VYPR

CVEs

100,075 total · page 1341 of 2,002

  • CVE-2019-25016HigJan 28, 2021
    risk 0.00cvss 8.8epss 0.03

    In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly inherited by authenticated executions if the authenticating rule allowed the user to execute any command. Rules that only allowed to authenticated user to execute specific commands were not affected by this…

  • CVE-2021-20187HigJan 28, 2021
    risk 0.47cvss 7.2epss 0.02

    It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication.

  • CVE-2020-4888HigJan 28, 2021
    risk 0.62cvss 8.8epss 0.62

    IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. By sending a malicious serialized Java…

  • CVE-2020-13569HigJan 28, 2021
    risk 0.57cvss 8.8epss 0.03

    A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request can lead to the execution of arbitrary requests in the context of the…

  • CVE-2021-20621HigJan 28, 2021
    risk 0.57cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

  • CVE-2020-5626HigJan 28, 2021
    risk 0.57cvss 8.8epss 0.02

    Logstorage version 8.0.0 and earlier, and ELC Analytics version 3.0.0 and earlier allow remote attackers to execute arbitrary OS commands via a specially crafted log file.

  • CVE-2021-3326HigJan 27, 2021
    risk 0.49cvss 7.5epss 0.03

    The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.

  • CVE-2021-22655HigJan 27, 2021
    risk 0.51cvss 7.8epss 0.01

    Multiple out-of-bounds read issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).

  • CVE-2021-22653HigJan 27, 2021
    risk 0.51cvss 7.8epss 0.01

    Multiple out-of-bounds write issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).

  • CVE-2021-22641HigJan 27, 2021
    risk 0.51cvss 7.8epss 0.02

    A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).

  • CVE-2021-22639HigJan 27, 2021
    risk 0.51cvss 7.8epss 0.02

    An uninitialized pointer issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).

  • CVE-2021-22637HigJan 27, 2021
    risk 0.51cvss 7.8epss 0.02

    Multiple stack-based buffer overflow issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to…

  • CVE-2021-26118HigJan 27, 2021
    risk 0.42cvss 7.5epss 0.04

    While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in…

  • CVE-2021-26117HigJan 27, 2021
    risk 0.43cvss 7.5epss 0.11

    The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to versions 5.16.1 and 5.15.14, the anonymous context is used to verify a valid users…

  • CVE-2021-25247HigJan 27, 2021
    risk 0.51cvss 7.8epss 0.01

    A DLL hijacking vulnerability Trend Micro HouseCall for Home Networks version 5.3.1063 and below could allow an attacker to use a malicious DLL to escalate privileges and perform arbitrary code execution. An attacker must already have user privileges on the machine to exploit…

  • CVE-2020-5427HigJan 27, 2021
    risk 0.47cvss 7.2epss 0.01

    In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution.

  • CVE-2020-4952HigJan 27, 2021
    risk 0.57cvss 8.8epss 0.02

    IBM Security Guardium 11.2 could allow an authenticated user to gain root access due to improper access control. IBM X-Force ID: 192028.

  • CVE-2021-25312HigJan 27, 2021
    risk 0.57cvss 8.8epss 0.01

    HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a flaw in the IDTOKENS authentication method.

  • CVE-2020-23356HigJan 27, 2021
    risk 0.49cvss 7.5epss 0.01

    dmin/kernel/api/login.class.phpin in nibbleblog v3.7.1c allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.

  • CVE-2020-23355HigJan 27, 2021
    risk 0.49cvss 7.5epss 0.01

    ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Codiad 2.8.4 /componetns/user/class.user.php:Authenticate() is vulnerable in magic hash authentication bypass. If encrypted or hash value for the passwords form certain formats of magic hash, e.g, 0e123, another hash value 0e234…

  • CVE-2020-23352HigJan 27, 2021
    risk 0.00cvss 7.5epss 0.01

    Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control. PHP loose comparison and a magic hash can be used to bypass authentication. zb_user/plugin/passwordvisit/include.php:passwordvisit_input_password() uses loose comparison to authenticate, which can be bypassed via…

  • CVE-2021-3317HigJan 26, 2021
    risk 0.64cvss 8.8epss 0.41

    KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of the source parameter.

  • CVE-2021-3165HigJan 26, 2021
    risk 0.57cvss 8.8epss 0.02

    SmartAgent 3.1.0 allows a ViewOnly attacker to create a SuperUser account via the /#/CampaignManager/users URI.

  • CVE-2021-1070HigJan 26, 2021
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied,…

  • CVE-2020-23776HigJan 26, 2021
    risk 0.49cvss 7.5epss 0.01

    A SSRF vulnerability exists in Winmail 6.5 in app.php in the key parameter when HTTPS is on. An attacker can use this vulnerability to cause the server to send a request to a specific URL. An attacker can modify the request header 'HOST' value to cause the server to send the…

  • CVE-2021-3309HigJan 26, 2021
    risk 0.00cvss 8.1epss 0.02

    packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust store,

  • CVE-2021-3156HigKEVJan 26, 2021
    risk 0.67cvss 7.8epss 0.99

    Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

  • CVE-2021-21278HigJan 26, 2021
    risk 0.49cvss 8.6epss 0.02

    RSSHub is an open source, easy to use, and extensible RSS feed generator. In RSSHub before version 7f1c430 (non-semantic versioning) there is a risk of code injection. Some routes use `eval` or `Function constructor`, which may be injected by the target site with unsafe code,…

  • CVE-2021-22159HigJan 26, 2021
    risk 0.51cvss 7.8epss 0.00

    Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier is missing…

  • CVE-2020-27295HigJan 26, 2021
    risk 0.49cvss 7.5epss 0.01

    The affected product has uncontrolled resource consumption issues, which may allow an attacker to cause a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233).

  • CVE-2020-27274HigJan 26, 2021
    risk 0.49cvss 7.5epss 0.01

    Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233).

  • CVE-2020-13582HigJan 26, 2021
    risk 0.49cvss 7.5epss 0.03

    A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2021-3297HigJan 26, 2021
    risk 0.52cvss 7.8epss 0.21

    On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator access.

  • CVE-2021-3291HigJan 26, 2021
    risk 0.44cvss 7.2epss 0.17

    Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command.

  • CVE-2021-3223HigJan 26, 2021
    risk 0.43cvss 7.5epss 0.18

    Node-RED-Dashboard before 2.26.2 allows ui_base/js/..%2f directory traversal to read files.

  • CVE-2021-3195HigJan 26, 2021
    risk 0.49cvss 7.5epss 0.01

    bitcoind in Bitcoin Core through 0.21.0 can create a new file in an arbitrary directory (e.g., outside the ~/.bitcoin directory) via a dumpwallet RPC call. NOTE: this reportedly does not violate the security model of Bitcoin Core, but can violate the security model of a fork…

  • CVE-2021-3164HigJan 26, 2021
    risk 0.58cvss 8.8epss 0.04

    ChurchRota 2.6.4 is vulnerable to authenticated remote code execution. The user does not need to have file upload permission in order to upload and execute an arbitrary file via a POST request to resources.php.

  • CVE-2021-3115HigJan 26, 2021
    risk 0.49cvss 7.5epss 0.07

    Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).

  • CVE-2021-26267HigJan 26, 2021
    risk 0.49cvss 7.5epss 0.01

    cPanel before 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension (SEC-579).

  • CVE-2021-26266HigJan 26, 2021
    risk 0.49cvss 7.5epss 0.01

    cPanel before 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578).

  • CVE-2021-26026HigJan 26, 2021
    risk 0.51cvss 7.8epss 0.01

    PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!JPEGTransW+0x000000000000c7f4 via a crafted BMP image.

  • CVE-2021-26025HigJan 26, 2021
    risk 0.51cvss 7.8epss 0.01

    PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!zlibVersion+0x0000000000004e5e via a crafted BMP image.

  • CVE-2021-25908HigJan 26, 2021
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in the fil-ocl crate through 2021-01-04 for Rust. From can lead to a double free.

  • CVE-2021-25906HigJan 26, 2021
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in the basic_dsp_matrix crate before 0.9.2 for Rust. When a TransformContent panic occurs, a double drop can be performed.

  • CVE-2021-25904HigJan 26, 2021
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in the av-data crate before 0.3.0 for Rust. A raw pointer is dereferenced, leading to a read of an arbitrary memory address, sometimes causing a segfault.

  • CVE-2021-25903HigJan 26, 2021
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in the cache crate through 2021-01-01 for Rust. A raw pointer is dereferenced.

  • CVE-2021-25902HigJan 26, 2021
    risk 0.00cvss 7.5epss 0.01

    An issue was discovered in the glsl-layout crate before 0.4.0 for Rust. When a panic occurs, map_array can perform a double drop.

  • CVE-2021-25864HigJan 26, 2021
    risk 0.49cvss 7.5epss 0.09

    node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file.

  • CVE-2021-25863HigJan 26, 2021
    risk 0.57cvss 8.8epss 0.01

    Open5GS 2.1.3 listens on 0.0.0.0:3000 and has a default password of 1423 for the admin account.

  • CVE-2021-22698HigJan 26, 2021
    risk 0.51cvss 7.8epss 0.04

    A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is…