VYPR

CVEs

100,081 total · page 1377 of 2,002

  • CVE-2020-11616HigOct 29, 2020
    risk 0.49cvss 7.5epss 0.01

    NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which the Pseudo-Random Number Generator (PRNG) algorithm used in the JSOL package that implements the IPMI protocol is not cryptographically strong, which may lead…

  • CVE-2020-11615HigOct 29, 2020
    risk 0.49cvss 7.5epss 0.01

    NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure.

  • CVE-2020-11489HigOct 29, 2020
    risk 0.49cvss 7.5epss 0.01

    NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contain a vulnerability in the AMI BMC firmware in which default SNMP community strings are used, which may lead to information disclosure.

  • CVE-2020-11487HigOct 29, 2020
    risk 0.49cvss 7.5epss 0.01

    NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. DGX-2 with BMC firmware versions prior to 1.06.06 and all DGX A100 Servers with all BMC firmware versions, contains a vulnerability in the AMI BMC firmware in which the use of a hard-coded RSA 1024 key with…

  • CVE-2020-11485HigOct 29, 2020
    risk 0.57cvss 8.8epss 0.01

    NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a Cross-Site Request Forgery (CSRF) vulnerability in the AMI BMC firmware in which the web application does not sufficiently verify whether a well-formed, valid, consistent request was…

  • CVE-2020-27986HigOct 28, 2020
    risk 0.50cvss 7.5epss 0.16

    SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. NOTE: reportedly, the vendor's position for SMTP and SVN is "it is the administrator's responsibility to configure it.

  • CVE-2020-24713HigOct 28, 2020
    risk 0.49cvss 7.5epss 0.01

    Gophish through 0.10.1 does not invalidate the gophish cookie upon logout.

  • CVE-2020-24707HigOct 28, 2020
    risk 0.00cvss 7.8epss 0.01

    Gophish before 0.11.0 allows the creation of CSV sheets that contain malicious content.

  • CVE-2020-24990HigOct 28, 2020
    risk 0.49cvss 7.5epss 0.04

    An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By utilizing the TFTP service running on UDP port 69, a remote attacker can perform a directory traversal and obtain operating system files via a TFTP GET request, as demonstrated by reading /etc/passwd or /proc/version.

  • CVE-2020-26133HigOct 28, 2020
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in Dual DHCP DNS Server 7.40. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the DualServer.exe binary.

  • CVE-2020-26132HigOct 28, 2020
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in Home DNS Server 0.10. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the HomeDNSServer.exe binary.

  • CVE-2020-26131HigOct 28, 2020
    risk 0.51cvss 7.8epss 0.00

    Issues were discovered in Open DHCP Server (Regular) 1.75 and Open DHCP Server (LDAP Based) 0.1Beta. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenDHCPServer.exe (Regular) or the…

  • CVE-2020-26130HigOct 28, 2020
    risk 0.51cvss 7.8epss 0.00

    Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenTFTPServerMT.exe or the…

  • CVE-2020-25966HigOct 28, 2020
    risk 0.49cvss 7.5epss 0.01

    Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. This could be used by unauthorized parties to get configured login credentials of the assets via a modified pAccountID…

  • CVE-2020-16262HigOct 28, 2020
    risk 0.51cvss 7.8epss 0.00

    Winston 1.5.4 devices have a local www-data user that is overly permissioned, resulting in root privilege escalation.

  • CVE-2020-16260HigOct 28, 2020
    risk 0.49cvss 7.5epss 0.01

    Winston 1.5.4 devices do not enforce authorization. This is exploitable from the intranet, and can be combined with other vulnerabilities for remote exploitation.

  • CVE-2020-16258HigOct 28, 2020
    risk 0.46cvss 7.1epss 0.00

    Winston 1.5.4 devices make use of a Monit service (not managed during the normal user process) which is configured with default credentials.

  • CVE-2020-16256HigOct 28, 2020
    risk 0.57cvss 8.8epss 0.01

    The API on Winston 1.5.4 devices is vulnerable to CSRF.

  • CVE-2018-19943HigKEVOct 28, 2020
    risk 0.71cvss 8.0epss 0.18

    If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed these issues in the following QTS versions. QTS 4.4.2.1270 build 20200410 and later QTS 4.4.1.1261 build 20200330 and later QTS 4.3.6.1263 build…

  • CVE-2020-4767HigOct 28, 2020
    risk 0.49cvss 7.5epss 0.02

    IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial of service, caused by a buffer over-read. Bysending a specially crafted request, the attacker could cause the application to crash. IBM X-Force ID: 188906.

  • CVE-2020-15278HigOct 28, 2020
    risk 0.43cvss 7.7epss 0.01

    Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that…

  • CVE-2020-27978HigOct 28, 2020
    risk 0.49cvss 7.5epss 0.02

    Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote unauthenticated attacker can cause a login flow to trigger Java heap exhaustion due to the creation of objects in the Java Servlet container session.

  • CVE-2020-27975HigOct 28, 2020
    risk 0.57cvss 8.8epss 0.01

    osCommerce Phoenix CE before 1.0.5.4 allows admin/define_language.php CSRF.

  • CVE-2020-22552HigOct 28, 2020
    risk 0.49cvss 7.5epss 0.02

    The Snap7 server component in version 1.4.1, when an attacker sends a crafted packet with COTP protocol the last-data-unit flag set to No and S7 writes a var function, the Snap7 server will be crashed.

  • CVE-2020-8260HigKEVOct 28, 2020
    risk 0.70cvss 7.2epss 0.96

    A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code execution using uncontrolled gzip extraction.

  • CVE-2020-8254HigOct 28, 2020
    risk 0.57cvss 8.8epss 0.02

    A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server. This vulnerability only affects Windows PDC.To improve the security of connections between Pulse clients and Pulse Connect…

  • CVE-2020-8250HigOct 28, 2020
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege.

  • CVE-2020-8249HigOct 28, 2020
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to perform buffer overflow.

  • CVE-2020-8248HigOct 28, 2020
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege.

  • CVE-2020-8241HigOct 28, 2020
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Pulse Secure Desktop Client < 9.1R9 could allow the attacker to perform a MITM Attack if end users are convinced to connect to a malicious server.

  • CVE-2020-8240HigOct 28, 2020
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the Pulse Secure Desktop Client < 9.1R9 allows a restricted user on an endpoint machine can use system-level privileges if the Embedded Browser is configured with Credential Provider. This vulnerability only affects Windows PDC if the Embedded Browser is…

  • CVE-2020-5145HigOct 28, 2020
    risk 0.56cvss 8.6epss 0.01

    SonicWall Global VPN client version 4.10.4.0314 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to remote code execution in the target system.

  • CVE-2020-5144HigOct 28, 2020
    risk 0.51cvss 7.8epss 0.01

    SonicWall Global VPN client version 4.10.4.0314 and earlier allows unprivileged windows user to elevate privileges to SYSTEM through loaded process hijacking vulnerability.

  • CVE-2020-9973HigOct 27, 2020
    risk 0.51cvss 7.8epss 0.02

    An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted USD file may lead to unexpected…

  • CVE-2020-9961HigOct 27, 2020
    risk 0.51cvss 7.8epss 0.02

    An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.

  • CVE-2020-9941HigOct 27, 2020
    risk 0.49cvss 7.5epss 0.03

    This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. A remote attacker may be able to unexpectedly alter application state.

  • CVE-2020-9932HigOct 27, 2020
    risk 0.57cvss 8.8epss 0.01

    A memory corruption issue was addressed with improved validation. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, tvOS 13. Processing maliciously crafted web content may lead to arbitrary code execution.

  • CVE-2020-9782HigOct 27, 2020
    risk 0.49cvss 7.5epss 0.01

    A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A remote attacker may be able to overwrite existing files.

  • CVE-2020-9774HigOct 27, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue existed with Siri Suggestions access to encrypted data. The issue was fixed by limiting access to encrypted data. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. Encrypted data may be inappropriately…

  • CVE-2020-3880HigOct 27, 2020
    risk 0.51cvss 7.8epss 0.01

    An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. Processing a maliciously crafted…

  • CVE-2020-3864HigOct 27, 2020
    risk 0.51cvss 7.8epss 0.00

    A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin.

  • CVE-2020-3863HigOct 27, 2020
    risk 0.51cvss 7.8epss 0.01

    A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. An application may be able to execute arbitrary code with system privileges.

  • CVE-2020-3855HigOct 27, 2020
    risk 0.46cvss 7.1epss 0.01

    An access issue was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. A malicious application may be able to overwrite arbitrary files.

  • CVE-2020-3851HigOct 27, 2020
    risk 0.51cvss 7.8epss 0.01

    A use after free issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High…

  • CVE-2020-27892HigOct 27, 2020
    risk 0.49cvss 7.5epss 0.01

    The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Discover Commands Received Response message or a ZCL Discover Commands Generated Response message. It crashes in zclParseInDiscCmdsRspCmd().

  • CVE-2020-27891HigOct 27, 2020
    risk 0.49cvss 7.5epss 0.01

    The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Read Reporting Configuration Response message. It crashes in zclHandleExternal().

  • CVE-2020-27890HigOct 27, 2020
    risk 0.53cvss 8.2epss 0.01

    The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Write Attributes No Response message. It crashes in zclParseInWriteCmd() and does not update the specific attribute's value.

  • CVE-2020-27888HigOct 27, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC-M 4.3.21.11325 and UniFi Controller 6.0.28 devices. Cached credentials are not erased from an access point returning wirelessly from a disconnected state. This may provide unintended network access.

  • CVE-2019-8854HigOct 27, 2020
    risk 0.49cvss 7.5epss 0.01

    A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in macOS Catalina 10.15, watchOS 6, iOS 13, tvOS 13. A device may be passively tracked by its Wi-Fi MAC address.

  • CVE-2019-8852HigOct 27, 2020
    risk 0.51cvss 7.8epss 0.03

    A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An application may be able to execute arbitrary code with kernel privileges.