VYPR

CVEs

101,963 total · page 1414 of 2,040

  • CVE-2020-11154HigNov 2, 2020
    risk 0.57cvss 8.8epss 0.01

    u'Buffer overflow while processing a crafted PDU data packet in bluetooth due to lack of check of buffer size before copying' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon…

  • CVE-2020-11141HigNov 2, 2020
    risk 0.53cvss 8.1epss 0.00

    u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap configuration request received from peer device.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,…

  • CVE-2020-11125HigNov 2, 2020
    risk 0.51cvss 7.8epss 0.00

    u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &…

  • CVE-2020-11114HigNov 2, 2020
    risk 0.57cvss 8.8epss 0.00

    u'Bluetooth devices does not properly restrict the L2CAP payload length allowing users in radio range to cause a buffer overflow via a crafted Link Layer packet(Equivalent to CVE-2019-17060,CVE-2019-17061 and CVE-2019-17517 in Sweyntooth paper)' in Snapdragon Compute, Snapdragon…

  • CVE-2020-25849HigNov 1, 2020
    risk 0.57cvss 8.8epss 0.02

    MailGates and MailAudit products contain Command Injection flaw, which can be used to inject and execute system commands from the cgi parameter after attackers obtain the user’s access token.

  • CVE-2020-5425HigOct 31, 2020
    risk 0.51cvss 7.9epss 0.01

    Single Sign-On for Vmware Tanzu all versions prior to 1.11.3 ,1.12.x versions prior to 1.12.4 and 1.13.x prior to 1.13.1 are vulnerable to user impersonation attack.If two users are logged in to the SSO operator dashboard at the same time, with the same username, from two…

  • CVE-2020-5991HigOct 30, 2020
    risk 0.51cvss 7.8epss 0.00

    NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerability in the NVJPEG library in which an out-of-bounds read or write operation may lead to code execution, denial of service, or information disclosure.

  • CVE-2020-15276HigOct 30, 2020
    risk 0.43cvss 7.7epss 0.01

    baserCMS before version 4.4.1 is vulnerable to Cross-Site Scripting. Arbitrary JavaScript may be executed by entering a crafted nickname in blog comments. The issue affects the blog comment component. It is fixed in version 4.4.1.

  • CVE-2020-15273HigOct 30, 2020
    risk 0.41cvss 7.3epss 0.01

    baserCMS before version 4.4.1 is vulnerable to Cross-Site Scripting. The issue affects the following components: Edit feed settings, Edit widget area, Sub site new registration, New category registration. Arbitrary JavaScript may be executed by entering specific characters in…

  • CVE-2020-15277HigOct 30, 2020
    risk 0.40cvss 7.2epss 0.02

    baserCMS before version 4.4.1 is affected by Remote Code Execution (RCE). Code may be executed by logging in as a system administrator and uploading an executable script file such as a PHP file. The Edit template component is vulnerable. The issue is fixed in version 4.4.1.

  • CVE-2020-4588HigOct 30, 2020
    risk 0.51cvss 7.8epss 0.01

    IBM i2 iBase 8.9.13 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 184579.

  • CVE-2020-4584HigOct 30, 2020
    risk 0.49cvss 7.5epss 0.01

    IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184574.

  • CVE-2020-26205HigOct 29, 2020
    risk 0.00cvss 7.6epss 0.01

    Sal is a multi-tenanted reporting dashboard for Munki with the ability to display information from Facter. In Sal through version 4.1.6 there is an XSS vulnerability on the machine_list view.

  • CVE-2020-25646HigOct 29, 2020
    risk 0.00cvss 7.5epss 0.01

    A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidentiality

  • CVE-2020-27887HigOct 29, 2020
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in EyesOfNetwork 5.3 through 5.3-8. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the nmap_binary parameter to lilac/autodiscovery.php.

  • CVE-2020-27996HigOct 29, 2020
    risk 0.00cvss 8.8epss 0.02

    An issue was discovered in SmartStoreNET before 4.0.1. It does not properly consider the need for a CustomModelPartAttribute decoration in certain ModelBase.CustomProperties situations.

  • CVE-2020-25780HigOct 29, 2020
    risk 0.50cvss 7.5epss 0.10

    In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13, Directory Traversal can occur such that an attempt to view a log file can instead view a file outside of the log-files folder.

  • CVE-2020-5936HigOct 29, 2020
    risk 0.49cvss 7.5epss 0.01

    On BIG-IP LTM 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.1, the Traffic Management Microkernel (TMM) process may consume excessive resources when processing SSL traffic and client authentication are enabled on the client SSL profile.

  • CVE-2020-5933HigOct 29, 2020
    risk 0.49cvss 7.5epss 0.01

    On versions 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, when a BIG-IP system that has a virtual server configured with an HTTP compression profile processes compressed HTTP message payloads that require deflation, a Slowloris-style…

  • CVE-2020-5931HigOct 29, 2020
    risk 0.49cvss 7.5epss 0.01

    On BIG-IP 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, Virtual servers with a OneConnect profile may incorrectly handle WebSockets related HTTP response headers, causing TMM to restart.

  • CVE-2020-4724HigOct 29, 2020
    risk 0.51cvss 7.8epss 0.01

    IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the…

  • CVE-2020-4723HigOct 29, 2020
    risk 0.51cvss 7.8epss 0.01

    IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the…

  • CVE-2020-4722HigOct 29, 2020
    risk 0.51cvss 7.8epss 0.01

    IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the…

  • CVE-2020-4721HigOct 29, 2020
    risk 0.51cvss 7.8epss 0.01

    IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the…

  • CVE-2020-7384HigOct 29, 2020
    risk 0.05cvss 7.0epss 0.31

    Rapid7's Metasploit msfvenom framework handles APK files in a way that allows for a malicious user to craft and publish a file that would execute arbitrary commands on a victim's machine.

  • CVE-2020-5937HigOct 29, 2020
    risk 0.49cvss 7.5epss 0.01

    On BIG-IP AFM 15.1.0-15.1.0.5, the Traffic Management Microkernel (TMM) may produce a core file while processing layer 4 (L4) behavioral denial-of-service (DoS) traffic.

  • CVE-2020-27658HigOct 29, 2020
    risk 0.46cvss 7.1epss 0.01

    Synology Router Manager (SRM) before 1.2.4-8081 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

  • CVE-2020-27653HigOct 29, 2020
    risk 0.54cvss 8.3epss 0.01

    Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.

  • CVE-2020-27652HigOct 29, 2020
    risk 0.54cvss 8.3epss 0.01

    Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.

  • CVE-2020-27649HigOct 29, 2020
    risk 0.54cvss 8.3epss 0.01

    Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2020-27648HigOct 29, 2020
    risk 0.54cvss 8.3epss 0.01

    Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2020-7746HigOct 29, 2020
    risk 0.00cvss 7.5epss 0.05

    This affects the package chart.js before 2.9.4. The options parameter is not properly sanitized when it is processed. When the options are processed, the existing options (or the defaults options) are deeply merged with provided options. However, during this operation, the keys…

  • CVE-2020-11616HigOct 29, 2020
    risk 0.49cvss 7.5epss 0.01

    NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which the Pseudo-Random Number Generator (PRNG) algorithm used in the JSOL package that implements the IPMI protocol is not cryptographically strong, which may lead…

  • CVE-2020-11615HigOct 29, 2020
    risk 0.49cvss 7.5epss 0.01

    NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure.

  • CVE-2020-11489HigOct 29, 2020
    risk 0.49cvss 7.5epss 0.01

    NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contain a vulnerability in the AMI BMC firmware in which default SNMP community strings are used, which may lead to information disclosure.

  • CVE-2020-11487HigOct 29, 2020
    risk 0.49cvss 7.5epss 0.01

    NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. DGX-2 with BMC firmware versions prior to 1.06.06 and all DGX A100 Servers with all BMC firmware versions, contains a vulnerability in the AMI BMC firmware in which the use of a hard-coded RSA 1024 key with…

  • CVE-2020-11485HigOct 29, 2020
    risk 0.57cvss 8.8epss 0.01

    NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a Cross-Site Request Forgery (CSRF) vulnerability in the AMI BMC firmware in which the web application does not sufficiently verify whether a well-formed, valid, consistent request was…

  • CVE-2020-27986HigOct 28, 2020
    risk 0.50cvss 7.5epss 0.16

    SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. NOTE: reportedly, the vendor's position for SMTP and SVN is "it is the administrator's responsibility to configure it.

  • CVE-2020-24713HigOct 28, 2020
    risk 0.49cvss 7.5epss 0.01

    Gophish through 0.10.1 does not invalidate the gophish cookie upon logout.

  • CVE-2020-24707HigOct 28, 2020
    risk 0.00cvss 7.8epss 0.01

    Gophish before 0.11.0 allows the creation of CSV sheets that contain malicious content.

  • CVE-2020-24990HigOct 28, 2020
    risk 0.49cvss 7.5epss 0.04

    An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By utilizing the TFTP service running on UDP port 69, a remote attacker can perform a directory traversal and obtain operating system files via a TFTP GET request, as demonstrated by reading /etc/passwd or /proc/version.

  • CVE-2020-26133HigOct 28, 2020
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in Dual DHCP DNS Server 7.40. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the DualServer.exe binary.

  • CVE-2020-26132HigOct 28, 2020
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in Home DNS Server 0.10. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the HomeDNSServer.exe binary.

  • CVE-2020-26131HigOct 28, 2020
    risk 0.51cvss 7.8epss 0.00

    Issues were discovered in Open DHCP Server (Regular) 1.75 and Open DHCP Server (LDAP Based) 0.1Beta. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenDHCPServer.exe (Regular) or the…

  • CVE-2020-26130HigOct 28, 2020
    risk 0.51cvss 7.8epss 0.00

    Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenTFTPServerMT.exe or the…

  • CVE-2020-25966HigOct 28, 2020
    risk 0.49cvss 7.5epss 0.01

    Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. This could be used by unauthorized parties to get configured login credentials of the assets via a modified pAccountID…

  • CVE-2020-16262HigOct 28, 2020
    risk 0.51cvss 7.8epss 0.00

    Winston 1.5.4 devices have a local www-data user that is overly permissioned, resulting in root privilege escalation.

  • CVE-2020-16260HigOct 28, 2020
    risk 0.49cvss 7.5epss 0.01

    Winston 1.5.4 devices do not enforce authorization. This is exploitable from the intranet, and can be combined with other vulnerabilities for remote exploitation.

  • CVE-2020-16258HigOct 28, 2020
    risk 0.46cvss 7.1epss 0.00

    Winston 1.5.4 devices make use of a Monit service (not managed during the normal user process) which is configured with default credentials.

  • CVE-2020-16256HigOct 28, 2020
    risk 0.57cvss 8.8epss 0.01

    The API on Winston 1.5.4 devices is vulnerable to CSRF.