VYPR

CVEs

101,963 total · page 1403 of 2,040

  • CVE-2020-9115HigDec 1, 2020
    risk 0.47cvss 7.2epss 0.01

    ManageOne versions 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, ,6.5.1.1.B050, 8.0.0 and 8.0.1 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the plug-in component. Due to insufficient…

  • CVE-2020-29441HigNov 30, 2020
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in the Upload Widget in OutSystems Platform 10 before 10.0.1019.0. An unauthenticated attacker can upload arbitrary files. In some cases, this attack may consume the available database space (Denial of Service), corrupt legitimate data if files are being…

  • CVE-2020-16850HigNov 30, 2020
    risk 0.49cvss 7.5epss 0.02

    Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is…

  • CVE-2020-16849HigNov 30, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered on Canon MF237w 06.07 devices. An "Improper Handling of Length Parameter Inconsistency" issue in the IPv4/ICMPv4 component, when handling a packet sent by an unauthenticated network attacker, may expose Sensitive Information.

  • CVE-2020-8351HigNov 30, 2020
    risk 0.51cvss 7.8epss 0.00

    A privilege escalation vulnerability was reported in Lenovo PCManager prior to version 3.0.50.9162 that could allow an authenticated user to execute code with elevated privileges.

  • CVE-2020-29394HigNov 30, 2020
    risk 0.00cvss 7.8epss 0.02

    A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument).

  • CVE-2020-27659HigNov 30, 2020
    risk 0.55cvss 8.4epss 0.05

    Multiple cross-site scripting (XSS) vulnerabilities in Synology SafeAccess before 1.2.3-0234 allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) profile parameter.

  • CVE-2020-29383HigNov 29, 2020
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. A hardcoded RSA private key (specific to V1600D4L and V1600D-MINI) is contained in the firmware images.

  • CVE-2020-29382HigNov 29, 2020
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. A hardcoded RSA private key (specific to V1600D, V1600G1, and V1600G2) is contained in the firmware images.

  • CVE-2020-29378HigNov 29, 2020
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. It is possible to elevate the privilege of a CLI user (to full administrative access) by using the password…

  • CVE-2020-29375HigNov 29, 2020
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. An low-privileged (non-admin) attacker can use a hardcoded password (4ef9cea10b2362f15ba4558b1d5c081f) to create an…

  • CVE-2020-29370HigNov 28, 2020
    risk 0.00cvss 7.0epss 0.01

    An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.

  • CVE-2020-29369HigNov 28, 2020
    risk 0.00cvss 7.0epss 0.00

    An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe.

  • CVE-2020-29368HigNov 28, 2020
    risk 0.00cvss 7.0epss 0.00

    An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.

  • CVE-2020-29367HigNov 27, 2020
    risk 0.44cvss 7.8epss 0.01

    blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.

  • CVE-2020-26245HigNov 27, 2020
    risk 0.46cvss 8.1epss 0.02

    npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be…

  • CVE-2020-28922HigNov 27, 2020
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in Devid Espenschied PC Analyser through 4.10. The PCADRVX64.SYS kernel driver exposes IOCTL functionality that allows low-privilege users to read and write arbitrary physical memory. This could lead to arbitrary Ring-0 code execution and escalation of…

  • CVE-2020-28921HigNov 27, 2020
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in Devid Espenschied PC Analyser through 4.10. The PCADRVX64.SYS kernel driver exposes IOCTL functionality that allows low-privilege users to read and write to arbitrary Model Specific Registers (MSRs). This could lead to arbitrary Ring-0 code execution…

  • CVE-2020-25708HigNov 27, 2020
    risk 0.49cvss 7.5epss 0.02

    A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service.

  • CVE-2020-10772HigNov 27, 2020
    risk 0.49cvss 7.5epss 0.01

    An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. Vulnerable versions of Unbound could still amplify an incoming query into a large number of queries directed to a target, even with a lower…

  • CVE-2017-15685HigNov 27, 2020
    risk 0.56cvss 8.6epss 0.02

    Crafter CMS Crafter Studio 3.0.1 is affected by: XML External Entity (XXE). An unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.

  • CVE-2017-15684HigNov 27, 2020
    risk 0.49cvss 7.5epss 0.02

    Crafter CMS Crafter Studio 3.0.1 has a directory traversal vulnerability which allows unauthenticated attackers to view files from the operating system.

  • CVE-2017-15683HigNov 27, 2020
    risk 0.56cvss 8.6epss 0.02

    In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.

  • CVE-2019-19878HigNov 27, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. An attacker can get access to historical data from AprolSqlServer by bypassing authentication, a different vulnerability than CVE-2019-16358.

  • CVE-2019-19873HigNov 27, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. An attacker can get information from the AprolSqlServer DBMS by bypassing authentication, a different vulnerability than CVE-2019-16356 and CVE-2019-9983.

  • CVE-2019-19869HigNov 27, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. PVs could be changed (unencrypted) by using the IosHttp service and the JSON interface.

  • CVE-2020-26936HigNov 26, 2020
    risk 0.57cvss 8.8epss 0.00

    Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack.

  • CVE-2020-29043HigNov 26, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in BigBlueButton through 2.2.29. When at attacker is able to view an account_activations/edit?token= URI, the attacker can create an approved user account associated with an email address that has an arbitrary domain name.

  • CVE-2020-27207HigNov 26, 2020
    risk 0.49cvss 7.5epss 0.02

    Zetetic SQLCipher 4.x before 4.4.1 has a use-after-free, related to sqlcipher_codec_pragma and sqlite3Strlen30 in sqlite3.c. A remote denial of service attack can be performed. For example, a SQL injection can be used to execute the crafted SQL command sequence. After that, some…

  • CVE-2020-7778HigNov 26, 2020
    risk 0.41cvss 7.3epss 0.02

    This affects the package systeminformation before 4.30.2. The attacker can overwrite the properties and functions of an object, which can lead to executing OS commands.

  • CVE-2020-27255HigNov 26, 2020
    risk 0.49cvss 7.5epss 0.03

    A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which could result in the leaking of sensitive information. This information…

  • CVE-2020-27253HigNov 26, 2020
    risk 0.49cvss 7.5epss 0.02

    A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to specifically craft a malicious packet resulting in a denial-of-service condition on the device.

  • CVE-2020-29074HigNov 25, 2020
    risk 0.00cvss 8.8epss 0.02

    scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows access by actors other than the current user.

  • CVE-2020-14190HigNov 25, 2020
    risk 0.49cvss 7.5epss 0.01

    Affected versions of Atlassian Fisheye/Crucible allow remote attackers to achieve Regex Denial of Service via user-supplied regex in EyeQL. The affected versions are before version 4.8.4.

  • CVE-2020-14191HigNov 25, 2020
    risk 0.49cvss 7.5epss 0.01

    Affected versions of Atlassian Fisheye/Crucible allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the MessageBundleResource within Atlassian Gadgets. The affected versions are before version 4.8.4.

  • CVE-2020-26243HigNov 25, 2020
    risk 0.42cvss 7.5epss 0.03

    Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and 0.3.9.7, decoding specifically formed message can leak memory if dynamic allocation is enabled and an oneof field contains a static submessage that contains a dynamic field, and the…

  • CVE-2020-26212HigNov 25, 2020
    risk 0.00cvss 7.7epss 0.01

    GLPI stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.3, any authenticated user has read-only permissions to…

  • CVE-2020-26238HigNov 25, 2020
    risk 0.45cvss 7.9epss 0.04

    Cron-utils is a Java library to parse, validate, migrate crons as well as get human readable descriptions for them. In cron-utils before version 9.1.3, a template Injection vulnerability is present. This enables attackers to inject arbitrary Java EL expressions, leading to…

  • CVE-2020-29063HigNov 24, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN,…

  • CVE-2020-29057HigNov 24, 2020
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN,…

  • CVE-2015-9550HigNov 24, 2020
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. By sending a specific hel,xasf packet to the WAN interface, it is possible to open the web management interface on the WAN interface.

  • CVE-2020-25654HigNov 24, 2020
    risk 0.47cvss 7.2epss 0.02

    An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the…

  • CVE-2020-28331HigNov 24, 2020
    risk 0.49cvss 7.5epss 0.02

    Barco wePresent WiPG-1600W devices have Improper Access Control. Affected Version(s): 2.5.1.8. The Barco wePresent WiPG-1600W device has an SSH daemon included in the firmware image. By default, the SSH daemon is disabled and does not start at system boot. The system…

  • CVE-2020-13620HigNov 24, 2020
    risk 0.57cvss 8.8epss 0.01

    Fastweb FASTGate GPON FGA2130FWB devices through 2020-05-26 allow CSRF via the router administration web panel, leading to an attacker's ability to perform administrative actions such as modifying the configuration.

  • CVE-2020-29040HigNov 24, 2020
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered in Xen through 4.14.x allowing x86 HVM guest OS users to cause a denial of service (stack corruption), cause a data leak, or possibly gain privileges because of an off-by-one error. NOTE: this issue is caused by an incorrect fix for CVE-2020-27671.

  • CVE-2020-4002HigNov 24, 2020
    risk 0.47cvss 7.2epss 0.02

    The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 handles system parameters in an insecure way. An authenticated SD-WAN Orchestrator user with high privileges may be able to execute arbitrary code on the underlying operating system.

  • CVE-2020-4000HigNov 24, 2020
    risk 0.61cvss 8.8epss 0.43

    The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 allows for executing files through directory traversal. An authenticated SD-WAN Orchestrator user is able to traversal directories which may lead to code execution of files.

  • CVE-2020-3985HigNov 24, 2020
    risk 0.57cvss 8.8epss 0.01

    The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 allows an access to set arbitrary authorization levels leading to a privilege escalation issue. An authenticated SD-WAN Orchestrator user may exploit an application weakness and call a vulnerable API to…

  • CVE-2019-20925HigNov 24, 2020
    risk 0.42cvss 7.5epss 0.02

    An unauthenticated client can trigger denial of service by issuing specially crafted wire protocol messages, which cause the message decompressor to incorrectly allocate memory. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to…

  • CVE-2020-5674HigNov 24, 2020
    risk 0.51cvss 7.8epss 0.00

    Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.