VYPR

CVEs

101,963 total · page 1402 of 2,040

  • CVE-2020-25461HigDec 4, 2020
    risk 0.49cvss 7.5epss 0.01

    Invalid Memory Access in the fxProxyGetter function in moddable/xs/sources/xsProxy.c in Moddable SDK before OS200908 causes a denial of service (SEGV).

  • CVE-2020-27408HigDec 4, 2020
    risk 0.49cvss 7.5epss 0.02

    OpenSIS Community Edition through 7.6 is affected by incorrect access controls for the file ResetUserInfo.php that allow an unauthenticated attacker to change the password of arbitrary users.

  • CVE-2020-27766HigDec 4, 2020
    risk 0.51cvss 7.8epss 0.01

    A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long`. This would most likely lead to an impact to…

  • CVE-2020-5675HigDec 4, 2020
    risk 0.49cvss 7.5epss 0.03

    Out-of-bounds read vulnerability in GT21 model of GOT2000 series (GT2107-WTBD V01.39.000 and earlier, GT2107-WTSD V01.39.000 and earlier, GT2104-RTBD V01.39.000 and earlier, GT2104-PMBD V01.39.000 and earlier, and GT2103-PMBD V01.39.000 and earlier), GS21 model of GOT series…

  • CVE-2020-29534HigDec 3, 2020
    risk 0.00cvss 7.8epss 0.00

    An issue was discovered in the Linux kernel before 5.9.3. io_uring takes a non-refcounted reference to the files_struct of the process that submitted a request, causing execve() to incorrectly optimize unshare_fd(), aka CID-0f2122045b94.

  • CVE-2020-29529HigDec 3, 2020
    risk 0.42cvss 7.5epss 0.03

    HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks. Fixed in 0.5.0.

  • CVE-2020-23740HigDec 3, 2020
    risk 0.51cvss 7.8epss 0.00

    In DriverGenius 9.61.5480.28 there is a local privilege escalation vulnerability in the driver wizard, attackers can use constructed programs to increase user privileges.

  • CVE-2020-17527HigDec 3, 2020
    risk 0.44cvss 7.5epss 0.25

    While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent…

  • CVE-2020-28175HigDec 3, 2020
    risk 0.51cvss 7.8epss 0.00

    There is a local privilege escalation vulnerability in Alfredo Milani Comparetti SpeedFan 4.52. Attackers can use constructed programs to increase user privileges

  • CVE-2020-13525HigDec 3, 2020
    risk 0.57cvss 8.8epss 0.02

    The sort parameter in the download page /sysworkflow/en/neoclassic/reportTables/reportTables_Ajax is vulnerable to SQL injection in ProcessMaker 3.4.11. A specially crafted HTTP request can cause an SQL injection. An attacker can make an authenticated HTTP request to trigger…

  • CVE-2020-28251HigDec 3, 2020
    risk 0.53cvss 8.1epss 0.01

    NETSCOUT AirMagnet Enterprise 11.1.4 build 37257 and earlier has a sensor escalated privileges vulnerability that can be exploited to provide someone with administrative access to a sensor, with credentials to invoke a command to provide root access to the operating system. The…

  • CVE-2020-27778HigDec 3, 2020
    risk 0.49cvss 7.5epss 0.02

    A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service.

  • CVE-2020-25693HigDec 3, 2020
    risk 0.53cvss 8.1epss 0.01

    A flaw was found in CImg in versions prior to 2.9.3. Integer overflows leading to heap buffer overflows in load_pnm() can be triggered by a specially crafted input file processed by CImg, which can lead to an impact to application availability or data integrity.

  • CVE-2020-25649HigDec 3, 2020
    risk 0.43cvss 7.5epss 0.18

    A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.

  • CVE-2020-23735HigDec 3, 2020
    risk 0.51cvss 7.8epss 0.00

    In Saibo Cyber Game Accelerator 3.7.9 there is a local privilege escalation vulnerability. Attackers can use the constructed program to increase user privileges

  • CVE-2020-14381HigDec 3, 2020
    risk 0.00cvss 7.8epss 0.01

    A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to…

  • CVE-2020-14351HigDec 3, 2020
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data…

  • CVE-2020-14339HigDec 3, 2020
    risk 0.57cvss 8.8epss 0.00

    A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform…

  • CVE-2020-13584HigDec 3, 2020
    risk 0.58cvss 8.8epss 0.04

    An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in a remote code execution. The victim needs to visit a malicious web site to trigger this vulnerability.

  • CVE-2020-13543HigDec 3, 2020
    risk 0.57cvss 8.8epss 0.03

    A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this…

  • CVE-2020-13542HigDec 3, 2020
    risk 0.51cvss 7.8epss 0.01

    A local privilege elevation vulnerability exists in the file system permissions of LogicalDoc 8.5.1 installation. Depending on the vector chosen, an attacker can either replace the service binary or replace DLL files loaded by the service, both which get executed by a service…

  • CVE-2020-13531HigDec 3, 2020
    risk 0.57cvss 8.8epss 0.03

    A use-after-free vulnerability exists in a way Pixar OpenUSD 20.08 processes reference paths textual USD files. A specially crafted file can trigger the reuse of a freed memory which can result in further memory corruption and arbitrary code execution. To trigger this…

  • CVE-2020-2324HigDec 3, 2020
    risk 0.42cvss 7.5epss 0.01

    Jenkins CVS Plugin 2.16 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

  • CVE-2020-2322HigDec 3, 2020
    risk 0.00cvss 7.5epss 0.01

    Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to generate load and to generate memory leaks.

  • CVE-2020-2321HigDec 3, 2020
    risk 0.46cvss 8.1epss 0.01

    A cross-site request forgery (CSRF) vulnerability in Jenkins Shelve Project Plugin 3.0 and earlier allows attackers to shelve, unshelve, or delete a project.

  • CVE-2020-28939HigDec 3, 2020
    risk 0.47cvss 7.2epss 0.02

    OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability. This vulnerability allows authenticated users (with substantial privileges) to upload malicious files, such as PHP web shells, which can lead to arbitrary code execution on the…

  • CVE-2020-28937HigDec 3, 2020
    risk 0.49cvss 7.5epss 0.01

    OpenClinic version 0.8.2 is affected by a missing authentication vulnerability that allows unauthenticated users to access any patient's medical test results, possibly resulting in disclosure of Protected Health Information (PHI) stored in the application, via a direct request…

  • CVE-2020-6021HigDec 3, 2020
    risk 0.51cvss 7.8epss 0.00

    Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a…

  • CVE-2020-6111HigDec 3, 2020
    risk 0.49cvss 7.5epss 0.05

    An exploitable denial-of-service vulnerability exists in the IPv4 functionality of Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems Series B FRN 16.000, Series B FRN 15.002, Series B FRN 15.000, Series B FRN 14.000, Series B FRN 13.000, Series B FRN 12.000,…

  • CVE-2020-5680HigDec 3, 2020
    risk 0.49cvss 7.5epss 0.01

    Improper input validation vulnerability in EC-CUBE versions from 3.0.5 to 3.0.18 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vector.

  • CVE-2020-5676HigDec 3, 2020
    risk 0.49cvss 7.5epss 0.02

    GROWI v4.1.3 and earlier allow remote attackers to obtain information which is not allowed to access via unspecified vectors.

  • CVE-2020-26246HigDec 3, 2020
    risk 0.00cvss 7.7epss 0.01

    Pimcore is an open source digital experience platform. In Pimcore before version 6.8.5 it is possible to modify & create website settings without having the appropriate permissions.

  • CVE-2020-13493HigDec 2, 2020
    risk 0.51cvss 7.8epss 0.01

    A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. A specially crafted USDC file format path jumps decompression heap overflow in a way path jumps are processed. To trigger this vulnerability, the victim…

  • CVE-2017-2910HigDec 2, 2020
    risk 0.57cvss 8.8epss 0.02

    An exploitable Out-of-bounds Write vulnerability exists in the xls_addCell function of libxls 2.0. A specially crafted xls file can cause a memory corruption resulting in remote code execution. An attacker can send malicious xls file to trigger this vulnerability.

  • CVE-2020-25638HigDec 2, 2020
    risk 0.41cvss 7.4epss 0.03

    A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access…

  • CVE-2020-12524HigDec 2, 2020
    risk 0.49cvss 7.5epss 0.01

    Uncontrolled Resource Consumption can be exploited to cause the Phoenix Contact HMIs BTP 2043W, BTP 2070W and BTP 2102W in all versions to become unresponsive and not accurately update the display content (Denial of Service).

  • CVE-2020-29458HigDec 2, 2020
    risk 0.57cvss 8.8epss 0.01

    Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem.

  • CVE-2020-5423HigDec 2, 2020
    risk 0.49cvss 7.5epss 0.01

    CAPI (Cloud Controller) versions prior to 1.101.0 are vulnerable to a denial-of-service attack in which an unauthenticated malicious attacker can send specially-crafted YAML files to certain endpoints, causing the YAML parser to consume excessive CPU and RAM.

  • CVE-2020-27813HigDec 2, 2020
    risk 0.42cvss 7.5epss 0.02

    An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.

  • CVE-2020-14305HigDec 2, 2020
    risk 0.53cvss 8.1epss 0.05

    An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest…

  • CVE-2020-8539HigDec 1, 2020
    risk 0.54cvss 7.8epss 0.02

    Kia Motors Head Unit with Software version: SOP.003.30.18.0703, SOP.005.7.181019, and SOP.007.1.191209 may allow an attacker to inject unauthorized commands, by executing the micomd executable deamon, to trigger unintended functionalities. In addition, this executable may be…

  • CVE-2020-28993HigDec 1, 2020
    risk 0.49cvss 7.5epss 0.03

    A Directory Traversal vulnerability exists in ATX miniCMTS200a Broadband Gateway through 2.0 and Pico CMTS through 2.0. Successful exploitation of this vulnerability would allow an unauthenticated attacker to retrieve administrator credentials by sending a malicious POST request.

  • CVE-2020-7547HigDec 1, 2020
    risk 0.57cvss 8.8epss 0.01

    A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow a user the ability to perform actions via the web interface at a higher privilege…

  • CVE-2020-7545HigDec 1, 2020
    risk 0.47cvss 7.2epss 0.02

    A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow for arbitrary code execution on the server when an authorized user access an…

  • CVE-2020-25181HigDec 1, 2020
    risk 0.57cvss 8.8epss 0.02

    WECON PLC Editor Versions 1.3.8 and prior has a heap-based buffer overflow vulnerabilities have been identified that may allow arbitrary code execution.

  • CVE-2020-25177HigDec 1, 2020
    risk 0.57cvss 8.8epss 0.02

    WECON PLC Editor Versions 1.3.8 and prior has a stack-based buffer overflow vulnerability has been identified that may allow arbitrary code execution.

  • CVE-2020-7335HigDec 1, 2020
    risk 0.49cvss 7.5epss 0.00

    Privilege Escalation vulnerability in Microsoft Windows client McAfee Total Protection (MTP) prior to 16.0.29 allows local users to gain elevated privileges via careful manipulation of a folder by creating a junction link. This exploits a lack of protection through a timing…

  • CVE-2020-9117HigDec 1, 2020
    risk 0.51cvss 7.8epss 0.00

    HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and SydneyM-AL00 versions earlier than 10.0.0.165(C00E66R1P5) have an out-of-bounds read and write vulnerability. An attacker with specific permissions crafts malformed packet with specific parameter and sends the packet…

  • CVE-2020-9114HigDec 1, 2020
    risk 0.51cvss 7.8epss 0.00

    FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. Due to improper privilege management, an attacker with common privilege may access some specific files and get the administrator privilege in the affected products. Successful…

  • CVE-2020-9116HigDec 1, 2020
    risk 0.47cvss 7.2epss 0.01

    Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. An authenticated, remote attacker can craft specific request to exploit this vulnerability. Due to insufficient verification, this could be exploited to cause the attackers to obtain higher…