VYPR

CVEs

100,082 total · page 1338 of 2,002

  • CVE-2020-35700HigFeb 8, 2021
    risk 0.50cvss 8.8epss 0.02

    A second-order SQL injection issue in Widgets/TopDevicesController.php (aka the Top Devices dashboard widget) of LibreNMS before 21.1.0 allows remote authenticated attackers to execute arbitrary SQL commands via the sort_order parameter against the /ajax/form/widget-settings…

  • CVE-2021-26843HigFeb 7, 2021
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in sthttpd through 2.27.1. On systems where the strcpy function is implemented with memcpy, the de_dotdot function may cause a Denial-of-Service (daemon crash) due to overlapping memory ranges being passed to memcpy. This can triggered with an HTTP GET…

  • CVE-2020-36243HigFeb 7, 2021
    risk 0.62cvss 8.8epss 0.64

    The Patient Portal of OpenEMR 5.0.2.1 is affected by a Command Injection vulnerability in /interface/main/backup.php. To exploit the vulnerability, an authenticated attacker can send a POST request that executes arbitrary OS commands via shell metacharacters.

  • CVE-2021-22302HigFeb 6, 2021
    risk 0.46cvss 7.1epss 0.00

    There is an out-of-bound read vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module does not verify the some input. Attackers can exploit this vulnerability by sending malicious input through specific app. This could cause out-of-bound, compromising normal service.

  • CVE-2021-22293HigFeb 6, 2021
    risk 0.49cvss 7.5epss 0.01

    Some Huawei products have an inconsistent interpretation of HTTP requests vulnerability. Attackers can exploit this vulnerability to cause information leak. Affected product versions include: CampusInsight versions V100R019C10; ManageOne versions 6.5.1.1, 6.5.1.SPC100,…

  • CVE-2021-22292HigFeb 6, 2021
    risk 0.49cvss 7.5epss 0.01

    There is a denial of service (DoS) vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS.

  • CVE-2021-22299HigFeb 6, 2021
    risk 0.51cvss 7.8epss 0.00

    There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Affected product versions…

  • CVE-2021-3229HigFeb 5, 2021
    risk 0.49cvss 7.5epss 0.03

    Denial of service in ASUSWRT ASUS RT-AX3000 firmware versions 3.0.0.4.384_10177 and earlier versions allows an attacker to disrupt the use of device setup services via continuous login error.

  • CVE-2020-12122HigFeb 5, 2021
    risk 0.51cvss 7.8epss 0.00

    In Max Secure Max Spyware Detector 1.0.0.044, the driver file (MaxProc64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x2200019. (This also extends to the various other…

  • CVE-2020-10554HigFeb 5, 2021
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Psyprax beforee 3.2.2. Passwords used to encrypt the data are stored in the database in an obfuscated format, which can be easily reverted. For example, the password AAAAAAAA is stored in the database as MMMMMMMM.

  • CVE-2020-10552HigFeb 5, 2021
    risk 0.53cvss 8.1epss 0.01

    An issue was discovered in Psyprax before 3.2.2. The Firebird database is accessible with the default user sysdba and password masterke after installation. This allows any user to access it and read and modify the contents, including passwords. Local database files can be…

  • CVE-2020-18750HigFeb 5, 2021
    risk 0.00cvss 7.8epss 0.01

    Buffer overflow in pdf2json 0.69 allows local users to execute arbitrary code by converting a crafted PDF file.

  • CVE-2021-3382HigFeb 5, 2021
    risk 0.00cvss 7.5epss 0.02

    Stack buffer overflow vulnerability in gitea 1.9.0 through 1.13.1 allows remote attackers to cause a denial of service (crash) via vectors related to a file path.

  • CVE-2021-26708HigFeb 5, 2021
    risk 0.00cvss 7.0epss 0.02

    A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK…

  • CVE-2021-20652HigFeb 5, 2021
    risk 0.57cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in Name Directory 1.17.4 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

  • CVE-2020-8806HigFeb 5, 2021
    risk 0.49cvss 7.5epss 0.01

    Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigger consensus failure and double spending. A valid chain could be incorrectly rejected because timestamp requirements on block headers were not properly enforced.

  • CVE-2020-35765HigFeb 5, 2021
    risk 0.59cvss 8.8epss 0.27

    doFilter in com.adventnet.appmanager.filter.UriCollector in Zoho ManageEngine Applications Manager through 14930 allows an authenticated SQL Injection via the resourceid parameter to showresource.do.

  • CVE-2020-10537HigFeb 5, 2021
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in Epikur before 20.1.1. A Glassfish 4.1 server with a default configuration is running on TCP port 4848. No password is required to access it with the administrator account.

  • CVE-2021-25249HigFeb 4, 2021
    risk 0.51cvss 7.8epss 0.00

    An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to escalate privileges on affected installations. Please note: an…

  • CVE-2021-0351HigFeb 4, 2021
    risk 0.49cvss 7.5epss 0.01

    In wlan driver, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9,…

  • CVE-2021-1370HigFeb 4, 2021
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in a CLI command of Cisco IOS XR Software for the Cisco 8000 Series Routers and Network Convergence System 540 Series Routers running NCS540L software images could allow an authenticated, local attacker to elevate their privilege to root. To exploit this…

  • CVE-2021-1348HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1347HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1346HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1345HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.02

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1344HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.02

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1343HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.02

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1342HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1341HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1340HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1339HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1338HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1337HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1336HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1335HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1334HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1333HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1332HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1331HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1330HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1329HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1328HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1327HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.02

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1326HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1325HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1324HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1323HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.02

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1322HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.02

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1321HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.02

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…

  • CVE-2021-1320HigFeb 4, 2021
    risk 0.47cvss 7.2epss 0.02

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These…