VYPR

CVEs

101,975 total · page 1465 of 2,040

  • CVE-2020-9575HigJun 25, 2020
    risk 0.51cvss 7.8epss 0.03

    Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2020-5966HigJun 25, 2020
    risk 0.51cvss 7.8epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, in which a NULL pointer is dereferenced, leading to denial of service or potential escalation of privileges.

  • CVE-2020-15302HigJun 25, 2020
    risk 0.49cvss 7.5epss 0.01

    In Argent RecoveryManager before 0xdc350d09f71c48c5D22fBE2741e4d6A03970E192, the executeRecovery function does not require any signatures in the zero-guardian case, which allows attackers to cause a denial of service (locking) or a takeover.

  • CVE-2019-19506HigJun 25, 2020
    risk 0.49cvss 7.5epss 0.01

    Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a denial of service, caused by an error in the "homeplugd" process. By sending a specially crafted UDP packet, an attacker could exploit this vulnerability to cause the device to reboot.

  • CVE-2019-19505HigJun 25, 2020
    risk 0.57cvss 8.8epss 0.04

    Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the "Wireless" section in the web-UI. By sending a specially crafted hostname, a remote attacker could overflow a buffer and execute arbitrary code…

  • CVE-2019-16213HigJun 25, 2020
    risk 0.57cvss 8.8epss 0.03

    Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted string, an attacker could modify the device name of an attached PLC adapter to inject and execute arbitrary…

  • CVE-2020-11538HigJun 25, 2020
    risk 0.46cvss 8.1epss 0.03

    In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.

  • CVE-2020-10379HigJun 25, 2020
    risk 0.44cvss 7.8epss 0.01

    In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c.

  • CVE-2020-3968HigJun 25, 2020
    risk 0.53cvss 8.2epss 0.01

    VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds write vulnerability in the USB 3.0 controller (xHCI). A malicious…

  • CVE-2020-3967HigJun 25, 2020
    risk 0.49cvss 7.5epss 0.00

    VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a heap-overflow vulnerability in the USB 2.0 controller (EHCI). A malicious actor…

  • CVE-2020-3966HigJun 25, 2020
    risk 0.49cvss 7.5epss 0.00

    VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a heap-overflow due to a race condition issue in the USB 2.0 controller (EHCI). A…

  • CVE-2020-5964HigJun 25, 2020
    risk 0.51cvss 7.8epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host component, in which the application resources integrity check may be missed. Such an attack may lead to code execution, denial of service or information disclosure.

  • CVE-2020-5963HigJun 25, 2020
    risk 0.51cvss 7.8epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure.

  • CVE-2020-15046HigJun 24, 2020
    risk 0.60cvss 8.8epss 0.02

    The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 allows remote attackers to exploit a cgi/config_user.cgi CSRF issue to add new admin users. The fixed versions are BIOS 3.2 and firmware 03.88.

  • CVE-2020-5962HigJun 24, 2020
    risk 0.51cvss 7.8epss 0.00

    NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.

  • CVE-2020-13247HigJun 24, 2020
    risk 0.48cvss 7.3epss 0.01

    BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit Area.

  • CVE-2020-3962HigJun 24, 2020
    risk 0.53cvss 8.2epss 0.01

    VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a use-after-free vulnerability in the SVGA device. A malicious actor with local…

  • CVE-2020-11961HigJun 24, 2020
    risk 0.49cvss 7.5epss 0.01

    Xiaomi router R3600 ROM before 1.0.50 is affected by a sensitive information leakage caused by an insecure interface get_config_result without authentication

  • CVE-2020-11959HigJun 24, 2020
    risk 0.49cvss 7.5epss 0.01

    An unsafe configuration of nginx lead to information leak in Xiaomi router R3600 ROM before 1.0.50.

  • CVE-2020-9494HigJun 24, 2020
    risk 0.49cvss 7.5epss 0.04

    Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to allocate a large amount of memory and spin the thread.

  • CVE-2020-6870HigJun 24, 2020
    risk 0.52cvss 8.0epss 0.01

    The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. An attacker could exploit the vulnerability to log in to the FTP server to tamper with the password, and illegally download, modify, upload, or delete files, causing improper operation…

  • CVE-2020-3969HigJun 24, 2020
    risk 0.51cvss 7.8epss 0.01

    VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an off-by-one heap-overflow vulnerability in the SVGA device. A malicious actor with…

  • CVE-2020-14017HigJun 24, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Navigate CMS 2.9 r1433. Sessions, as well as associated information such as CSRF tokens, are stored in cleartext files in the directory /private/sessions. An unauthenticated user could use a brute-force approach to attempt to identify existing…

  • CVE-2020-14015HigJun 24, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Navigate CMS 2.9 r1433. When performing a password reset, a user is emailed an activation code that allows them to reset their password. There is, however, a flaw when no activation code is supplied. The system will allow an unauthorized user to…

  • CVE-2020-13700HigJun 24, 2020
    risk 0.50cvss 7.5epss 0.13

    An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress. It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that reads sensitive information in the wp_options table, such as…

  • CVE-2020-13443HigJun 24, 2020
    risk 0.58cvss 8.8epss 0.04

    ExpressionEngine before 5.3.2 allows remote attackers to upload and execute arbitrary code in a .php%20 file via Compose Msg, Add attachment, and Save As Draft actions. A user with low privileges (member) is able to upload this. It is possible to bypass the MIME type check and…

  • CVE-2020-14005HigJun 24, 2020
    risk 0.58cvss 8.8epss 0.14

    Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows remote attackers to execute arbitrary code via a defined event.

  • CVE-2020-15014HigJun 24, 2020
    risk 0.57cvss 8.8epss 0.01

    pramodmahato BlogCMS through 2019-12-31 has admin/changepass.php CSRF.

  • CVE-2020-12865HigJun 24, 2020
    risk 0.52cvss 8.0epss 0.01

    A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.

  • CVE-2020-12861HigJun 24, 2020
    risk 0.57cvss 8.8epss 0.03

    A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.

  • CVE-2020-7667HigJun 24, 2020
    risk 0.42cvss 7.5epss 0.02

    In package github.com/sassoftware/go-rpmutils/cpio before version 0.1.0, the CPIO extraction functionality doesn't sanitize the paths of the archived files for leading and non-leading ".." which leads in file extraction outside of the current directory. Note: the fixing commit…

  • CVE-2020-10280HigJun 24, 2020
    risk 0.49cvss 7.5epss 0.01

    The Apache server on port 80 that host the web interface is vulnerable to a DoS by spamming incomplete HTTP headers, effectively blocking the access to the dashboard.

  • CVE-2020-10274HigJun 24, 2020
    risk 0.46cvss 7.1epss 0.01

    The access tokens for the REST API are directly derived (sha256 and base64 encoding) from the publicly available default credentials from the Control Dashboard (refer to CVE-2020-10270 for related flaws). This flaw in combination with CVE-2020-10273 allows any attacker connected…

  • CVE-2020-10273HigJun 24, 2020
    risk 0.49cvss 7.5epss 0.01

    MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way the intellectual property artifacts installed in the robots. This flaw allows attackers with access to the robot or the robot network (while in combination with other flaws) to…

  • CVE-2020-12033HigJun 23, 2020
    risk 0.57cvss 8.8epss 0.01

    In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate supplied identifiers, which could allow an unauthenticated, adjacent attacker to execute remote COM objects with elevated privileges.

  • CVE-2020-5367HigJun 23, 2020
    risk 0.48cvss 7.4epss 0.01

    Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially…

  • CVE-2020-14978HigJun 23, 2020
    risk 0.53cvss 8.1epss 0.03

    An issue was discovered in F-Secure SAFE 17.7 on macOS. Due to incorrect client version verification, an attacker can connect to a privileged XPC service, and execute privileged commands on the system. NOTE: the attacker needs to execute code on an already compromised machine.

  • CVE-2020-14977HigJun 23, 2020
    risk 0.53cvss 8.1epss 0.03

    An issue was discovered in F-Secure SAFE 17.7 on macOS. The XPC services use the PID to identify the connecting client, which allows an attacker to perform a PID reuse attack and connect to a privileged XPC service, and execute privileged commands on the system. NOTE: the…

  • CVE-2020-14975HigJun 23, 2020
    risk 0.51cvss 7.8epss 0.01

    The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to delete, move, or copy arbitrary files via IOCTL code 0x222124.

  • CVE-2020-14974HigJun 23, 2020
    risk 0.46cvss 7.1epss 0.01

    The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to unlock a file and kill processes (even ones running as SYSTEM) that hold a handle, via IOCTL code 0x222124.

  • CVE-2020-13155HigJun 23, 2020
    risk 0.57cvss 8.8epss 0.01

    clearsystem.php in NukeViet 4.4 allows CSRF with resultant HTML injection via the deltype parameter to the admin/index.php?nv=webtools&op=clearsystem URI.

  • CVE-2020-7668HigJun 23, 2020
    risk 0.42cvss 7.5epss 0.01

    In all versions of the package github.com/unknwon/cae/tz, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading "..". This allows an attacker to add or replace files system-wide.

  • CVE-2020-7664HigJun 23, 2020
    risk 0.42cvss 7.5epss 0.01

    In all versions of the package github.com/unknwon/cae/zip, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading "..". This allows an attacker to add or replace files system-wide.

  • CVE-2020-14971HigJun 23, 2020
    risk 0.00cvss 7.8epss 0.01

    Pi-hole through 5.0 allows code injection in piholedhcp (the Static DHCP Leases section) by modifying Teleporter backup files and then restoring them. This occurs in settings.php. To exploit this, an attacker would request a backup of limited files via teleporter.php. These are…

  • CVE-2020-14940HigJun 23, 2020
    risk 0.49cvss 7.5epss 0.04

    An issue was discovered in io/gpx/GPXDocumentReader.java in TuxGuitar 1.5.4. It uses misconfigured XML parsers, leading to XXE while loading GP6 (.gpx) and GP7 (.gp) tablature files.

  • CVE-2020-14939HigJun 23, 2020
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in savestruct_internal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game's state. A file can be modified to put any Lua code inside, leading to arbitrary code execution while loading.

  • CVE-2020-14945HigJun 22, 2020
    risk 0.61cvss 8.8epss 0.11

    A privilege escalation vulnerability exists within Global RADAR BSA Radar 1.6.7234.24750 and earlier that allows an authenticated, low-privileged user to escalate their privileges to administrator rights (i.e., the BankAdmin role) via modified SaveUser data.

  • CVE-2020-14990HigJun 22, 2020
    risk 0.46cvss 7.1epss 0.01

    IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain privileges for file deletion by manipulating the Clean & Optimize feature with an NTFS junction and an Object Manager symbolic link.

  • CVE-2020-14049HigJun 22, 2020
    risk 0.49cvss 7.5epss 0.02

    Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password…

  • CVE-2020-13158HigJun 22, 2020
    risk 0.53cvss 7.5epss 0.54

    Artica Proxy before 4.30.000000 Community Edition allows Directory Traversal via the fw.progrss.details.php popup parameter.