| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-14085 | Hig | 0.49 | 7.5 | 0.01 | Jul 16, 2018 | An issue was discovered in a smart contract implementation for UserWallet 0x0a7bca9FB7AfF26c6ED8029BB6f0F5D291587c42, an Ethereum token. First, suppose that the owner adds the evil contract address to his sweepers. The evil contract looks like this: contract Exploit { uint… | ||
| CVE-2018-14073 | Hig | 0.49 | 7.5 | 0.01 | Jul 15, 2018 | libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c. | ||
| CVE-2018-14072 | Hig | 0.49 | 7.5 | 0.01 | Jul 15, 2018 | libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, image_buffer_resize in fromsixel.c, and sixel_decode_raw in fromsixel.c. | ||
| CVE-2018-14069 | Hig | 0.57 | 8.8 | 0.01 | Jul 15, 2018 | An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add a user account via admin.php?m=Admin&c=member&a=add. | ||
| CVE-2018-14068 | Hig | 0.57 | 8.8 | 0.01 | Jul 15, 2018 | An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add an admin account via admin.php?m=Admin&c=manager&a=add. | ||
| CVE-2018-10875 | — | Hig | 0.44 | 7.8 | 0.01 | Jul 13, 2018 | A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code. | |
| CVE-2017-13097 | Hig | 0.51 | 7.8 | 0.00 | Jul 13, 2018 | The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax license requirement. The methods are flawed and, in the… | ||
| CVE-2017-13096 | Hig | 0.51 | 7.8 | 0.00 | Jul 13, 2018 | The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax access control. The methods are flawed and, in the most… | ||
| CVE-2017-13095 | Hig | 0.51 | 7.8 | 0.00 | Jul 13, 2018 | The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of a license-deny response to a license grant. The methods are flawed and, in the most… | ||
| CVE-2017-13094 | Hig | 0.51 | 7.8 | 0.00 | Jul 13, 2018 | The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of the encryption key and insertion of hardware trojans in any IP. The methods are flawed… | ||
| CVE-2017-13093 | Hig | 0.51 | 7.8 | 0.00 | Jul 13, 2018 | The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of encrypted IP cyphertext to insert hardware trojans. The methods are flawed and, in the… | ||
| CVE-2017-13092 | Hig | 0.51 | 7.8 | 0.00 | Jul 13, 2018 | The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle. The methods are… | ||
| CVE-2017-13091 | Hig | 0.51 | 7.8 | 0.00 | Jul 13, 2018 | The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle. The methods… | ||
| CVE-2016-9497 | Hig | 0.57 | 8.8 | 0.02 | Jul 13, 2018 | Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user… | ||
| CVE-2016-9495 | Hig | 0.57 | 8.8 | 0.01 | Jul 13, 2018 | Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials. Access to the device's default telnet port (23) can be obtained through using one of a few default credentials shared among all devices. | ||
| CVE-2016-9489 | Hig | 0.57 | 8.8 | 0.02 | Jul 13, 2018 | In ManageEngine Applications Manager 12 and 13 before build 13200, an authenticated user is able to alter all of their own properties, including own group, i.e. changing their group to one with higher privileges like "ADMIN". A user is also able to change properties of another… | ||
| CVE-2016-9487 | Hig | 0.51 | 7.8 | 0.01 | Jul 13, 2018 | EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary… | ||
| CVE-2016-9486 | Hig | 0.51 | 7.8 | 0.01 | Jul 13, 2018 | On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The… | ||
| CVE-2016-9485 | Hig | 0.51 | 7.8 | 0.01 | Jul 13, 2018 | On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The… | ||
| CVE-2016-9484 | Hig | 0.49 | 7.5 | 0.04 | Jul 13, 2018 | The generated PHP form code does not properly validate user input folder directories, allowing a remote unauthenticated attacker to perform a path traversal and access arbitrary files on the server. The PHP FormMail Generator website does not use version numbers and is updated… | ||
| CVE-2016-6578 | Hig | 0.57 | 8.8 | 0.01 | Jul 13, 2018 | CodeLathe FileCloud, version 13.0.0.32841 and earlier, contains a global cross-site request forgery (CSRF) vulnerability. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious… | ||
| CVE-2016-6565 | Hig | 0.49 | 7.5 | 0.03 | Jul 13, 2018 | The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server… | ||
| CVE-2016-6564 | Hig | 0.53 | 8.1 | 0.03 | Jul 13, 2018 | Android devices with code from Ragentek contain a privileged binary that performs over-the-air (OTA) update checks. Additionally, there are multiple techniques used to hide the execution of this binary. This behavior could be described as a rootkit. This binary, which resides as… | ||
| CVE-2016-6562 | Hig | 0.49 | 7.5 | 0.00 | Jul 13, 2018 | On iOS and Android devices, the ShoreTel Mobility Client app version 9.1.3.109 fails to properly validate SSL certificates provided by HTTPS connections, which means that an attacker in the position to perform MITM attacks may be able to obtain sensitive account information such… | ||
| CVE-2016-6557 | Hig | 0.57 | 8.8 | 0.01 | Jul 13, 2018 | In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. An attacker can perform actions with the same permissions as a… | ||
| CVE-2016-6547 | Hig | 0.51 | 7.8 | 0.00 | Jul 13, 2018 | The Zizai Tech Nut mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file. | ||
| CVE-2016-6546 | Hig | 0.51 | 7.8 | 0.00 | Jul 13, 2018 | The iTrack Easy mobile application stores the account password used to authenticate to the cloud API in base64-encoding in the cache.db file. The base64 encoding format is considered equivalent to cleartext. | ||
| CVE-2016-6544 | Hig | 0.49 | 7.5 | 0.03 | Jul 13, 2018 | getgps data in iTrack Easy can be modified without authentication by setting the data using the parametercmd:setothergps. This vulnerability can be exploited to alter the GPS data of a lost device. | ||
| CVE-2018-1000211 | — | Hig | 0.00 | 7.5 | 0.02 | Jul 13, 2018 | Doorkeeper version 4.2.0 and later contains a Incorrect Access Control vulnerability in Token revocation API's authorized method that can result in Access tokens are not revoked for public OAuth apps, leaking access until expiry. | |
| CVE-2018-1000210 | — | Hig | 0.51 | 7.8 | 0.01 | Jul 13, 2018 | YamlDotNet version 4.3.2 and earlier contains a Insecure Direct Object Reference vulnerability in The default behavior of Deserializer.Deserialize() will deserialize user-controlled types in the line "currentType = Type.GetType(nodeEvent.Tag.Substring(1), throwOnError: false);"… | |
| CVE-2018-1000209 | Hig | 0.57 | 8.8 | 0.01 | Jul 13, 2018 | Sensu, Inc. Sensu Core version Before version 1.4.2-3 contains a Insecure Permissions vulnerability in Sensu Core on Windows platforms that can result in Unprivileged users may execute code in context of Sensu service account. This attack appear to be exploitable via… | ||
| CVE-2018-1000208 | Hig | 0.00 | 7.5 | 0.02 | Jul 13, 2018 | MODX Revolution version <=2.6.4 contains a Directory Traversal vulnerability in /core/model/modx/modmanagerrequest.class.php that can result in remove files. This attack appear to be exploitable via web request via security/login processor. This vulnerability appears to have… | ||
| CVE-2018-1000207 | — | Hig | 0.45 | 7.2 | 0.64 | Jul 13, 2018 | MODX Revolution version <=2.6.4 contains a Incorrect Access Control vulnerability in Filtering user parameters before passing them into phpthumb class that can result in Creating file with custom a filename and content. This attack appear to be exploitable via Web request. This… | |
| CVE-2018-1000206 | Hig | 0.57 | 8.8 | 0.01 | Jul 13, 2018 | JFrog Artifactory version since 5.11 contains a Cross ite Request Forgery (CSRF) vulnerability in UI rest endpoints that can result in Classic CSRF attack allowing an attacker to perform actions as logged in user. This attack appear to be exploitable via The victim must run… | ||
| CVE-2018-7535 | Hig | 0.51 | 7.8 | 0.00 | Jul 13, 2018 | An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of the product's files because of weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to gain privileges or obtain maximum control over the product. | ||
| CVE-2018-10018 | Hig | 0.61 | 8.8 | 0.06 | Jul 13, 2018 | The GDASPAMLib.AntiSpam ActiveX control ASK\GDASpam.dll in G DATA Total Security 25.4.0.3 has a buffer overflow via a long IsBlackListed argument. | ||
| CVE-2018-9067 | Hig | 0.49 | 7.5 | 0.01 | Jul 13, 2018 | The Lenovo Help Android app versions earlier than 6.1.2.0327 had insufficient access control for some functions which, if exploited, could have led to exposure of approximately 400 email addresses and 8,500 IMEI. | ||
| CVE-2018-14051 | Hig | 0.49 | 7.5 | 0.02 | Jul 13, 2018 | The function wav_read in libwav.c in libwav through 2017-04-20 has an infinite loop. | ||
| CVE-2018-14046 | Hig | 0.57 | 8.8 | 0.02 | Jul 13, 2018 | Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp. | ||
| CVE-2018-14045 | Hig | 0.49 | 7.5 | 0.03 | Jul 13, 2018 | The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. | ||
| CVE-2018-14044 | Hig | 0.49 | 7.5 | 0.03 | Jul 13, 2018 | The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. | ||
| CVE-2018-6969 | Hig | 0.46 | 7.0 | 0.00 | Jul 13, 2018 | VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate their privileges on the guest VMs. In order to be able to exploit this… | ||
| CVE-2018-14035 | Hig | 0.57 | 8.8 | 0.01 | Jul 13, 2018 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5VM_memcpyvv in H5VM.c. | ||
| CVE-2018-14034 | Hig | 0.57 | 8.8 | 0.01 | Jul 13, 2018 | An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5O_pline_reset in H5Opline.c. | ||
| CVE-2018-14033 | Hig | 0.57 | 8.8 | 0.02 | Jul 13, 2018 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy. | ||
| CVE-2018-14031 | Hig | 0.57 | 8.8 | 0.02 | Jul 13, 2018 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c. | ||
| CVE-2018-14029 | Hig | 0.60 | 8.8 | 0.03 | Jul 13, 2018 | CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over a user account, as demonstrated by modifying the account's email field. | ||
| CVE-2018-14014 | Hig | 0.57 | 8.8 | 0.01 | Jul 12, 2018 | In waimai Super Cms 20150505, there is a CSRF vulnerability that can add an admin account via admin.php?m=Member&a=adminadd. | ||
| CVE-2018-5529 | — | Hig | 0.51 | 7.8 | 0.00 | Jul 12, 2018 | The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of… | |
| CVE-2018-12980 | Hig | 0.63 | 8.8 | 0.30 | Jul 12, 2018 | An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. The vulnerability allows an authenticated user to upload arbitrary files to the file system with the permissions of the web server. |
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in a smart contract implementation for UserWallet 0x0a7bca9FB7AfF26c6ED8029BB6f0F5D291587c42, an Ethereum token. First, suppose that the owner adds the evil contract address to his sweepers. The evil contract looks like this: contract Exploit { uint…
- risk 0.49cvss 7.5epss 0.01
libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c.
- risk 0.49cvss 7.5epss 0.01
libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, image_buffer_resize in fromsixel.c, and sixel_decode_raw in fromsixel.c.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add a user account via admin.php?m=Admin&c=member&a=add.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add an admin account via admin.php?m=Admin&c=manager&a=add.
- risk 0.44cvss 7.8epss 0.01
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.
- risk 0.51cvss 7.8epss 0.00
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax license requirement. The methods are flawed and, in the…
- risk 0.51cvss 7.8epss 0.00
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax access control. The methods are flawed and, in the most…
- risk 0.51cvss 7.8epss 0.00
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of a license-deny response to a license grant. The methods are flawed and, in the most…
- risk 0.51cvss 7.8epss 0.00
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of the encryption key and insertion of hardware trojans in any IP. The methods are flawed…
- risk 0.51cvss 7.8epss 0.00
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of encrypted IP cyphertext to insert hardware trojans. The methods are flawed and, in the…
- risk 0.51cvss 7.8epss 0.00
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle. The methods are…
- risk 0.51cvss 7.8epss 0.00
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle. The methods…
- risk 0.57cvss 8.8epss 0.02
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user…
- risk 0.57cvss 8.8epss 0.01
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials. Access to the device's default telnet port (23) can be obtained through using one of a few default credentials shared among all devices.
- risk 0.57cvss 8.8epss 0.02
In ManageEngine Applications Manager 12 and 13 before build 13200, an authenticated user is able to alter all of their own properties, including own group, i.e. changing their group to one with higher privileges like "ADMIN". A user is also able to change properties of another…
- risk 0.51cvss 7.8epss 0.01
EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary…
- risk 0.51cvss 7.8epss 0.01
On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The…
- risk 0.51cvss 7.8epss 0.01
On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The…
- risk 0.49cvss 7.5epss 0.04
The generated PHP form code does not properly validate user input folder directories, allowing a remote unauthenticated attacker to perform a path traversal and access arbitrary files on the server. The PHP FormMail Generator website does not use version numbers and is updated…
- risk 0.57cvss 8.8epss 0.01
CodeLathe FileCloud, version 13.0.0.32841 and earlier, contains a global cross-site request forgery (CSRF) vulnerability. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious…
- risk 0.49cvss 7.5epss 0.03
The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server…
- risk 0.53cvss 8.1epss 0.03
Android devices with code from Ragentek contain a privileged binary that performs over-the-air (OTA) update checks. Additionally, there are multiple techniques used to hide the execution of this binary. This behavior could be described as a rootkit. This binary, which resides as…
- risk 0.49cvss 7.5epss 0.00
On iOS and Android devices, the ShoreTel Mobility Client app version 9.1.3.109 fails to properly validate SSL certificates provided by HTTPS connections, which means that an attacker in the position to perform MITM attacks may be able to obtain sensitive account information such…
- risk 0.57cvss 8.8epss 0.01
In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. An attacker can perform actions with the same permissions as a…
- risk 0.51cvss 7.8epss 0.00
The Zizai Tech Nut mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file.
- risk 0.51cvss 7.8epss 0.00
The iTrack Easy mobile application stores the account password used to authenticate to the cloud API in base64-encoding in the cache.db file. The base64 encoding format is considered equivalent to cleartext.
- risk 0.49cvss 7.5epss 0.03
getgps data in iTrack Easy can be modified without authentication by setting the data using the parametercmd:setothergps. This vulnerability can be exploited to alter the GPS data of a lost device.
- risk 0.00cvss 7.5epss 0.02
Doorkeeper version 4.2.0 and later contains a Incorrect Access Control vulnerability in Token revocation API's authorized method that can result in Access tokens are not revoked for public OAuth apps, leaking access until expiry.
- risk 0.51cvss 7.8epss 0.01
YamlDotNet version 4.3.2 and earlier contains a Insecure Direct Object Reference vulnerability in The default behavior of Deserializer.Deserialize() will deserialize user-controlled types in the line "currentType = Type.GetType(nodeEvent.Tag.Substring(1), throwOnError: false);"…
- risk 0.57cvss 8.8epss 0.01
Sensu, Inc. Sensu Core version Before version 1.4.2-3 contains a Insecure Permissions vulnerability in Sensu Core on Windows platforms that can result in Unprivileged users may execute code in context of Sensu service account. This attack appear to be exploitable via…
- risk 0.00cvss 7.5epss 0.02
MODX Revolution version <=2.6.4 contains a Directory Traversal vulnerability in /core/model/modx/modmanagerrequest.class.php that can result in remove files. This attack appear to be exploitable via web request via security/login processor. This vulnerability appears to have…
- risk 0.45cvss 7.2epss 0.64
MODX Revolution version <=2.6.4 contains a Incorrect Access Control vulnerability in Filtering user parameters before passing them into phpthumb class that can result in Creating file with custom a filename and content. This attack appear to be exploitable via Web request. This…
- risk 0.57cvss 8.8epss 0.01
JFrog Artifactory version since 5.11 contains a Cross ite Request Forgery (CSRF) vulnerability in UI rest endpoints that can result in Classic CSRF attack allowing an attacker to perform actions as logged in user. This attack appear to be exploitable via The victim must run…
- risk 0.51cvss 7.8epss 0.00
An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of the product's files because of weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to gain privileges or obtain maximum control over the product.
- risk 0.61cvss 8.8epss 0.06
The GDASPAMLib.AntiSpam ActiveX control ASK\GDASpam.dll in G DATA Total Security 25.4.0.3 has a buffer overflow via a long IsBlackListed argument.
- risk 0.49cvss 7.5epss 0.01
The Lenovo Help Android app versions earlier than 6.1.2.0327 had insufficient access control for some functions which, if exploited, could have led to exposure of approximately 400 email addresses and 8,500 IMEI.
- risk 0.49cvss 7.5epss 0.02
The function wav_read in libwav.c in libwav through 2017-04-20 has an infinite loop.
- risk 0.57cvss 8.8epss 0.02
Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp.
- risk 0.49cvss 7.5epss 0.03
The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.
- risk 0.49cvss 7.5epss 0.03
The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.
- risk 0.46cvss 7.0epss 0.00
VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate their privileges on the guest VMs. In order to be able to exploit this…
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5VM_memcpyvv in H5VM.c.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5O_pline_reset in H5Opline.c.
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy.
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c.
- risk 0.60cvss 8.8epss 0.03
CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over a user account, as demonstrated by modifying the account's email field.
- risk 0.57cvss 8.8epss 0.01
In waimai Super Cms 20150505, there is a CSRF vulnerability that can add an admin account via admin.php?m=Member&a=adminadd.
- risk 0.51cvss 7.8epss 0.00
The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of…
- risk 0.63cvss 8.8epss 0.30
An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. The vulnerability allows an authenticated user to upload arbitrary files to the file system with the permissions of the web server.