VYPR

CVEs

100,082 total · page 1335 of 2,002

  • CVE-2020-27250HigFeb 10, 2021
    risk 0.51cvss 7.8epss 0.01

    In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which…

  • CVE-2020-13585HigFeb 10, 2021
    risk 0.57cvss 8.8epss 0.02

    An out-of-bounds write vulnerability exists in the PSD Header processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2020-13583HigFeb 10, 2021
    risk 0.49cvss 7.5epss 0.02

    A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2020-13581HigFeb 10, 2021
    risk 0.51cvss 7.8epss 0.01

    In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser to copy data from a particular record type into a buffer that is smaller than the size used for the copy which will cause a heap-based buffer…

  • CVE-2020-13572HigFeb 10, 2021
    risk 0.57cvss 8.8epss 0.02

    A heap overflow vulnerability exists in the way the GIF parser decodes LZW compressed streams in Accusoft ImageGear 19.8. A specially crafted malformed file can trigger a heap overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to…

  • CVE-2020-13571HigFeb 10, 2021
    risk 0.57cvss 8.8epss 0.02

    An out-of-bounds write vulnerability exists in the SGI RLE decompression functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2020-13561HigFeb 10, 2021
    risk 0.57cvss 8.8epss 0.02

    An out-of-bounds write vulnerability exists in the TIFF parser of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2020-13578HigFeb 10, 2021
    risk 0.49cvss 7.5epss 0.03

    A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2020-13577HigFeb 10, 2021
    risk 0.49cvss 7.5epss 0.03

    A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2020-13575HigFeb 10, 2021
    risk 0.49cvss 7.5epss 0.02

    A denial-of-service vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2020-13574HigFeb 10, 2021
    risk 0.49cvss 7.5epss 0.03

    A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2020-13548HigFeb 10, 2021
    risk 0.63cvss 8.8epss 0.67

    In Foxit Reader 10.1.0.37527, a specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is…

  • CVE-2021-27179HigFeb 10, 2021
    risk 0.50cvss 7.5epss 0.14

    An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to crash the telnet daemon by sending a certain 0a 65 6e 61 62 6c 65 0a 02 0a 1a 0a string.

  • CVE-2021-27178HigFeb 10, 2021
    risk 0.50cvss 7.5epss 0.18

    An issue was discovered on FiberHome HG6245D devices through RP2613. Some passwords are stored in cleartext in nvram.

  • CVE-2021-27176HigFeb 10, 2021
    risk 0.50cvss 7.5epss 0.19

    An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_5g.cfg has cleartext passwords and 0644 permissions.

  • CVE-2021-27175HigFeb 10, 2021
    risk 0.50cvss 7.5epss 0.18

    An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_2g.cfg has cleartext passwords and 0644 permissions.

  • CVE-2021-27174HigFeb 10, 2021
    risk 0.50cvss 7.5epss 0.19

    An issue was discovered on FiberHome HG6245D devices through RP2613. wifi_custom.cfg has cleartext passwords and 0644 permissions.

  • CVE-2021-27173HigFeb 10, 2021
    risk 0.50cvss 7.5epss 0.13

    An issue was discovered on FiberHome HG6245D devices through RP2613. There is a telnet?enable=0&key=calculated(BR0_MAC) backdoor API, without authentication, provided by the HTTP server. This will remove firewall rules and allow an attacker to reach the telnet server (used for…

  • CVE-2021-27142HigFeb 10, 2021
    risk 0.50cvss 7.5epss 0.16

    An issue was discovered on FiberHome HG6245D devices through RP2613. The web management is done over HTTPS, using a hardcoded private key that has 0777 permissions.

  • CVE-2021-27140HigFeb 10, 2021
    risk 0.50cvss 7.5epss 0.19

    An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to find passwords and authentication cookies stored in cleartext in the web.log HTTP logs.

  • CVE-2021-27139HigFeb 10, 2021
    risk 0.50cvss 7.5epss 0.16

    An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to extract information from the device without authentication by disabling JavaScript and visiting /info.asp.

  • CVE-2021-26939HigFeb 10, 2021
    risk 0.49cvss 7.5epss 0.02

    An information disclosure issue exists in henriquedornas 5.2.17 because an attacker can dump phpMyAdmin SQL content. NOTE: third parties report that this is a site-specific problem

  • CVE-2021-26936HigFeb 10, 2021
    risk 0.51cvss 7.8epss 0.01

    The replay-sorcery program in ReplaySorcery 0.4.0 through 0.5.0, when using the default setuid-root configuration, allows a local attacker to escalate privileges to root by specifying video output paths in privileged locations.

  • CVE-2021-20353HigFeb 10, 2021
    risk 0.54cvss 8.2epss 0.05

    IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 194882.

  • CVE-2021-0341HigFeb 10, 2021
    risk 0.42cvss 7.5epss 0.01

    In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2021-0340HigFeb 10, 2021
    risk 0.57cvss 8.8epss 0.02

    In parseNextBox of IsoInterface.java, there is a possible leak of unredacted location information due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for…

  • CVE-2021-0339HigFeb 10, 2021
    risk 0.51cvss 7.8epss 0.01

    In loadAnimation of WindowContainer.java, there is a possible way to keep displaying a malicious app while a target app is brought to the foreground. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for…

  • CVE-2021-0337HigFeb 10, 2021
    risk 0.51cvss 7.8epss 0.00

    In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale metadata. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1…

  • CVE-2021-0336HigFeb 10, 2021
    risk 0.51cvss 7.8epss 0.00

    In onReceive of BluetoothPermissionRequest.java, there is a possible permissions bypass due to a mutable PendingIntent. This could lead to local escalation of privilege that bypasses a permission check, with User execution privileges needed. User interaction is not needed for…

  • CVE-2021-0334HigFeb 10, 2021
    risk 0.51cvss 7.8epss 0.00

    In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for…

  • CVE-2021-0333HigFeb 10, 2021
    risk 0.47cvss 7.3epss 0.00

    In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. This could lead to local escalation of privilege with User execution…

  • CVE-2021-0332HigFeb 10, 2021
    risk 0.51cvss 7.8epss 0.00

    In bootFinished of SurfaceFlinger.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11…

  • CVE-2021-0331HigFeb 10, 2021
    risk 0.47cvss 7.3epss 0.00

    In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. This could lead to local escalation of privilege and notification access with User execution privileges needed. User interaction is needed for…

  • CVE-2021-0330HigFeb 10, 2021
    risk 0.51cvss 7.8epss 0.00

    In add_user_ce and remove_user_ce of storaged.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in storaged with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-0329HigFeb 10, 2021
    risk 0.51cvss 7.8epss 0.00

    In several native functions called by AdvertiseManager.java, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth server with User execution privileges needed. User interaction is not needed for…

  • CVE-2021-0328HigFeb 10, 2021
    risk 0.51cvss 7.8epss 0.00

    In onBatchScanReports and deliverBatchScan of GattService.java, there is a possible way to retrieve Bluetooth scan results without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User…

  • CVE-2021-0327HigFeb 10, 2021
    risk 0.51cvss 7.8epss 0.00

    In getContentProviderImpl of ActivityManagerService.java, there is a possible permission bypass due to non-restored binder identities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2021-0326HigFeb 10, 2021
    risk 0.49cvss 7.5epss 0.05

    In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not…

  • CVE-2021-0325HigFeb 10, 2021
    risk 0.57cvss 8.8epss 0.02

    In ih264d_parse_pslice of ih264d_parse_pslice.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0314HigFeb 10, 2021
    risk 0.47cvss 7.3epss 0.00

    In onCreate of UninstallerActivity, there is a possible way to uninstall an all without informed user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for…

  • CVE-2021-0305HigFeb 10, 2021
    risk 0.51cvss 7.8epss 0.01

    In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0302HigFeb 10, 2021
    risk 0.51cvss 7.8epss 0.01

    In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-5023HigFeb 10, 2021
    risk 0.49cvss 7.5epss 0.02

    IBM Spectrum Protect Plus 10.1.0 through 10.1.7 could allow a remote user to inject arbitrary data iwhich could cause the serivce to crash due to excess resource consumption. IBM X-Force ID: 193659.

  • CVE-2020-13546HigFeb 10, 2021
    risk 0.51cvss 7.8epss 0.01

    In SoftMaker Software GmbH SoftMaker Office TextMaker 2021 (revision 1014), a specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will write outside its bounds resulting in a…

  • CVE-2020-24838HigFeb 10, 2021
    risk 0.49cvss 7.5epss 0.01

    An integer overflow has been found in the the latest version of Issuer. The total issuedCount can be zero if the parameter is overly large. An attacker can obtain the private key of the owner issued with a certain 'amount', and the issuedCount can be zero if there is an overflow.

  • CVE-2020-24837HigFeb 10, 2021
    risk 0.49cvss 7.5epss 0.02

    An integer underflow has been found in the latest version of ZCFees. The variables 'currPeriodIdx' and 'lastPeriodExecIdx' are both unsigned integers, and the result of the minus operation may be a negative integer which leads to an underflow. The attackers can modify the…

  • CVE-2021-23876HigFeb 10, 2021
    risk 0.51cvss 7.8epss 0.00

    Bypass Remote Procedure call in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file modification as the SYSTEM user potentially causing Denial of Service via executing carefully constructed malware.

  • CVE-2021-23874HigKEVFeb 10, 2021
    risk 0.65cvss 8.2epss 0.01

    Arbitrary Process Execution vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and execute arbitrary code bypassing MTP self-defense.

  • CVE-2021-23873HigFeb 10, 2021
    risk 0.51cvss 7.8epss 0.01

    Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file deletion as the SYSTEM user potentially causing Denial of Service via manipulating Junction link, after enumerating…

  • CVE-2021-23882HigFeb 10, 2021
    risk 0.53cvss 8.2epss 0.00

    Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only…