VYPR

CVEs

100,082 total · page 1386 of 2,002

  • CVE-2020-9865HigOct 16, 2020
    risk 0.56cvss 8.6epss 0.01

    A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application may be able to break out of its sandbox.

  • CVE-2020-9862HigOct 16, 2020
    risk 0.51cvss 7.8epss 0.02

    A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying…

  • CVE-2020-9799HigOct 16, 2020
    risk 0.51cvss 7.8epss 0.01

    An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.6. A malicious application may be able to execute arbitrary code with kernel privileges.

  • CVE-2020-4636HigOct 16, 2020
    risk 0.47cvss 7.2epss 0.01

    IBM Resilient OnPrem 38.2 could allow a privileged user to inject malicious commands through Python3 scripting. IBM X-Force ID: 185503.

  • CVE-2020-4254HigOct 16, 2020
    risk 0.49cvss 7.5epss 0.01

    IBM Security Guardium Big Data Intelligence 1.0 (SonarG) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 175560.

  • CVE-2020-15258HigOct 16, 2020
    risk 0.00cvss 8.0epss 0.02

    In Wire before 3.20.x, `shell.openExternal` was used without checking the URL. This vulnerability allows an attacker to execute code on the victims machine by sending messages containing links with arbitrary protocols. The victim has to interact with the link and sees the URL…

  • CVE-2020-15255HigOct 16, 2020
    risk 0.03cvss 8.7epss 0.03

    In Anuko Time Tracker before verion 1.19.23.5325, due to not properly filtered user input a CSV export of a report could contain cells that are treated as formulas by spreadsheet software (for example, when a cell value starts with an equal sign). This is fixed in version…

  • CVE-2020-15254HigOct 16, 2020
    risk 0.00cvss 8.1epss 0.03

    Crossbeam is a set of tools for concurrent programming. In crossbeam-channel before version 0.4.4, the bounded channel incorrectly assumes that `Vec::from_iter` has allocated capacity that same as the number of iterator elements. `Vec::from_iter` does not actually guarantee that…

  • CVE-2020-15252HigOct 16, 2020
    risk 0.56cvss 8.5epss 0.03

    In XWiki before version 12.5 and 11.10.6, any user with SCRIPT right (EDIT right before XWiki 7.4) can gain access to the application server Servlet context which contains tools allowing to instantiate arbitrary Java objects and invoke methods that may lead to arbitrary code…

  • CVE-2020-27178HigOct 16, 2020
    risk 0.49cvss 7.5epss 0.01

    Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4, and 6.3.x before 6.3.0-RC4 mishandles secret keys with Google Authenticator for multifactor authentication.

  • CVE-2020-3991HigOct 16, 2020
    risk 0.46cvss 7.1epss 0.00

    VMware Horizon Client for Windows (5.x before 5.5.0) contains a denial-of-service vulnerability due to a file system access control issue during install time. Successful exploitation of this issue may allow an attacker to overwrite certain admin privileged files through a…

  • CVE-2020-26682HigOct 16, 2020
    risk 0.00cvss 8.8epss 0.02

    In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow.

  • CVE-2020-15867HigOct 16, 2020
    risk 0.57cvss 7.2epss 0.88

    The git hook feature in Gogs 0.5.5 through 0.12.2 allows for authenticated remote code execution. There can be a privilege escalation if access to this hook feature is granted to a user who does not have administrative privileges. NOTE: because this is mentioned in the…

  • CVE-2020-14144HigOct 16, 2020
    risk 0.03cvss 7.2epss 0.94

    The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the…

  • CVE-2020-26893HigOct 16, 2020
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed copy of ClamXAV 2 (running with an injected malicious dylib) to communicate with ClamXAV 3's helper tool and perform privileged operations. This occurs because of inadequate client…

  • CVE-2020-25829HigOct 16, 2020
    risk 0.49cvss 7.5epss 0.06

    An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC Secure state, via a DNS ANY…

  • CVE-2020-27176HigOct 16, 2020
    risk 0.54cvss 8.3epss 0.02

    Mutation XSS exists in Mark Text through 0.16.2 that leads to Remote Code Execution. NOTE: this might be considered a duplicate of CVE-2020-26870; however, it can also be considered an issue in the design of the "source code mode" feature, which parses HTML even though HTML…

  • CVE-2020-27174HigOct 16, 2020
    risk 0.00cvss 7.5epss 0.02

    In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than…

  • CVE-2020-27173HigOct 16, 2020
    risk 0.00cvss 7.5epss 0.02

    In vm-superio before 0.1.1, the serial console FIFO can grow to unlimited memory usage when data is sent to the input source (i.e., standard input). This behavior cannot be reproduced from the guest side. When no rate limiting is in place, the host can be subject to memory…

  • CVE-2020-7591HigOct 15, 2020
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been identified in SIPORT MP (All versions < 3.2.1). Vulnerable versions of the device could allow an authenticated attacker to impersonate other users of the system and perform (potentially administrative) actions on behalf of those users if the single…

  • CVE-2020-12503HigOct 15, 2020
    risk 0.49cvss 7.2epss 0.23

    Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3…

  • CVE-2020-12502HigOct 15, 2020
    risk 0.57cvss 8.8epss 0.01

    Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3…

  • CVE-2020-25858HigOct 15, 2020
    risk 0.50cvss 7.5epss 0.10

    The QCMAP_Web_CLIENT binary in the Qualcomm QCMAP software suite prior to versions released in October 2020 does not validate the return value of a strstr() or strchr() call in the Tokenizer() function. An attacker who invokes the web interface with a crafted URL can crash the…

  • CVE-2020-6108HigOct 15, 2020
    risk 0.51cvss 7.8epss 0.02

    An exploitable code execution vulnerability exists in the fsck_chk_orphan_node functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause a heap buffer overflow resulting in a code execution. An attacker can provide a malicious file to trigger this…

  • CVE-2020-6105HigOct 15, 2020
    risk 0.51cvss 7.8epss 0.02

    An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause Information overwrite resulting in a code execution. An attacker can provide a malicious file to trigger this…

  • CVE-2020-11642HigOct 15, 2020
    risk 0.50cvss 7.7epss 0.01

    The local file inclusion vulnerability present in B&R SiteManager versions <9.2.620236042 allows authenticated users to impact availability of SiteManager instances.

  • CVE-2020-11641HigOct 15, 2020
    risk 0.50cvss 7.7epss 0.01

    A local file inclusion vulnerability in B&R SiteManager versions <9.2.620236042 allows authenticated users to read sensitive files from SiteManager instances.

  • CVE-2020-7334HigOct 15, 2020
    risk 0.50cvss 7.7epss 0.00

    Improper privilege assignment vulnerability in the installer McAfee Application and Change Control (MACC) prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer. This…

  • CVE-2020-27157HigOct 15, 2020
    risk 0.53cvss 8.1epss 0.01

    Veritas APTARE versions prior to 10.5 included code that bypassed the normal login process when specific authentication credentials were provided to the server. An unauthenticated user could login to the application and gain access to the data and functionality accessible to the…

  • CVE-2020-5642HigOct 15, 2020
    risk 0.57cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in Live Chat - Live support version 3.1.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

  • CVE-2020-27153HigOct 15, 2020
    risk 0.49cvss 8.6epss 0.04

    In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event.

  • CVE-2020-6374HigOct 15, 2020
    risk 0.51cvss 7.8epss 0.01

    SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated Jupiter Tessallation(.jt) file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is…

  • CVE-2020-6373HigOct 15, 2020
    risk 0.51cvss 7.8epss 0.01

    SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper…

  • CVE-2020-6372HigOct 15, 2020
    risk 0.51cvss 7.8epss 0.01

    SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper…

  • CVE-2020-8350HigOct 14, 2020
    risk 0.57cvss 8.8epss 0.01

    An authentication bypass vulnerability was reported in Lenovo ThinkPad Stack Wireless Router firmware version 1.1.3.4 that could allow escalation of privilege.

  • CVE-2020-8345HigOct 14, 2020
    risk 0.47cvss 7.3epss 0.00

    A DLL search path vulnerability was reported in the Lenovo HardwareScan Plugin for the Lenovo Vantage hardware scan feature prior to version 1.0.46.11 that could allow escalation of privilege.

  • CVE-2020-8338HigOct 14, 2020
    risk 0.51cvss 7.8epss 0.00

    A DLL search path vulnerability was reported in Lenovo Diagnostics prior to version 4.35.4 that could allow a user with local access to execute code on the system.

  • CVE-2020-3483HigOct 14, 2020
    risk 0.46cvss 7.1epss 0.00

    Duo has identified and fixed an issue with the Duo Network Gateway (DNG) product in which some customer-provided SSL certificates and private keys were not excluded from logging. This issue resulted in certificate and private key information being written out in plain-text to…

  • CVE-2020-15253HigOct 14, 2020
    risk 0.00cvss 7.3epss 0.01

    Versions of Grocy <= 2.7.1 are vulnerable to Cross-Site Scripting via the Create Shopping List module, that is rendered upon deleting that Shopping List. The issue was also found in users, batteries, chores, equipment, locations, quantity units, shopping locations, tasks,…

  • CVE-2020-15229HigOct 14, 2020
    risk 0.46cvss 8.2epss 0.02

    Singularity (an open source container platform) from version 3.1.1 through 3.6.3 has a vulnerability. Due to insecure handling of path traversal and the lack of path sanitization within `unsquashfs`, it is possible to overwrite/create any files on the host filesystem during the…

  • CVE-2020-9746HigOct 14, 2020
    risk 0.46cvss 7.0epss 0.04

    Adobe Flash Player version 32.0.0.433 (and earlier) are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution. Exploitation of this issue requires an attacker to insert malicious strings in an HTTP response…

  • CVE-2020-0423HigOct 14, 2020
    risk 0.51cvss 7.8epss 0.01

    In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0421HigOct 14, 2020
    risk 0.51cvss 7.8epss 0.00

    In appendFormatV of String8.cpp, there is a possible out of bounds write due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0420HigOct 14, 2020
    risk 0.51cvss 7.8epss 0.00

    In setUpdatableDriverPath of GpuService.cpp, there is a possible memory corruption due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0416HigOct 14, 2020
    risk 0.57cvss 8.8epss 0.01

    In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2020-0413HigOct 14, 2020
    risk 0.49cvss 7.5epss 0.01

    In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-0408HigOct 14, 2020
    risk 0.51cvss 7.8epss 0.00

    In remove of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11…

  • CVE-2020-0377HigOct 14, 2020
    risk 0.49cvss 7.5epss 0.02

    In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-6087HigOct 14, 2020
    risk 0.49cvss 7.5epss 0.04

    An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can…

  • CVE-2020-6086HigOct 14, 2020
    risk 0.49cvss 7.5epss 0.04

    An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can…