VYPR

CVEs

100,472 total · page 1397 of 2,010

  • CVE-2020-26061HigOct 5, 2020
    risk 0.49cvss 7.5epss 0.04

    ClickStudios Passwordstate Password Reset Portal prior to build 8501 is affected by an authentication bypass vulnerability. The ResetPassword function does not validate whether the user has successfully authenticated using security questions. An unauthenticated, remote attacker…

  • CVE-2020-12302HigOct 5, 2020
    risk 0.51cvss 7.8epss 0.00

    Improper permissions in the Intel(R) Driver & Support Assistant before version 20.7.26.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2019-14557HigOct 5, 2020
    risk 0.52cvss 8.0epss 0.01

    Buffer overflow in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable elevation of privilege or denial of service via adjacent access.

  • CVE-2017-18924HigOct 4, 2020
    risk 0.49cvss 7.5epss 0.02

    oauth2-server (aka node-oauth2-server) through 3.1.1 implements OAuth 2.0 without PKCE. It does not prevent authorization code injection. This is similar to CVE-2020-7692. NOTE: the vendor states 'As RFC7636 is an extension, I think the claim in the Readme of "RFC 6749…

  • CVE-2020-25776HigOct 2, 2020
    risk 0.51cvss 7.8epss 0.01

    Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a symbolic link privilege escalation attack where an attacker could exploit a critical file on the system to escalate their privileges. An attacker must first obtain the ability to execute low-privileged code on the…

  • CVE-2020-5988HigOct 2, 2020
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

  • CVE-2020-5987HigOct 2, 2020
    risk 0.51cvss 7.8epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest after the plugin has validated them, which may lead to the guest being able to pass invalid parameters to plugin handlers, which may lead to…

  • CVE-2020-5985HigOct 2, 2020
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

  • CVE-2020-5984HigOct 2, 2020
    risk 0.51cvss 7.8epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resources, which may lead to denial of service, code execution, and information disclosure. This affects vGPU version 8.x (prior to…

  • CVE-2020-5983HigOct 2, 2020
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel module, in which the potential exists to write to a memory location that is outside the intended boundary of the frame buffer memory allocated to guest operating systems, which may…

  • CVE-2020-24397HigOct 2, 2020
    risk 0.49cvss 7.2epss 0.28

    An issue was discovered in the client side of Zoho ManageEngine Desktop Central 10.0.0.SP-534. An attacker-controlled server can trigger an integer overflow in InternetSendRequestEx and InternetSendRequestByBitrate that leads to a heap-based buffer overflow and Remote Code…

  • CVE-2020-15589HigOct 2, 2020
    risk 0.53cvss 8.1epss 0.08

    A design issue was discovered in GetInternetRequestHandle, InternetSendRequestEx and InternetSendRequestByBitrate in the client side of Zoho ManageEngine Desktop Central 10.0.552.W and Remote Access Plus before 10.1.2119.1. By exploiting this issue, an attacker-controlled server…

  • CVE-2020-13337HigOct 2, 2020
    risk 0.47cvss 7.2epss 0.01

    An issue has been discovered in GitLab affecting versions from 12.10 to 12.10.12 that allowed for a stored XSS payload to be added as a group name.

  • CVE-2020-5981HigOct 2, 2020
    risk 0.51cvss 7.8epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX11 user mode driver (nvwgf2um/x.dll), in which a specially crafted shader can cause an out of bounds access, which may lead to denial of service or code execution.

  • CVE-2020-5980HigOct 2, 2020
    risk 0.51cvss 7.8epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in multiple components in which a securely loaded system DLL will load its dependencies in an insecure fashion, which may lead to code execution or denial of service.

  • CVE-2020-5979HigOct 2, 2020
    risk 0.51cvss 7.8epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which a user is presented with a dialog box for input by a high-privilege process, which may lead to escalation of privileges.

  • CVE-2020-24628HigOct 2, 2020
    risk 0.57cvss 8.8epss 0.01

    A remote code injection vulnerability was discovered in HPE KVM IP Console Switches version(s): G2 4x1Ex32 Prior to 2.8.3.

  • CVE-2020-15230HigOct 2, 2020
    risk 0.48cvss 8.5epss 0.02

    Vapor is a web framework for Swift. In Vapor before version 4.29.4, Attackers can access data at arbitrary filesystem paths on the same host as an application. Only applications using FileMiddleware are affected. This is fixed in version 4.29.4.

  • CVE-2020-18184HigOct 2, 2020
    risk 0.47cvss 7.2epss 0.01

    In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_edittpl.php allows remote attackers to execute arbitrary PHP code by placing this code into a template.

  • CVE-2020-25623HigOct 2, 2020
    risk 0.49cvss 7.5epss 0.03

    Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Directory Traversal. An attacker can send a crafted HTTP request to read arbitrary files, if httpd in the inets application is used.

  • CVE-2020-7738HigOct 2, 2020
    risk 0.54cvss 8.3epss 0.02

    All versions of package shiba are vulnerable to Arbitrary Code Execution due to the default usage of the function load() of the package js-yaml instead of its secure replacement , safeLoad().

  • CVE-2020-7737HigOct 2, 2020
    risk 0.48cvss 7.3epss 0.01

    All versions of package safetydance are vulnerable to Prototype Pollution via the set function.

  • CVE-2020-7736HigOct 2, 2020
    risk 0.41cvss 7.3epss 0.01

    The package bmoor before 0.8.12 are vulnerable to Prototype Pollution via the set function.

  • CVE-2020-26124HigOct 2, 2020
    risk 0.08cvss 8.8epss 0.67

    openmediavault before 4.1.36 and 5.x before 5.5.12 allows authenticated PHP code injection attacks, via the sortfield POST parameter of rpc.php, because json_encode_safe is not used in config/databasebackend.inc. Successful exploitation allows arbitrary command execution on the…

  • CVE-2020-24697HigOct 2, 2020
    risk 0.49cvss 7.5epss 0.04

    An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can cause a denial of service by sending crafted queries with a GSS-TSIG signature.

  • CVE-2020-24696HigOct 2, 2020
    risk 0.53cvss 8.1epss 0.01

    An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG…

  • CVE-2020-17382HigOct 2, 2020
    risk 0.54cvss 7.8epss 0.02

    The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow (0x80102040, 0x80102044, 0x80102050,and 0x80102054).

  • CVE-2020-14293HigOct 2, 2020
    risk 0.49cvss 7.5epss 0.05

    conf_datetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field (obtained from the web interface).

  • CVE-2020-12127HigOct 2, 2020
    risk 0.49cvss 7.5epss 0.07

    An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication.

  • CVE-2020-12123HigOct 2, 2020
    risk 0.53cvss 8.1epss 0.00

    CSRF vulnerabilities in the /cgi-bin/ directory of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to remotely access router endpoints, because these endpoints do not contain CSRF tokens. If a user is authenticated in the router portal, then this attack will work.

  • CVE-2019-19199HigOct 2, 2020
    risk 0.48cvss 7.4epss 0.01

    REDDOXX MailDepot 2032 SP2 2.2.1242 has Insufficient Session Expiration because tokens are not invalidated upon a logout.

  • CVE-2020-26540HigOct 2, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Foxit Reader and PhantomPDF before 4.1 on macOS. Because the Hardened Runtime protection mechanism is not applied to code signing, code injection (or an information leak) can occur.

  • CVE-2020-26538HigOct 2, 2020
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in Foxit Reader and PhantomPDF before 10.1. It allows attackers to execute arbitrary code via a Trojan horse taskkill.exe in the current working directory.

  • CVE-2020-26511HigOct 2, 2020
    risk 0.49cvss 7.5epss 0.02

    The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass.

  • CVE-2020-9491HigOct 1, 2020
    risk 0.42cvss 7.5epss 0.03

    In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. However intracluster communication such as cluster request replication, Site-to-Site, and…

  • CVE-2020-9487HigOct 1, 2020
    risk 0.42cvss 7.5epss 0.03

    In Apache NiFi 1.0.0 to 1.11.4, the NiFi download token (one-time password) mechanism used a fixed cache size and did not authenticate a request to create a download token, only when attempting to use the token to access the content. An unauthenticated user could repeatedly…

  • CVE-2020-9486HigOct 1, 2020
    risk 0.42cvss 7.5epss 0.04

    In Apache NiFi 1.10.0 to 1.11.4, the NiFi stateless execution engine produced log output which included sensitive property values. When a flow was triggered, the flow definition configuration JSON was printed, potentially containing sensitive values in plaintext.

  • CVE-2020-5786HigOct 1, 2020
    risk 0.58cvss 8.8epss 0.09

    Cross-site request forgery in Teltonika firmware TRB2_R_00.02.04.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link.

  • CVE-2020-11979HigOct 1, 2020
    risk 0.42cvss 7.5epss 0.08

    As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively…

  • CVE-2020-15678HigOct 1, 2020
    risk 0.57cvss 8.8epss 0.02

    When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This occurs because the function APZCTreeManager::ComputeClippedCompositionBounds did not follow iterator invalidation rules. This vulnerability…

  • CVE-2020-15675HigOct 1, 2020
    risk 0.57cvss 8.8epss 0.01

    When processing surfaces, the lifetime may outlive a persistent buffer leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 81.

  • CVE-2020-15674HigOct 1, 2020
    risk 0.57cvss 8.8epss 0.01

    Mozilla developers reported memory safety bugs present in Firefox 80. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 81.

  • CVE-2020-15673HigOct 1, 2020
    risk 0.57cvss 8.8epss 0.02

    Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects…

  • CVE-2020-15670HigOct 1, 2020
    risk 0.57cvss 8.8epss 0.01

    Mozilla developers reported memory safety bugs present in Firefox for Android 79. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox <…

  • CVE-2020-15669HigOct 1, 2020
    risk 0.57cvss 8.8epss 0.01

    When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. This results in a use-after-free and we presume that with enough effort it could have been exploited to run arbitrary code. This vulnerability affects Firefox…

  • CVE-2020-15667HigOct 1, 2020
    risk 0.57cvss 8.8epss 0.02

    When processing a MAR update file, after the signature has been validated, an invalid name length could result in a heap overflow, leading to memory corruption and potentially arbitrary code execution. Within Firefox as released by Mozilla, this issue is only exploitable with…

  • CVE-2020-15663HigOct 1, 2020
    risk 0.57cvss 8.8epss 0.03

    If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the version could have…

  • CVE-2020-15227HigOct 1, 2020
    risk 0.59cvss 8.7epss 0.35

    Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 are vulnerable to an code injection attack by passing specially formed parameters to URL that may possibly leading to RCE. Nette is a PHP/Composer MVC Framework.

  • CVE-2020-25018HigOct 1, 2020
    risk 0.49cvss 7.5epss 0.01

    Envoy master between 2d69e30 and 3b5acb2 may fail to parse request URL that requires host canonicalization.

  • CVE-2020-25017HigOct 1, 2020
    risk 0.54cvss 8.3epss 0.01

    Envoy through 1.15.0 only considers the first value when multiple header values are present for some HTTP headers. Envoy’s setCopy() header map API does not replace all existing occurences of a non-inline header.