VYPR

CVEs

100,082 total · page 1388 of 2,002

  • CVE-2020-26802HigOct 8, 2020
    risk 0.57cvss 8.8epss 0.01

    forma.lms 2.3.0.2 is affected by Cross Site Request Forgery (CSRF) in formalms/appCore/index.php?r=lms/profile/show&ap=saveinfo via a GET request to change the admin email address in order to accomplish an account takeover.

  • CVE-2020-10816HigOct 8, 2020
    risk 0.49cvss 7.5epss 0.05

    Zoho ManageEngine Applications Manager 14780 and before allows a remote unauthenticated attacker to register managed servers via AAMRequestProcessor servlet.

  • CVE-2020-4799HigOct 8, 2020
    risk 0.51cvss 7.8epss 0.00

    IBM Informix spatial 14.10 could allow a local user to execute commands as a privileged user due to an out of bounds write vulnerability. IBM X-Force ID: 189460.

  • CVE-2020-4280HigOct 8, 2020
    risk 0.63cvss 8.8epss 0.73

    IBM QRadar SIEM 7.3 and 7.4 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. By sending a malicious serialized Java object, an attacker could exploit this…

  • CVE-2020-13340HigOct 8, 2020
    risk 0.62cvss 8.7epss 0.69

    An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2: Stored XSS in CI Job Log

  • CVE-2019-4545HigOct 8, 2020
    risk 0.49cvss 7.5epss 0.02

    IBM QRadar SIEM 7.3 and 7.4 when configured to use Active Directory Authentication may be susceptible to spoofing attacks. IBM X-Force ID: 165877.

  • CVE-2020-2286HigOct 8, 2020
    risk 0.57cvss 8.8epss 0.01

    Jenkins Role-based Authorization Strategy Plugin 3.0 and earlier does not properly invalidate a permission cache when the configuration is changed, resulting in permissions being granted based on an outdated configuration.

  • CVE-2020-25263HigOct 8, 2020
    risk 0.46cvss 7.1epss 0.01

    PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the admin/addons/uninstall/anomaly.module.blocks URI: an arbitrary plugin will be deleted.

  • CVE-2020-3544HigOct 8, 2020
    risk 0.57cvss 8.8epss 0.01

    A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to execute arbitrary code on an affected device or cause the device to reload. This vulnerability is due to…

  • CVE-2020-3535HigOct 8, 2020
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in the loading mechanism of specific DLLs in the Cisco Webex Teams client for Windows could allow an authenticated, local attacker to load a malicious library. To exploit this vulnerability, the attacker needs valid credentials on the Windows system. The…

  • CVE-2020-3467HigOct 8, 2020
    risk 0.50cvss 7.7epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to modify parts of the configuration on an affected device. The vulnerability is due to improper enforcement of role-based access control…

  • CVE-2020-15177HigOct 7, 2020
    risk 0.00cvss 8.0epss 0.01

    In GLPI before version 9.5.2, the `install/install.php` endpoint insecurely stores user input into the database as `url_base` and `url_base_api`. These settings are referenced throughout the application and allow for vulnerabilities like Cross-Site Scripting and Insecure…

  • CVE-2020-15176HigOct 7, 2020
    risk 0.00cvss 8.7epss 0.01

    In GLPI before version 9.5.2, when supplying a back tick in input that gets put into a SQL query,the application does not escape or sanitize allowing for SQL Injection to occur. Leveraging this vulnerability an attacker is able to exfiltrate sensitive information like passwords,…

  • CVE-2020-15175HigOct 7, 2020
    risk 0.06cvss 7.4epss 0.71

    In GLPI before version 9.5.2, the `​pluginimage.send.php​` endpoint allows a user to specify an image from a plugin. The parameters can be maliciously crafted to instead delete the .htaccess file for the files directory. Any user becomes able to read all the files and…

  • CVE-2020-26880HigOct 7, 2020
    risk 0.51cvss 7.8epss 0.00

    Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file (which is owned by sympa) and parsing it through the setuid sympa_newaliases-wrapper executable.

  • CVE-2020-26876HigOct 7, 2020
    risk 0.49cvss 7.5epss 0.09

    The wp-courses plugin through 2.0.27 for WordPress allows remote attackers to bypass the intended payment step (for course videos and materials) by using the /wp-json REST API, as exploited in the wild in September 2020. This occurs because show_in_rest is enabled for custom…

  • CVE-2020-26596HigOct 7, 2020
    risk 0.58cvss 8.8epss 0.06

    The Dynamic OOO widget for the Elementor Pro plugin through 3.0.5 for WordPress allows remote authenticated users to execute arbitrary code because only the Editor role is needed to upload executable PHP code via the PHP Raw snippet. NOTE: this issue can be mitigated by removing…

  • CVE-2020-24246HigOct 7, 2020
    risk 0.49cvss 7.5epss 0.01

    Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files (/filemanager/php/connector.php) from Web Admin.

  • CVE-2019-16160HigOct 7, 2020
    risk 0.49cvss 7.5epss 0.03

    An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service.

  • CVE-2020-25985HigOct 7, 2020
    risk 0.53cvss 8.1epss 0.02

    MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver (php files can be unlinked and not deleted).

  • CVE-2020-7742HigOct 7, 2020
    risk 0.42cvss 7.5epss 0.02

    This affects the package simpl-schema before 1.10.2.

  • CVE-2020-26606HigOct 6, 2020
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. An attacker can access certain Secure Folder content via a debugging command. The Samsung ID is SVE-2020-18673 (October 2020).

  • CVE-2020-26605HigOct 6, 2020
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Exynos chipsets) software. They allow attackers to obtain sensitive information by reading a log. The Samsung ID is SVE-2020-18596 (October 2020).

  • CVE-2020-26604HigOct 6, 2020
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered in SystemUI on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. PendingIntent allows an unprivileged process to access contact numbers. The Samsung ID is SVE-2020-18467 (October 2020).

  • CVE-2020-26602HigOct 6, 2020
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered in EthernetNetwork on Samsung mobile devices with O(8.1), P(9.0), Q(10.0), and R(11.0) software. PendingIntent allows sdcard access by an unprivileged process. The Samsung ID is SVE-2020-18392 (October 2020).

  • CVE-2020-26601HigOct 6, 2020
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered in DirEncryptService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. PendingIntent with an empty intent is mishandled, allowing an attacker to perform a privileged action via a modified intent. The Samsung ID is SVE-2020-18034…

  • CVE-2020-26600HigOct 6, 2020
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered on Samsung mobile devices with Q(10.0) software. Auto Hotspot allows attackers to obtain sensitive information. The Samsung ID is SVE-2020-17288 (October 2020).

  • CVE-2020-26598HigOct 6, 2020
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, and 9.0 software. The Network Management component could allow an unauthorized actor to kill a TCP connection. The LG ID is LVE-SMP-200023 (October 2020).

  • CVE-2020-26597HigOct 6, 2020
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered on LG mobile devices with Android OS 9.0 and 10 software. The Wi-Fi subsystem has incorrect input validation, leading to a crash. The LG ID is LVE-SMP-200022 (October 2020).

  • CVE-2020-16267HigOct 6, 2020
    risk 0.61cvss 8.8epss 0.43

    Zoho ManageEngine Applications Manager version 14740 and prior allows an authenticated SQL Injection via a crafted jsp request in the RCA module.

  • CVE-2020-15927HigOct 6, 2020
    risk 0.60cvss 8.8epss 0.40

    Zoho ManageEngine Applications Manager version 14740 and prior allows an authenticated SQL Injection via a crafted jsp request in the SAP module.

  • CVE-2020-13343HigOct 6, 2020
    risk 0.49cvss 7.5epss 0.02

    An issue has been discovered in GitLab affecting all versions starting from 11.2. Unauthorized Users Can View Custom Project Template

  • CVE-2020-7740HigOct 6, 2020
    risk 0.53cvss 8.2epss 0.02

    This affects all versions of package node-pdf-generator. Due to lack of user input validation and sanitization done to the content given to node-pdf-generator, it is possible for an attacker to craft a url that will be passed to an external server allowing an SSRF attack.

  • CVE-2020-24807HigOct 6, 2020
    risk 0.51cvss 7.8epss 0.02

    The socket.io-file package through 2.0.31 for Node.js relies on client-side validation of file types, which allows remote attackers to execute arbitrary code by uploading an executable file via a modified JSON name field. NOTE: This vulnerability only affects products that are…

  • CVE-2020-1906HigOct 6, 2020
    risk 0.51cvss 7.8epss 0.00

    A buffer overflow in WhatsApp for Android prior to v2.20.130 and WhatsApp Business for Android prior to v2.20.46 could have allowed an out-of-bounds write when processing malformed local videos with E-AC-3 audio streams.

  • CVE-2020-1902HigOct 6, 2020
    risk 0.49cvss 7.5epss 0.01

    A user running a quick search on a highly forwarded message on WhatsApp for Android from v2.20.108 to v2.20.140 or WhatsApp Business for Android from v2.20.35 to v2.20.49 could have been sent to the Google service over plain HTTP.

  • CVE-2020-15174HigOct 6, 2020
    risk 0.42cvss 7.5epss 0.01

    In Electron before versions 11.0.0-beta.1, 10.0.1, 9.3.0 or 8.5.1 the `will-navigate` event that apps use to prevent navigations to unexpected destinations as per our security recommendations can be bypassed when a sub-frame performs a top-frame navigation across sites. The…

  • CVE-2019-4326HigOct 6, 2020
    risk 0.49cvss 7.5epss 0.01

    "HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header."

  • CVE-2020-26582HigOct 6, 2020
    risk 0.58cvss 8.8epss 0.05

    D-Link DAP-1360U before 3.0.1 devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the IP JSON value for ping (aka res_config_action=3&res_config_id=18).

  • CVE-2020-7739HigOct 6, 2020
    risk 0.53cvss 8.2epss 0.01

    This affects all versions of package phantomjs-seo. It is possible for an attacker to craft a url that will be passed to a PhantomJS instance allowing for an SSRF attack.

  • CVE-2020-26575HigOct 6, 2020
    risk 0.00cvss 7.5epss 0.03

    In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.

  • CVE-2020-25866HigOct 6, 2020
    risk 0.00cvss 7.5epss 0.04

    In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and…

  • CVE-2020-25863HigOct 6, 2020
    risk 0.00cvss 7.5epss 0.05

    In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.

  • CVE-2020-25862HigOct 6, 2020
    risk 0.00cvss 7.5epss 0.02

    In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.

  • CVE-2019-19200HigOct 6, 2020
    risk 0.57cvss 8.8epss 0.02

    REDDOXX MailDepot 2032 2.2.1242 allows authenticated users to access the mailboxes of other users.

  • CVE-2020-8782HigOct 6, 2020
    risk 0.49cvss 7.5epss 0.02

    Unauthenticated RPC server on ALEOS before 4.4.9, 4.9.5, and 4.14.0 allows remote code execution.

  • CVE-2020-8781HigOct 6, 2020
    risk 0.51cvss 7.8epss 0.00

    Lack of input sanitization in UpdateRebootMgr service of ALEOS 4.11 and later allow an escalation to root from a low-privilege process.

  • CVE-2020-7466HigOct 6, 2020
    risk 0.49cvss 7.5epss 0.02

    The PPP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted PPP authentication message to cause the daemon to read beyond allocated memory buffer, which would result in a denial of service condition.

  • CVE-2020-25644HigOct 6, 2020
    risk 0.42cvss 7.5epss 0.02

    A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow the attacker to cause OOM leading to a denial of service. The highest threat from this vulnerability is to system availability.

  • CVE-2020-25643HigOct 6, 2020
    risk 0.00cvss 7.2epss 0.03

    A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest…