VYPR

CVEs

101,963 total · page 1437 of 2,040

  • CVE-2020-9725HigSep 10, 2020
    risk 0.51cvss 7.8epss 0.04

    Adobe FrameMaker version 2019.0.6 (and earlier versions) lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. This could be exploited to execute arbitrary code with the privileges of the current user. User…

  • CVE-2020-15170HigSep 10, 2020
    risk 0.00cvss 7.0epss 0.01

    apollo-adminservice before version 1.7.1 does not implement access controls. If users expose apollo-adminservice to internet(which is not recommended), there are potential security issues since apollo-adminservice is designed to work in intranet and it doesn't have access…

  • CVE-2020-9733HigSep 10, 2020
    risk 0.49cvss 7.5epss 0.04

    An AEM java servlet in AEM versions 6.5.5.0 (and below) and 6.4.8.1 (and below) executes with the permissions of a high privileged service user. If exploited, this could lead to read-only access to sensitive data in an AEM repository.

  • CVE-2020-17408HigSep 10, 2020
    risk 0.55cvss 7.5epss 0.74

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ExpressCluster 4.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the clpwebmc executable. Due to the improper…

  • CVE-2020-14198HigSep 10, 2020
    risk 0.49cvss 7.5epss 0.03

    Bitcoin Core 0.20.0 allows remote denial of service.

  • CVE-2018-17145HigSep 10, 2020
    risk 0.49cvss 7.5epss 0.03

    Bitcoin Core 0.16.x before 0.16.2 and Bitcoin Knots 0.16.x before 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. NOTE: this can also affect other cryptocurrencies, e.g., if they were forked from Bitcoin Core…

  • CVE-2020-6097HigSep 10, 2020
    risk 0.49cvss 7.5epss 0.02

    An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious…

  • CVE-2020-25221HigSep 10, 2020
    risk 0.51cvss 7.8epss 0.01

    get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. The result is a refcount underflow. This can be…

  • CVE-2020-7314HigSep 10, 2020
    risk 0.53cvss 8.2epss 0.00

    Privilege Escalation Vulnerability in the installer in McAfee Data Exchange Layer (DXL) Client for Mac shipped with McAfee Agent (MA) for Mac prior to MA 5.6.6 allows local users to run commands as root via incorrectly applied permissions on temporary files.

  • CVE-2020-7312HigSep 10, 2020
    risk 0.51cvss 7.8epss 0.00

    DLL Search Order Hijacking Vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder.

  • CVE-2020-7311HigSep 10, 2020
    risk 0.51cvss 7.8epss 0.00

    Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files.

  • CVE-2020-25220HigSep 10, 2020
    risk 0.00cvss 7.8epss 0.00

    The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd->no_refcnt was not considered during a backport of a CVE-2020-14356 patch. This is related to the cgroups feature.

  • CVE-2020-15173HigSep 9, 2020
    risk 0.00cvss 8.2epss 0.01

    In ACCEL-PPP (an implementation of PPTP/PPPoE/L2TP/SSTP), there is a buffer overflow when receiving an l2tp control packet ith an AVP which type is a string and no hidden flags, length set to less than 6. If your application is used in open networks or there are untrusted nodes…

  • CVE-2020-25219HigSep 9, 2020
    risk 0.49cvss 7.5epss 0.04

    url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.

  • CVE-2020-1913HigSep 9, 2020
    risk 0.46cvss 8.1epss 0.01

    An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a potential RCE via crafted JavaScript. Note that this is only exploitable if the…

  • CVE-2020-1912HigSep 9, 2020
    risk 0.46cvss 8.1epss 0.02

    An out-of-bounds read/write vulnerability when executing lazily compiled inner generator functions in Facebook Hermes prior to commit 091835377369c8fd5917d9b87acffa721ad2a168 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only…

  • CVE-2020-15789HigSep 9, 2020
    risk 0.53cvss 8.1epss 0.00

    A vulnerability has been identified in Polarion Subversion Webclient (All versions). The web interface could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires user interaction by…

  • CVE-2020-10056HigSep 9, 2020
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in License Management Utility (LMU) (All versions < V2.4). The lmgrd service of the affected application is executed with local SYSTEM privileges on the server while its configuration can be modified by local users. The vulnerability could…

  • CVE-2020-10051HigSep 9, 2020
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). Multiple services of the affected application are executed with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to inject arbitrary commands that…

  • CVE-2020-10050HigSep 9, 2020
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). The directory of service executables of the affected application could allow a local attacker to include arbitrary commands that are executed with SYSTEM privileges when the system…

  • CVE-2020-10049HigSep 9, 2020
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). The start-stop scripts for the services of the affected application could allow a local attacker to include arbitrary commands that are executed when services are started or stopped…

  • CVE-2020-15163HigSep 9, 2020
    risk 0.50cvss 8.7epss 0.01

    Python TUF (The Update Framework) reference implementation before version 0.12 it will incorrectly trust a previously downloaded root metadata file which failed verification at download time. This allows an attacker who is able to serve multiple new versions of root metadata…

  • CVE-2020-13127HigSep 9, 2020
    risk 0.57cvss 8.8epss 0.01

    A SQL injection vulnerability at a tpf URI in Loway QueueMetrics before 19.04.1 allows remote authenticated attackers to execute arbitrary SQL commands via the TASKS_LIST__pt.querystring parameter.

  • CVE-2020-2042HigSep 9, 2020
    risk 0.47cvss 7.2epss 0.02

    A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.

  • CVE-2020-2041HigSep 9, 2020
    risk 0.49cvss 7.5epss 0.02

    An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb service to crash. Repeated attempts to send this request result in denial of service…

  • CVE-2020-2038HigSep 9, 2020
    risk 0.57cvss 7.2epss 0.86

    An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 9.0 versions earlier than 9.0.10; PAN-OS 9.1 versions earlier than 9.1.4; PAN-OS…

  • CVE-2020-2037HigSep 9, 2020
    risk 0.47cvss 7.2epss 0.04

    An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS…

  • CVE-2020-2036HigSep 9, 2020
    risk 0.59cvss 8.8epss 0.24

    A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web…

  • CVE-2020-25212HigSep 9, 2020
    risk 0.00cvss 7.0epss 0.00

    A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452.

  • CVE-2020-24566HigSep 9, 2020
    risk 0.49cvss 7.5epss 0.02

    In Octopus Deploy 2020.3.x before 2020.3.4 and 2020.4.x before 2020.4.1, if an authenticated user creates a deployment or runbook process using Azure steps and sets the step's execution location to run on the server/worker, then (under certain circumstances) the account password…

  • CVE-2020-1749HigSep 9, 2020
    risk 0.49cvss 7.5epss 0.01

    A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather…

  • CVE-2020-14384HigSep 9, 2020
    risk 0.49cvss 7.5epss 0.01

    A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat…

  • CVE-2020-6320HigSep 9, 2020
    risk 0.53cvss 8.1epss 0.01

    SAP Marketing (Servlet), version-130,140,150, allows an authenticated attacker to invoke certain functions that are restricted. Limited knowledge of payload is required for an attacker to exploit the vulnerability and perform tasks related to contact and interaction data which…

  • CVE-2020-6318HigSep 9, 2020
    risk 0.47cvss 7.2epss 0.06

    A Remote Code Execution vulnerability exists in the SAP NetWeaver (ABAP Server, up to release 7.40) and ABAP Platform (> release 7.40).Because of this, an attacker can exploit these products via Code Injection, and potentially enabling to take complete control of the products,…

  • CVE-2020-6302HigSep 9, 2020
    risk 0.53cvss 8.1epss 0.01

    SAP Commerce versions 6.7, 1808, 1811, 1905, 2005 contains the jSession ID in the backoffice URL when the application is loaded initially. An attacker can get this session ID via shoulder surfing or man in the middle attack and subsequently get access to admin user accounts,…

  • CVE-2020-7319HigSep 9, 2020
    risk 0.57cvss 8.8epss 0.00

    Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an…

  • CVE-2020-3656HigSep 9, 2020
    risk 0.51cvss 7.8epss 0.00

    Out of bound access can happen in MHI command process due to lack of check of command channel id value received from MHI devices in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon…

  • CVE-2020-3617HigSep 9, 2020
    risk 0.46cvss 7.1epss 0.00

    u'Buffer over-read Issue in Q6 testbus framework due to diag packet length is not completely validated before accessing the field and leads to Information disclosure.' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Kamorta,…

  • CVE-2020-11135HigSep 9, 2020
    risk 0.49cvss 7.5epss 0.01

    u'Reachable assertion when wrong data size is returned by parser for ape clips' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, Kamorta, MSM8917, MSM8953, Nicobar, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan,…

  • CVE-2020-11129HigSep 9, 2020
    risk 0.51cvss 7.8epss 0.00

    u'During the error occurrence in capture request, the buffer is freed and later accessed causing the camera APP to fail due to memory use-after-free' in Snapdragon Consumer IOT, Snapdragon Mobile in Bitra, Kamorta, QCS605, Saipan, SDM710, SM8250, SXR2130

  • CVE-2020-11124HigSep 9, 2020
    risk 0.51cvss 7.8epss 0.00

    u'Possible use-after-free while accessing diag client map table since list can be reallocated due to exceeding max client limit.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607,…

  • CVE-2020-3666HigSep 8, 2020
    risk 0.51cvss 7.8epss 0.00

    u'Out of bounds memory access during memory copy while processing Host command' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice…

  • CVE-2020-3648HigSep 8, 2020
    risk 0.51cvss 7.8epss 0.00

    u'Possible out of bound write in DSP driver code due to lack of check of data received from user' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W

  • CVE-2020-3647HigSep 8, 2020
    risk 0.51cvss 7.8epss 0.00

    u'Potential buffer overflow when accessing npu debugfs node "off"/"log" with large buffer size' in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, QCS405, SC8180X, SDX55, SM6150, SM7150, SM8150

  • CVE-2020-3646HigSep 8, 2020
    risk 0.51cvss 7.8epss 0.00

    u'Buffer overflow seen as the destination buffer size is lesser than the source buffer size in video application' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MSM8909W,…

  • CVE-2020-3640HigSep 8, 2020
    risk 0.51cvss 7.8epss 0.00

    u'Resizing the usage table header before passing all the checks leads to the function exiting with a usage table in invalid state when a HLOS adversary calls the function with wrong input' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired…

  • CVE-2020-3636HigSep 8, 2020
    risk 0.51cvss 7.8epss 0.00

    u'Out of bound writes happen when accessing usage_table header entry beyond the memory allocated for the header' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, QCS610,…

  • CVE-2020-3629HigSep 8, 2020
    risk 0.51cvss 7.8epss 0.00

    u'Stack out of bound issue occurs when making query to DSP capabilities due to wrong assumption was made on determining the buffer size for the DSP attributes' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,…

  • CVE-2020-3624HigSep 8, 2020
    risk 0.51cvss 7.8epss 0.00

    u'A potential buffer overflow exists due to integer overflow when parsing handler options due to wrong data type usage in operation' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon…

  • CVE-2020-3622HigSep 8, 2020
    risk 0.51cvss 7.8epss 0.00

    u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL termination can results into memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer…