VYPR

CVEs

82,357 total · page 1353 of 1,648

  • CVE-2018-14085HigJul 16, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in a smart contract implementation for UserWallet 0x0a7bca9FB7AfF26c6ED8029BB6f0F5D291587c42, an Ethereum token. First, suppose that the owner adds the evil contract address to his sweepers. The evil contract looks like this: contract Exploit { uint…

  • CVE-2018-14073HigJul 15, 2018
    risk 0.49cvss 7.5epss 0.01

    libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c.

  • CVE-2018-14072HigJul 15, 2018
    risk 0.49cvss 7.5epss 0.01

    libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, image_buffer_resize in fromsixel.c, and sixel_decode_raw in fromsixel.c.

  • CVE-2018-14069HigJul 15, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add a user account via admin.php?m=Admin&c=member&a=add.

  • CVE-2018-14068HigJul 15, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add an admin account via admin.php?m=Admin&c=manager&a=add.

  • CVE-2018-10875HigJul 13, 2018
    risk 0.44cvss 7.8epss 0.01

    A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.

  • CVE-2017-13097HigJul 13, 2018
    risk 0.51cvss 7.8epss 0.00

    The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax license requirement. The methods are flawed and, in the…

  • CVE-2017-13096HigJul 13, 2018
    risk 0.51cvss 7.8epss 0.00

    The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax access control. The methods are flawed and, in the most…

  • CVE-2017-13095HigJul 13, 2018
    risk 0.51cvss 7.8epss 0.00

    The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of a license-deny response to a license grant. The methods are flawed and, in the most…

  • CVE-2017-13094HigJul 13, 2018
    risk 0.51cvss 7.8epss 0.00

    The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of the encryption key and insertion of hardware trojans in any IP. The methods are flawed…

  • CVE-2017-13093HigJul 13, 2018
    risk 0.51cvss 7.8epss 0.00

    The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of encrypted IP cyphertext to insert hardware trojans. The methods are flawed and, in the…

  • CVE-2017-13092HigJul 13, 2018
    risk 0.51cvss 7.8epss 0.00

    The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle. The methods are…

  • CVE-2017-13091HigJul 13, 2018
    risk 0.51cvss 7.8epss 0.00

    The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle. The methods…

  • CVE-2016-9497HigJul 13, 2018
    risk 0.57cvss 8.8epss 0.02

    Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user…

  • CVE-2016-9495HigJul 13, 2018
    risk 0.57cvss 8.8epss 0.01

    Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials. Access to the device's default telnet port (23) can be obtained through using one of a few default credentials shared among all devices.

  • CVE-2016-9489HigJul 13, 2018
    risk 0.57cvss 8.8epss 0.02

    In ManageEngine Applications Manager 12 and 13 before build 13200, an authenticated user is able to alter all of their own properties, including own group, i.e. changing their group to one with higher privileges like "ADMIN". A user is also able to change properties of another…

  • CVE-2016-9487HigJul 13, 2018
    risk 0.51cvss 7.8epss 0.01

    EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary…

  • CVE-2016-9486HigJul 13, 2018
    risk 0.51cvss 7.8epss 0.01

    On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The…

  • CVE-2016-9485HigJul 13, 2018
    risk 0.51cvss 7.8epss 0.01

    On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The…

  • CVE-2016-9484HigJul 13, 2018
    risk 0.49cvss 7.5epss 0.04

    The generated PHP form code does not properly validate user input folder directories, allowing a remote unauthenticated attacker to perform a path traversal and access arbitrary files on the server. The PHP FormMail Generator website does not use version numbers and is updated…

  • CVE-2016-6578HigJul 13, 2018
    risk 0.57cvss 8.8epss 0.01

    CodeLathe FileCloud, version 13.0.0.32841 and earlier, contains a global cross-site request forgery (CSRF) vulnerability. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious…

  • CVE-2016-6565HigJul 13, 2018
    risk 0.49cvss 7.5epss 0.03

    The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server…

  • CVE-2016-6564HigJul 13, 2018
    risk 0.53cvss 8.1epss 0.03

    Android devices with code from Ragentek contain a privileged binary that performs over-the-air (OTA) update checks. Additionally, there are multiple techniques used to hide the execution of this binary. This behavior could be described as a rootkit. This binary, which resides as…

  • CVE-2016-6562HigJul 13, 2018
    risk 0.49cvss 7.5epss 0.00

    On iOS and Android devices, the ShoreTel Mobility Client app version 9.1.3.109 fails to properly validate SSL certificates provided by HTTPS connections, which means that an attacker in the position to perform MITM attacks may be able to obtain sensitive account information such…

  • CVE-2016-6557HigJul 13, 2018
    risk 0.57cvss 8.8epss 0.01

    In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. An attacker can perform actions with the same permissions as a…

  • CVE-2016-6547HigJul 13, 2018
    risk 0.51cvss 7.8epss 0.00

    The Zizai Tech Nut mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file.

  • CVE-2016-6546HigJul 13, 2018
    risk 0.51cvss 7.8epss 0.00

    The iTrack Easy mobile application stores the account password used to authenticate to the cloud API in base64-encoding in the cache.db file. The base64 encoding format is considered equivalent to cleartext.

  • CVE-2016-6544HigJul 13, 2018
    risk 0.49cvss 7.5epss 0.03

    getgps data in iTrack Easy can be modified without authentication by setting the data using the parametercmd:setothergps. This vulnerability can be exploited to alter the GPS data of a lost device.

  • CVE-2018-1000211HigJul 13, 2018
    risk 0.00cvss 7.5epss 0.02

    Doorkeeper version 4.2.0 and later contains a Incorrect Access Control vulnerability in Token revocation API's authorized method that can result in Access tokens are not revoked for public OAuth apps, leaking access until expiry.

  • CVE-2018-1000210HigJul 13, 2018
    risk 0.51cvss 7.8epss 0.01

    YamlDotNet version 4.3.2 and earlier contains a Insecure Direct Object Reference vulnerability in The default behavior of Deserializer.Deserialize() will deserialize user-controlled types in the line "currentType = Type.GetType(nodeEvent.Tag.Substring(1), throwOnError: false);"…

  • CVE-2018-1000209HigJul 13, 2018
    risk 0.57cvss 8.8epss 0.01

    Sensu, Inc. Sensu Core version Before version 1.4.2-3 contains a Insecure Permissions vulnerability in Sensu Core on Windows platforms that can result in Unprivileged users may execute code in context of Sensu service account. This attack appear to be exploitable via…

  • CVE-2018-1000208HigJul 13, 2018
    risk 0.00cvss 7.5epss 0.02

    MODX Revolution version <=2.6.4 contains a Directory Traversal vulnerability in /core/model/modx/modmanagerrequest.class.php that can result in remove files. This attack appear to be exploitable via web request via security/login processor. This vulnerability appears to have…

  • CVE-2018-1000207HigJul 13, 2018
    risk 0.45cvss 7.2epss 0.64

    MODX Revolution version <=2.6.4 contains a Incorrect Access Control vulnerability in Filtering user parameters before passing them into phpthumb class that can result in Creating file with custom a filename and content. This attack appear to be exploitable via Web request. This…

  • CVE-2018-1000206HigJul 13, 2018
    risk 0.57cvss 8.8epss 0.01

    JFrog Artifactory version since 5.11 contains a Cross ite Request Forgery (CSRF) vulnerability in UI rest endpoints that can result in Classic CSRF attack allowing an attacker to perform actions as logged in user. This attack appear to be exploitable via The victim must run…

  • CVE-2018-7535HigJul 13, 2018
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of the product's files because of weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to gain privileges or obtain maximum control over the product.

  • CVE-2018-10018HigJul 13, 2018
    risk 0.61cvss 8.8epss 0.06

    The GDASPAMLib.AntiSpam ActiveX control ASK\GDASpam.dll in G DATA Total Security 25.4.0.3 has a buffer overflow via a long IsBlackListed argument.

  • CVE-2018-9067HigJul 13, 2018
    risk 0.49cvss 7.5epss 0.01

    The Lenovo Help Android app versions earlier than 6.1.2.0327 had insufficient access control for some functions which, if exploited, could have led to exposure of approximately 400 email addresses and 8,500 IMEI.

  • CVE-2018-14051HigJul 13, 2018
    risk 0.49cvss 7.5epss 0.02

    The function wav_read in libwav.c in libwav through 2017-04-20 has an infinite loop.

  • CVE-2018-14046HigJul 13, 2018
    risk 0.57cvss 8.8epss 0.02

    Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp.

  • CVE-2018-14045HigJul 13, 2018
    risk 0.49cvss 7.5epss 0.03

    The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.

  • CVE-2018-14044HigJul 13, 2018
    risk 0.49cvss 7.5epss 0.03

    The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.

  • CVE-2018-6969HigJul 13, 2018
    risk 0.46cvss 7.0epss 0.00

    VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate their privileges on the guest VMs. In order to be able to exploit this…

  • CVE-2018-14035HigJul 13, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5VM_memcpyvv in H5VM.c.

  • CVE-2018-14034HigJul 13, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5O_pline_reset in H5Opline.c.

  • CVE-2018-14033HigJul 13, 2018
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy.

  • CVE-2018-14031HigJul 13, 2018
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c.

  • CVE-2018-14029HigJul 13, 2018
    risk 0.60cvss 8.8epss 0.03

    CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over a user account, as demonstrated by modifying the account's email field.

  • CVE-2018-14014HigJul 12, 2018
    risk 0.57cvss 8.8epss 0.01

    In waimai Super Cms 20150505, there is a CSRF vulnerability that can add an admin account via admin.php?m=Member&a=adminadd.

  • CVE-2018-5529HigJul 12, 2018
    risk 0.51cvss 7.8epss 0.00

    The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of…

  • CVE-2018-12980HigJul 12, 2018
    risk 0.63cvss 8.8epss 0.30

    An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. The vulnerability allows an authenticated user to upload arbitrary files to the file system with the permissions of the web server.