1 allows attackers to obtain root privileges via shell metacharacters in a symbolic link.

  • CVE-2020-19513HigFeb 19, 2021
    risk 0.51cvss 7.8epss 0.00

    Buffer overflow in FinalWire Ltd AIDA64 Engineer 6.00.5100 allows attackers to execute arbitrary code by creating a crafted input that will overwrite the SEH handler.

  • CVE-2021-26712HigFeb 18, 2021
    risk 0.49cvss 7.5epss 0.04

    Incorrect access controls in res_srtp.c in Sangoma Asterisk 13.38.1, 16.16.0, 17.9.1, and 18.2.0 and Certified Asterisk 16.8-cert5 allow a remote unauthenticated attacker to prematurely terminate secure calls by replaying SRTP packets.

  • CVE-2021-26717HigFeb 18, 2021
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Sangoma Asterisk 16.x before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6. When re-negotiating for T.38, if the initial remote response was delayed just enough, Asterisk would send both audio and T.38 in…

  • CVE-2020-36233HigFeb 18, 2021
    risk 0.51cvss 7.8epss 0.00

    The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x before 7.6.4, and from version 7.7.0 before 7.10.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.

  • CVE-2021-27379HigFeb 18, 2021
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were…

  • CVE-2021-23341HigFeb 18, 2021
    risk 0.42cvss 7.5epss 0.03

    The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components.

  • CVE-2020-28499HigFeb 18, 2021
    risk 0.41cvss 7.3epss 0.01

    All versions of package merge are vulnerable to Prototype Pollution via _recursiveMerge .

  • CVE-2020-28491HigFeb 18, 2021
    risk 0.42cvss 7.5epss 0.03

    This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception.

  • CVE-2021-23340HigFeb 18, 2021
    risk 0.39cvss 7.1epss 0.01

    This affects the package pimcore/pimcore before 6.8.8. A Local FIle Inclusion vulnerability exists in the downloadCsvAction function of the CustomReportController class (bundles/AdminBundle/Controller/Reports/CustomReportController.php). An authenticated user can reach this…

  • CVE-2021-20443HigFeb 18, 2021
    risk 0.57cvss 8.8epss 0.01

    IBM Maximo for Civil Infrastructure 7.6.2 includes executable functionality (such as a library) from a source that is outside of the intended control sphere. IBM X-Force ID: 196619.

  • CVE-2021-20354HigFeb 18, 2021
    risk 0.49cvss 7.5epss 0.04

    IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 194883.

  • CVE-2020-28496HigFeb 18, 2021
    risk 0.00cvss 7.5epss 0.03

    This affects the package three before 0.125.0. This can happen when handling rgb or hsl colors. PoC: var three = require('three') function build_blank (n) { var ret = "rgb(" for (var i = 0; i < n; i++) { ret += " " } return ret + ""; } var Color = three.Color var time =…

  • CVE-2020-29664HigFeb 18, 2021
    risk 0.51cvss 7.8epss 0.01

    A command injection issue in dji_sys in DJI Mavic 2 Remote Controller before firmware version 01.00.0510 allows for code execution via a malicious firmware upgrade packet.

  • CVE-2020-9306HigFeb 18, 2021
    risk 0.57cvss 8.8epss 0.01

    Tesla SolarCity Solar Monitoring Gateway through 5.46.43 has a "Use of Hard-coded Credentials" issue because Digi ConnectPort X2e uses a .pyc file to store the cleartext password for the python user account.

  • CVE-2020-12878HigFeb 18, 2021
    risk 0.51cvss 7.8epss 0.01

    Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate privileges from the python user to root via a symlink attack that uses chown, related to /etc/init.d/S50dropbear.sh and the /WEB/python/.ssh directory.

  • CVE-2021-27138HigFeb 17, 2021
    risk 0.00cvss 7.8epss 0.01

    The boot loader in Das U-Boot before 2021.04-rc2 mishandles use of unit addresses in a FIT.

  • CVE-2021-27097HigFeb 17, 2021
    risk 0.00cvss 7.8epss 0.01

    The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT.

  • CVE-2020-8625HigFeb 17, 2021
    risk 0.58cvss 8.1epss 0.64

    BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid…

  • CVE-2021-27374HigFeb 17, 2021
    risk 0.49cvss 7.5epss 0.01

    VertiGIS WebOffice 10.7 SP1 before patch20210202 and 10.8 SP1 before patch20210207 allows attackers to achieve "Zugriff auf Inhalte der WebOffice Applikation."

  • CVE-2021-26720HigFeb 17, 2021
    risk 0.51cvss 7.8epss 0.00

    avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE:…

  • CVE-2020-36245HigFeb 17, 2021
    risk 0.50cvss 8.8epss 0.02

    GramAddict through 1.2.3 allows remote attackers to execute arbitrary code because of use of UIAutomator2 and ATX-Agent. The attacker must be able to reach TCP port 7912, e.g., by being on the same Wi-Fi network.

  • CVE-2021-3396HigFeb 17, 2021
    risk 0.00cvss 8.8epss 0.02

    OpenNMS Meridian 2016, 2017, 2018 before 2018.1.25, 2019 before 2019.1.16, and 2020 before 2020.1.5, Horizon 1.2 through 27.0.4, and Newts <1.5.3 has Incorrect Access Control, which allows local and remote code execution using JEXL expressions.

  • CVE-2021-27367HigFeb 17, 2021
    risk 0.00cvss 7.5epss 0.02

    Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal.

  • CVE-2021-26911HigFeb 17, 2021
    risk 0.00cvss 7.4epss 0.01

    core/imap/MCIMAPSession.cpp in Canary Mail before 3.22 has Missing SSL Certificate Validation for IMAP in STARTTLS mode.

  • CVE-2020-13555HigFeb 17, 2021
    risk 0.57cvss 8.8epss 0.01

    An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM…

  • CVE-2020-13553HigFeb 17, 2021
    risk 0.57cvss 8.8epss 0.01

    An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to…

  • CVE-2020-13552HigFeb 17, 2021
    risk 0.57cvss 8.8epss 0.01

    An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or…