VYPR

CVEs

101,975 total · page 1466 of 2,040

  • CVE-2020-11520HigJun 22, 2020
    risk 0.51cvss 7.8epss 0.00

    The SDDisk2k.sys driver of WinMagic SecureDoc v8.5 and earlier allows local users to write to arbitrary kernel memory addresses because the IOCTL dispatcher lacks pointer validation. Exploiting this vulnerability results in privileged code execution.

  • CVE-2020-11519HigJun 22, 2020
    risk 0.51cvss 7.8epss 0.01

    The SDDisk2k.sys driver of WinMagic SecureDoc v8.5 and earlier allows local users to read or write to physical disc sectors via a \\.\SecureDocDevice handle. Exploiting this vulnerability results in privileged code execution.

  • CVE-2020-10736HigJun 22, 2020
    risk 0.52cvss 8.0epss 0.01

    An authorization bypass vulnerability was found in Ceph versions 15.2.0 before 15.2.2, where the ceph-mon and ceph-mgr daemons do not properly restrict access, resulting in gaining access to unauthorized resources. This flaw allows an authenticated client to modify the…

  • CVE-2019-14894HigJun 22, 2020
    risk 0.52cvss 8.0epss 0.04

    A flaw was found in the CloudForms management engine version 5.10 and CloudForms management version 5.11, which triggered remote code execution through NFS schedule backup. An attacker logged into the management console could use this flaw to execute arbitrary shell commands on…

  • CVE-2020-6644HigJun 22, 2020
    risk 0.53cvss 8.1epss 0.01

    An insufficient session expiration vulnerability in FortiDeceptor 3.0.0 and below allows an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID via other, hypothetical attacks.

  • CVE-2020-4062HigJun 22, 2020
    risk 0.50cvss 8.7epss 0.01

    In Conjur OSS Helm Chart before 2.0.0, a recently identified critical vulnerability resulted in the installation of the Conjur Postgres database with an open port. This allows an attacker to gain full read & write access to the Conjur Postgres database, including escalating the…

  • CVE-2020-13887HigJun 22, 2020
    risk 0.57cvss 8.8epss 0.02

    documents_add.php in Kordil EDMS through 2.2.60rc3 allows Remote Command Execution because .php files can be uploaded to the documents folder.

  • CVE-2020-13279HigJun 22, 2020
    risk 0.56cvss 8.6epss 0.01

    Client side code execution in gitlab-vscode-extension v2.2.0 allows attacker to execute code on user system

  • CVE-2020-8933HigJun 22, 2020
    risk 0.00cvss 7.8epss 0.00

    A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and…

  • CVE-2020-8907HigJun 22, 2020
    risk 0.00cvss 7.8epss 0.00

    A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to…

  • CVE-2020-8903HigJun 22, 2020
    risk 0.00cvss 7.8epss 0.00

    A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read…

  • CVE-2020-14461HigJun 22, 2020
    risk 0.60cvss 8.6epss 0.10

    Zyxel Armor X1 WAP6806 1.00(ABAL.6)C0 devices allow Directory Traversal via the images/eaZy/ URI.

  • CVE-2020-14204HigJun 22, 2020
    risk 0.53cvss 8.2epss 0.02

    In WebFOCUS Business Intelligence 8.0 (SP6), the administration portal allows remote attackers to read arbitrary local files or forge server-side HTTP requests via a crafted HTTP request to /ibi_apps/WFServlet.cfg because XML external entity injection is possible. This is…

  • CVE-2020-14203HigJun 22, 2020
    risk 0.57cvss 8.8epss 0.00

    WebFOCUS Business Intelligence 8.0 (SP6) allows a Cross-Site Request Forgery (CSRF) attack against administrative users within the /ibi_apps/WFServlet(.ibfs) endpoint. The impact may be creation of an administrative user. It can also be exploited in conjunction with…

  • CVE-2020-14969HigJun 22, 2020
    risk 0.49cvss 7.5epss 0.01

    app/Model/Attribute.php in MISP 2.4.127 lacks an ACL lookup on attribute correlations. This occurs when querying the attribute restsearch API, revealing metadata about a correlating but unreachable attribute.

  • CVE-2020-14966HigJun 22, 2020
    risk 0.42cvss 7.5epss 0.01

    An issue was discovered in the jsrsasign package through 8.0.18 for Node.js. It allows a malleability in ECDSA signatures by not checking overflows in the length of a sequence and '0' characters appended or prepended to an integer. The modified signatures are verified as valid.…

  • CVE-2020-8102HigJun 22, 2020
    risk 0.57cvss 8.8epss 0.01

    Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external, specially crafted web page to run remote commands inside the Safepay Utility process. This issue affects Bitdefender Total Security 2020 versions prior…

  • CVE-2020-3676HigJun 22, 2020
    risk 0.51cvss 7.8epss 0.00

    Possible memory corruption in perfservice due to improper validation array length taken from user application. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, Kamorta, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953,…

  • CVE-2020-3665HigJun 22, 2020
    risk 0.51cvss 7.8epss 0.00

    A possible buffer overflow would occur while processing command from firmware due to the group_id obtained from the firmware being out of range in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,…

  • CVE-2020-3642HigJun 22, 2020
    risk 0.51cvss 7.8epss 0.00

    Use after free issue in camera applications when used randomly over multiple operations due to pointer not set to NULL after free/destroy of the object in Snapdragon Consumer IOT, Snapdragon Mobile in Kamorta, QCS605, Rennell, Saipan, SDM670, SDM710, SDM845, SM6150, SM7150,…

  • CVE-2020-3635HigJun 22, 2020
    risk 0.51cvss 7.8epss 0.00

    Stack based overflow If the maximum number of arguments allowed per request in perflock exceeds in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917,…

  • CVE-2020-3626HigJun 22, 2020
    risk 0.51cvss 7.8epss 0.00

    Any application can bind to it and exercise the APIs due to no protection for AIDL uimlpaservice in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8905, MSM8909W,…

  • CVE-2020-3613HigJun 22, 2020
    risk 0.51cvss 7.8epss 0.00

    Double free issue in kernel memory mapping due to lack of memory protection mechanism in Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in SM8150

  • CVE-2019-14094HigJun 22, 2020
    risk 0.51cvss 7.8epss 0.00

    Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial…

  • CVE-2019-14091HigJun 22, 2020
    risk 0.51cvss 7.8epss 0.00

    Double free issue in NPU due to lack of resource locking mechanism to avoid race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, QCS405, Rennell, Saipan, SC8180X, SDX55,…

  • CVE-2019-14076HigJun 22, 2020
    risk 0.51cvss 7.8epss 0.00

    Buffer overflow occurs while processing an subsample data length out of range due to lack of user input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,…

  • CVE-2019-14047HigJun 22, 2020
    risk 0.51cvss 7.8epss 0.00

    While IPA driver processes route add rule IOCTL, there is no input validation of the rule ID prior to adding the rule to the IPA HW commit list in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,…

  • CVE-2019-10597HigJun 22, 2020
    risk 0.51cvss 7.8epss 0.00

    kernel writes to user passed address without any checks can lead to arbitrary memory write in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, MSM8996,…

  • CVE-2020-14960HigJun 22, 2020
    risk 0.47cvss 7.2epss 0.02

    A SQL injection vulnerability in PHP-Fusion 9.03.50 affects the endpoint administration/comments.php via the ctype parameter,

  • CVE-2020-14950HigJun 21, 2020
    risk 0.57cvss 8.8epss 0.03

    aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via shell metacharacters in a modified /system?action=ServiceAdmin request (start, stop, or restart) to the setting menu of Sotfware Store.

  • CVE-2020-14933HigJun 20, 2020
    risk 0.57cvss 8.8epss 0.01

    compose.php in SquirrelMail 1.4.22 calls unserialize for the $attachments value, which originates from an HTTP POST request. NOTE: the vendor disputes this because these two conditions for PHP object injection are not satisfied: existence of a PHP magic method (such as __wakeup…

  • CVE-2020-13263HigJun 19, 2020
    risk 0.49cvss 7.5epss 0.01

    An authorization issue relating to project maintainer impersonation was identified in GitLab EE 9.5 and later through 13.0.1 that could allow unauthorized users to impersonate as a maintainer to perform limited actions.

  • CVE-2020-13276HigJun 19, 2020
    risk 0.48cvss 7.4epss 0.01

    User is allowed to set an email as a notification email even without verifying the new email in all previous GitLab CE/EE versions through 13.0.1

  • CVE-2020-13275HigJun 19, 2020
    risk 0.52cvss 8.0epss 0.01

    A user with an unverified email address could request an access to domain restricted groups in GitLab EE 12.2 and later through 13.0.1

  • CVE-2020-13274HigJun 19, 2020
    risk 0.49cvss 7.5epss 0.01

    A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1

  • CVE-2020-13273HigJun 19, 2020
    risk 0.49cvss 7.5epss 0.01

    A Denial of Service vulnerability allowed exhausting the system resources in GitLab CE/EE 12.0 and later through 13.0.1

  • CVE-2020-13272HigJun 19, 2020
    risk 0.49cvss 7.5epss 0.01

    OAuth flow missing verification checks CE/EE 12.3 and later through 13.0.1 allows unverified user to use OAuth authorization code flow

  • CVE-2020-14930HigJun 19, 2020
    risk 0.56cvss 8.1epss 0.03

    An issue was discovered in BT CTROMS Terminal OS Port Portal CT-464. Account takeover can occur because the password-reset feature discloses the verification token. Upon a getverificationcode.jsp request, this token is transmitted not only to the registered phone number of the…

  • CVE-2019-20891HigJun 19, 2020
    risk 0.50cvss 8.8epss 0.01

    WooCommerce before 3.6.5, when it handles CSV imports of products, has a cross-site request forgery (CSRF) issue with resultant stored cross-site scripting (XSS) via includes/admin/importers/class-wc-product-csv-importer-controller.php.

  • CVE-2020-10750HigJun 19, 2020
    risk 0.39cvss 7.1epss 0.00

    Sensitive information written to a log file vulnerability was found in jaegertracing/jaeger before version 1.18.1 when the Kafka data store is used. This flaw allows an attacker with access to the container's log file to discover the Kafka credentials.

  • CVE-2017-18917HigJun 19, 2020
    risk 0.42cvss 7.5epss 0.01

    An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. Weak hashing was used for e-mail invitations, OAuth, and e-mail verification tokens.

  • CVE-2017-18906HigJun 19, 2020
    risk 0.46cvss 8.1epss 0.01

    An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2, when Single Sign-On OAuth2 is used. An attacker could claim somebody else's account.

  • CVE-2016-11069HigJun 19, 2020
    risk 0.42cvss 7.5epss 0.01

    An issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at password change.

  • CVE-2016-11066HigJun 19, 2020
    risk 0.42cvss 7.5epss 0.01

    An issue was discovered in Mattermost Server before 3.2.0. The initial_load API disclosed unnecessary personal information.

  • CVE-2015-9548HigJun 19, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Mattermost Server before 1.2.0. It allows attackers to cause a denial of service (memory consumption) via a small compressed file that has a large size when uncompressed.

  • CVE-2020-14929HigJun 19, 2020
    risk 0.49cvss 7.5epss 0.02

    Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.

  • CVE-2017-18909HigJun 19, 2020
    risk 0.42cvss 7.5epss 0.01

    An issue was discovered in Mattermost Server before 3.9.0 when SAML is used. Encryption and signature verification are not mandatory.

  • CVE-2017-18903HigJun 19, 2020
    risk 0.50cvss 8.8epss 0.00

    An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. CSRF can occur if CORS is enabled.

  • CVE-2017-18894HigJun 19, 2020
    risk 0.53cvss 8.1epss 0.01

    An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. Sometimes. resource-owner authorization is bypassed, allowing account takeover.

  • CVE-2017-18886HigJun 19, 2020
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows a bypass of restrictions on use of slash commands.