VYPR

CVEs

100,472 total · page 1394 of 2,010

  • CVE-2020-3991HigOct 16, 2020
    risk 0.46cvss 7.1epss 0.00

    VMware Horizon Client for Windows (5.x before 5.5.0) contains a denial-of-service vulnerability due to a file system access control issue during install time. Successful exploitation of this issue may allow an attacker to overwrite certain admin privileged files through a…

  • CVE-2020-26682HigOct 16, 2020
    risk 0.00cvss 8.8epss 0.02

    In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow.

  • CVE-2020-15867HigOct 16, 2020
    risk 0.57cvss 7.2epss 0.88

    The git hook feature in Gogs 0.5.5 through 0.12.2 allows for authenticated remote code execution. There can be a privilege escalation if access to this hook feature is granted to a user who does not have administrative privileges. NOTE: because this is mentioned in the…

  • CVE-2020-14144HigOct 16, 2020
    risk 0.03cvss 7.2epss 0.94

    The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the…

  • CVE-2020-26893HigOct 16, 2020
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed copy of ClamXAV 2 (running with an injected malicious dylib) to communicate with ClamXAV 3's helper tool and perform privileged operations. This occurs because of inadequate client…

  • CVE-2020-25829HigOct 16, 2020
    risk 0.49cvss 7.5epss 0.06

    An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC Secure state, via a DNS ANY…

  • CVE-2020-27176HigOct 16, 2020
    risk 0.54cvss 8.3epss 0.02

    Mutation XSS exists in Mark Text through 0.16.2 that leads to Remote Code Execution. NOTE: this might be considered a duplicate of CVE-2020-26870; however, it can also be considered an issue in the design of the "source code mode" feature, which parses HTML even though HTML…

  • CVE-2020-27174HigOct 16, 2020
    risk 0.00cvss 7.5epss 0.02

    In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than…

  • CVE-2020-27173HigOct 16, 2020
    risk 0.00cvss 7.5epss 0.02

    In vm-superio before 0.1.1, the serial console FIFO can grow to unlimited memory usage when data is sent to the input source (i.e., standard input). This behavior cannot be reproduced from the guest side. When no rate limiting is in place, the host can be subject to memory…

  • CVE-2020-7591HigOct 15, 2020
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been identified in SIPORT MP (All versions < 3.2.1). Vulnerable versions of the device could allow an authenticated attacker to impersonate other users of the system and perform (potentially administrative) actions on behalf of those users if the single…

  • CVE-2020-12503HigOct 15, 2020
    risk 0.49cvss 7.2epss 0.23

    Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3…

  • CVE-2020-12502HigOct 15, 2020
    risk 0.57cvss 8.8epss 0.01

    Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3…

  • CVE-2020-25858HigOct 15, 2020
    risk 0.50cvss 7.5epss 0.10

    The QCMAP_Web_CLIENT binary in the Qualcomm QCMAP software suite prior to versions released in October 2020 does not validate the return value of a strstr() or strchr() call in the Tokenizer() function. An attacker who invokes the web interface with a crafted URL can crash the…

  • CVE-2020-6108HigOct 15, 2020
    risk 0.51cvss 7.8epss 0.02

    An exploitable code execution vulnerability exists in the fsck_chk_orphan_node functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause a heap buffer overflow resulting in a code execution. An attacker can provide a malicious file to trigger this…

  • CVE-2020-6105HigOct 15, 2020
    risk 0.51cvss 7.8epss 0.02

    An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause Information overwrite resulting in a code execution. An attacker can provide a malicious file to trigger this…

  • CVE-2020-11642HigOct 15, 2020
    risk 0.50cvss 7.7epss 0.01

    The local file inclusion vulnerability present in B&R SiteManager versions <9.2.620236042 allows authenticated users to impact availability of SiteManager instances.

  • CVE-2020-11641HigOct 15, 2020
    risk 0.50cvss 7.7epss 0.01

    A local file inclusion vulnerability in B&R SiteManager versions <9.2.620236042 allows authenticated users to read sensitive files from SiteManager instances.

  • CVE-2020-7334HigOct 15, 2020
    risk 0.50cvss 7.7epss 0.00

    Improper privilege assignment vulnerability in the installer McAfee Application and Change Control (MACC) prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer. This…

  • CVE-2020-27157HigOct 15, 2020
    risk 0.53cvss 8.1epss 0.01

    Veritas APTARE versions prior to 10.5 included code that bypassed the normal login process when specific authentication credentials were provided to the server. An unauthenticated user could login to the application and gain access to the data and functionality accessible to the…

  • CVE-2020-5642HigOct 15, 2020
    risk 0.57cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in Live Chat - Live support version 3.1.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

  • CVE-2020-27153HigOct 15, 2020
    risk 0.49cvss 8.6epss 0.04

    In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event.

  • CVE-2020-6374HigOct 15, 2020
    risk 0.51cvss 7.8epss 0.01

    SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated Jupiter Tessallation(.jt) file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is…

  • CVE-2020-6373HigOct 15, 2020
    risk 0.51cvss 7.8epss 0.01

    SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper…

  • CVE-2020-6372HigOct 15, 2020
    risk 0.51cvss 7.8epss 0.01

    SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper…

  • CVE-2020-8350HigOct 14, 2020
    risk 0.57cvss 8.8epss 0.01

    An authentication bypass vulnerability was reported in Lenovo ThinkPad Stack Wireless Router firmware version 1.1.3.4 that could allow escalation of privilege.

  • CVE-2020-8345HigOct 14, 2020
    risk 0.47cvss 7.3epss 0.00

    A DLL search path vulnerability was reported in the Lenovo HardwareScan Plugin for the Lenovo Vantage hardware scan feature prior to version 1.0.46.11 that could allow escalation of privilege.

  • CVE-2020-8338HigOct 14, 2020
    risk 0.51cvss 7.8epss 0.00

    A DLL search path vulnerability was reported in Lenovo Diagnostics prior to version 4.35.4 that could allow a user with local access to execute code on the system.

  • CVE-2020-3483HigOct 14, 2020
    risk 0.46cvss 7.1epss 0.00

    Duo has identified and fixed an issue with the Duo Network Gateway (DNG) product in which some customer-provided SSL certificates and private keys were not excluded from logging. This issue resulted in certificate and private key information being written out in plain-text to…

  • CVE-2020-15253HigOct 14, 2020
    risk 0.00cvss 7.3epss 0.01

    Versions of Grocy <= 2.7.1 are vulnerable to Cross-Site Scripting via the Create Shopping List module, that is rendered upon deleting that Shopping List. The issue was also found in users, batteries, chores, equipment, locations, quantity units, shopping locations, tasks,…

  • CVE-2020-15229HigOct 14, 2020
    risk 0.46cvss 8.2epss 0.02

    Singularity (an open source container platform) from version 3.1.1 through 3.6.3 has a vulnerability. Due to insecure handling of path traversal and the lack of path sanitization within `unsquashfs`, it is possible to overwrite/create any files on the host filesystem during the…

  • CVE-2020-9746HigOct 14, 2020
    risk 0.46cvss 7.0epss 0.04

    Adobe Flash Player version 32.0.0.433 (and earlier) are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution. Exploitation of this issue requires an attacker to insert malicious strings in an HTTP response…

  • CVE-2020-0423HigOct 14, 2020
    risk 0.51cvss 7.8epss 0.01

    In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0421HigOct 14, 2020
    risk 0.51cvss 7.8epss 0.00

    In appendFormatV of String8.cpp, there is a possible out of bounds write due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0420HigOct 14, 2020
    risk 0.51cvss 7.8epss 0.00

    In setUpdatableDriverPath of GpuService.cpp, there is a possible memory corruption due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0416HigOct 14, 2020
    risk 0.57cvss 8.8epss 0.01

    In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2020-0413HigOct 14, 2020
    risk 0.49cvss 7.5epss 0.01

    In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-0408HigOct 14, 2020
    risk 0.51cvss 7.8epss 0.00

    In remove of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11…

  • CVE-2020-0377HigOct 14, 2020
    risk 0.49cvss 7.5epss 0.02

    In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-6087HigOct 14, 2020
    risk 0.49cvss 7.5epss 0.04

    An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can…

  • CVE-2020-6086HigOct 14, 2020
    risk 0.49cvss 7.5epss 0.04

    An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can…

  • CVE-2020-6083HigOct 14, 2020
    risk 0.49cvss 7.5epss 0.04

    An exploitable denial of service vulnerability exists in the ENIP Request Path Port Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can…

  • CVE-2020-25188HigOct 14, 2020
    risk 0.51cvss 7.8epss 0.02

    An attacker who convinces a valid user to open a specially crafted project file to exploit could execute code under the privileges of the application due to an out-of-bounds read vulnerability on the LAquis SCADA (Versions prior to 4.3.1.870).

  • CVE-2019-2194HigOct 14, 2020
    risk 0.51cvss 7.8epss 0.00

    In SurfaceFlinger::createLayer of SurfaceFlinger.cpp, there is a possible arbitrary code execution due to improper casting. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-7330HigOct 14, 2020
    risk 0.49cvss 7.5epss 0.00

    Privilege Escalation vulnerability in McAfee Total Protection (MTP) trial prior to 4.0.176.1 allows local users to schedule tasks which call malicious software to execute with elevated privileges via editing of environment variables

  • CVE-2020-12928HigOct 13, 2020
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in a dynamically loaded AMD driver in AMD Ryzen Master V15 may allow any authenticated user to escalate privileges to NT authority system.

  • CVE-2020-25645HigOct 13, 2020
    risk 0.49cvss 7.5epss 0.02

    A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic…

  • CVE-2018-20243HigOct 13, 2020
    risk 0.49cvss 7.5epss 0.03

    The implementation of POST with the username and password in the URL parameters exposed the credentials. More infomration is available in fineract jira issues 726 and 629.

  • CVE-2020-15251HigOct 13, 2020
    risk 0.00cvss 7.7epss 0.01

    In the Channelmgnt plug-in for Sopel (a Python IRC bot) before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected.…

  • CVE-2020-17417HigOct 13, 2020
    risk 0.51cvss 7.8epss 0.09

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.1.35811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…

  • CVE-2020-17416HigOct 13, 2020
    risk 0.51cvss 7.8epss 0.09

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.0.35798. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…