VYPR

CVEs

97,194 total · page 1348 of 1,944

  • CVE-2020-19878HigAug 24, 2020
    risk 0.49cvss 7.5epss 0.02

    DBHcms v1.2.0 has a sensitive information leaks vulnerability as there is no security access control in /dbhcms/ext/news/ext.news.be.php, A remote unauthenticated attacker can exploit this vulnerability to get path information.

  • CVE-2020-14350HigAug 24, 2020
    risk 0.47cvss 7.3epss 0.01

    It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such…

  • CVE-2020-14349HigAug 24, 2020
    risk 0.46cvss 7.1epss 0.02

    It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in…

  • CVE-2020-13101HigAug 24, 2020
    risk 0.49cvss 7.5epss 0.01

    In OASIS Digital Signature Services (DSS) 1.0, an attacker can control the validation outcome (i.e., trigger either a valid or invalid outcome for a valid or invalid signature) via a crafted XML signature, when the InlineXML option is used. This defeats the expectation of…

  • CVE-2020-7711HigAug 23, 2020
    risk 0.49cvss 7.5epss 0.02

    This affects all versions of package github.com/russellhaering/goxmldsig. There is a crash on nil-pointer dereference caused by sending malformed XML signatures.

  • CVE-2020-5417HigAug 21, 2020
    risk 0.57cvss 8.8epss 0.01

    Cloud Foundry CAPI (Cloud Controller), versions prior to 1.97.0, when used in a deployment where an app domain is also the system domain (which is true in the default CF Deployment manifest), were vulnerable to developers maliciously or accidentally claiming certain sensitive…

  • CVE-2020-9063HigAug 21, 2020
    risk 0.49cvss 7.6epss 0.01

    NCR SelfServ ATMs running APTRA XFS 05.01.00 or earlier do not authenticate or protect the integrity of USB HID communications between the currency dispenser and the host computer, permitting an attacker with physical access to internal ATM components the ability to inject a…

  • CVE-2020-8623HigAug 21, 2020
    risk 0.49cvss 7.5epss 0.06

    In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system…

  • CVE-2020-8621HigAug 21, 2020
    risk 0.49cvss 7.5epss 0.03

    In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not…

  • CVE-2020-8620HigAug 21, 2020
    risk 0.49cvss 7.5epss 0.04

    In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.

  • CVE-2020-10126HigAug 21, 2020
    risk 0.49cvss 7.6epss 0.00

    NCR SelfServ ATMs running APTRA XFS 05.01.00 do not properly validate softare updates for the bunch note acceptor (BNA), enabling an attacker with physical access to internal ATM components to restart the host computer and execute arbitrary code with SYSTEM privileges because…

  • CVE-2020-10125HigAug 21, 2020
    risk 0.49cvss 7.6epss 0.00

    NCR SelfServ ATMs running APTRA XFS 04.02.01 and 05.01.00 implement 512-bit RSA certificates to validate bunch note acceptor (BNA) software updates, which can be broken by an attacker with physical access in a sufficiently short period of time, thereby enabling the attacker to…

  • CVE-2020-10124HigAug 21, 2020
    risk 0.46cvss 7.1epss 0.01

    NCR SelfServ ATMs running APTRA XFS 05.01.00 do not encrypt, authenticate, or verify the integrity of messages between the BNA and the host computer, which could allow an attacker with physical access to the internal components of the ATM to execute arbitrary code, including…

  • CVE-2019-11862HigAug 21, 2020
    risk 0.53cvss 8.1epss 0.01

    The SSH service on ALEOS before 4.12.0, 4.9.5, 4.4.9 allows traffic proxying.

  • CVE-2019-11855HigAug 21, 2020
    risk 0.53cvss 8.1epss 0.01

    An RPC server is enabled by default on the gateway's LAN of ALEOS before 4.12.0, 4.9.5, and 4.4.9.

  • CVE-2019-11847HigAug 21, 2020
    risk 0.47cvss 7.3epss 0.00

    An improper privilege management vulnerabitlity exists in ALEOS before 4.11.0, 4.9.4 and 4.4.9. An authenticated user can escalate to root via the command shell.

  • CVE-2020-15147HigAug 21, 2020
    risk 0.00cvss 8.5epss 0.02

    Red Discord Bot before versions 3.3.12 and 3.4 has a Remote Code Execution vulnerability in the Streams module. This exploit allows Discord users with specifically crafted "going live" messages to inject code into the Streams module's going live message. By abusing this exploit,…

  • CVE-2020-15140HigAug 21, 2020
    risk 0.00cvss 8.2epss 0.01

    In Red Discord Bot before version 3.3.11, a RCE exploit has been discovered in the Trivia module: this exploit allows Discord users with specifically crafted usernames to inject code into the Trivia module's leaderboard command. By abusing this exploit, it's possible to perform…

  • CVE-2020-24057HigAug 21, 2020
    risk 0.58cvss 8.8epss 0.05

    The management website of the Verint S5120FD Verint_FW_0_42 unit features a CGI endpoint ('ipfilter.cgi') that allows the user to manage network filtering on the unit. This endpoint is vulnerable to a command injection. An authenticated attacker can leverage this issue to…

  • CVE-2020-24056HigAug 21, 2020
    risk 0.49cvss 7.5epss 0.01

    A hardcoded credentials vulnerability exists in Verint 5620PTZ Verint_FW_0_42, Verint 4320 V4320_FW_0_23, V4320_FW_0_31, and Verint S5120FD Verint_FW_0_42units. This could cause a confidentiality issue when using the FTP, Telnet, or SSH protocols.

  • CVE-2020-24053HigAug 21, 2020
    risk 0.49cvss 7.5epss 0.01

    Moog EXO Series EXVF5C-2 and EXVP7C2-3 units have a hardcoded credentials vulnerability. This could cause a confidentiality issue when using the FTP, Telnet, or SSH protocols.

  • CVE-2020-15309HigAug 21, 2020
    risk 0.46cvss 7.0epss 0.00

    An issue was discovered in wolfSSL before 4.5.0, when single precision is not employed. Local attackers can conduct a cache-timing attack against public key operations. These attackers may already have obtained sensitive information if the affected system has been used for…

  • CVE-2020-12457HigAug 21, 2020
    risk 0.00cvss 7.5epss 0.02

    An issue was discovered in wolfSSL before 4.5.0. It mishandles the change_cipher_spec (CCS) message processing logic for TLS 1.3. If an attacker sends ChangeCipherSpec messages in a crafted way involving more than one in a row, the server becomes stuck in the ProcessReply()…

  • CVE-2020-5774HigAug 21, 2020
    risk 0.46cvss 7.1epss 0.00

    Nessus versions 8.11.0 and earlier were found to maintain sessions longer than the permitted period in certain scenarios. The lack of proper session expiration could allow attackers with local access to login into an existing browser session.

  • CVE-2020-7710HigAug 21, 2020
    risk 0.53cvss 8.1epss 0.01

    This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine.

  • CVE-2020-15070HigAug 21, 2020
    risk 0.57cvss 8.8epss 0.01

    Zulip Server 2.x before 2.1.7 allows eval injection if a privileged attacker were able to write directly to the postgres database, and chose to write a crafted custom profile field value.

  • CVE-2020-14215HigAug 21, 2020
    risk 0.49cvss 7.5epss 0.01

    Zulip Server before 2.1.5 has Incorrect Access Control because 0198_preregistrationuser_invited_as adds the administrator role to invitations.

  • CVE-2020-24574HigAug 21, 2020
    risk 0.51cvss 7.8epss 0.01

    The client (aka GalaxyClientService.exe) in GOG GALAXY through 2.0.41 (as of 12:58 AM Eastern, 9/26/21) allows local privilege escalation from any authenticated user to SYSTEM by instructing the Windows service to execute arbitrary commands. This occurs because the attacker can…

  • CVE-2020-24571HigAug 21, 2020
    risk 0.50cvss 7.5epss 0.18

    NexusQA NexusDB before 4.50.23 allows the reading of files via ../ directory traversal.

  • CVE-2020-24567HigAug 21, 2020
    risk 0.51cvss 7.8epss 0.01

    voidtools Everything before 1.4.1 Beta Nightly 2020-08-18 allows privilege escalation via a Trojan horse urlmon.dll file in the installation directory. NOTE: this is only relevant if low-privileged users can write to the installation directory, which may be considered a…

  • CVE-2020-24359HigAug 20, 2020
    risk 0.42cvss 7.5epss 0.01

    HashiCorp vault-ssh-helper up to and including version 0.1.6 incorrectly accepted Vault-issued SSH OTPs for the subnet in which a host's network interface was located, rather than the specific IP address assigned to that interface. Fixed in 0.2.0.

  • CVE-2020-16282HigAug 20, 2020
    risk 0.57cvss 8.8epss 0.00

    In the default configuration of Rangee GmbH RangeeOS 8.0.4, all components are executed in the context of the privileged root user. This may allow a local attacker to break out of the restricted environment or inject malicious code into the application and fully compromise the…

  • CVE-2020-16281HigAug 20, 2020
    risk 0.51cvss 7.8epss 0.00

    The Kommbox component in Rangee GmbH RangeeOS 8.0.4 could allow a local authenticated attacker to escape from the restricted environment and execute arbitrary code due to unrestricted context menus being accessible.

  • CVE-2020-10289HigAug 20, 2020
    risk 0.00cvss 8.8epss 0.02

    Use of unsafe yaml load. Allows instantiation of arbitrary objects. The flaw itself is caused by an unsafe parsing of YAML values which happens whenever an action message is processed to be sent, and allows for the creation of Python objects. Through this flaw in the ROS core…

  • CVE-2020-8870HigAug 20, 2020
    risk 0.51cvss 7.8epss 0.05

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.916. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…

  • CVE-2020-8869HigAug 20, 2020
    risk 0.51cvss 7.8epss 0.05

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.916. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…

  • CVE-2020-15862HigAug 20, 2020
    risk 0.00cvss 7.8epss 0.00

    Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.

  • CVE-2020-15861HigAug 20, 2020
    risk 0.00cvss 7.8epss 0.00

    Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following.

  • CVE-2020-15638HigAug 20, 2020
    risk 0.51cvss 7.8epss 0.06

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.2.29539. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…

  • CVE-2020-15635HigAug 20, 2020
    risk 0.57cvss 8.8epss 0.03

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers with firmware 1.0.4.84_10.0.58. Authentication is not required to exploit this vulnerability. The specific flaw exists within the…

  • CVE-2020-15630HigAug 20, 2020
    risk 0.51cvss 7.8epss 0.05

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2020-15629HigAug 20, 2020
    risk 0.51cvss 7.8epss 0.06

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…

  • CVE-2020-15531HigAug 20, 2020
    risk 0.57cvss 8.8epss 0.03

    Silicon Labs Bluetooth Low Energy SDK before 2.13.3 has a buffer overflow via packet data. This is an over-the-air remote code execution vulnerability in Bluetooth LE in EFR32 SoCs and associated modules running Bluetooth SDK, supporting Central or Observer roles.

  • CVE-2020-15151HigAug 20, 2020
    risk 0.45cvss 8.0epss 0.01

    OpenMage LTS before versions 19.4.6 and 20.0.2 allows attackers to circumvent the `fromkey protection` in the Admin Interface and increases the attack surface for Cross Site Request Forgery attacks. This issue is related to Adobe's CVE-2020-9690. It is patched in versions 19.4.6…

  • CVE-2020-15143HigAug 20, 2020
    risk 0.43cvss 7.7epss 0.02

    In SyliusResourceBundle before versions 1.3.14, 1.4.7, 1.5.2 and 1.6.4, rrequest parameters injected inside an expression evaluated by `symfony/expression-language` package haven't been sanitized properly. This allows the attacker to access any public service by manipulating…

  • CVE-2020-13826HigAug 20, 2020
    risk 0.57cvss 8.8epss 0.01

    A CSV injection (aka Excel Macro Injection or Formula Injection) issue in i-doit 1.14.2 allows an attacker to execute arbitrary commands via a Title parameter that is mishandled in a CSV export.

  • CVE-2020-9724HigAug 19, 2020
    risk 0.51cvss 7.8epss 0.03

    Adobe Lightroom versions 9.2.0.10 and earlier have an insecure library loading vulnerability. Successful exploitation could lead to privilege escalation.

  • CVE-2020-9723HigAug 19, 2020
    risk 0.49cvss 7.5epss 0.04

    Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2020-9722HigAug 19, 2020
    risk 0.51cvss 7.8epss 0.06

    Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2020-9721HigAug 19, 2020
    risk 0.49cvss 7.5epss 0.03

    Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.