VYPR

CVEs

101,972 total · page 1468 of 2,040

  • CVE-2020-14440HigJun 18, 2020
    risk 0.57cvss 8.8epss 0.03

    Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25,…

  • CVE-2020-14439HigJun 18, 2020
    risk 0.57cvss 8.8epss 0.02

    Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25,…

  • CVE-2020-14438HigJun 18, 2020
    risk 0.57cvss 8.8epss 0.02

    Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25,…

  • CVE-2020-14437HigJun 18, 2020
    risk 0.57cvss 8.8epss 0.02

    Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25,…

  • CVE-2020-14436HigJun 18, 2020
    risk 0.57cvss 8.8epss 0.02

    Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25,…

  • CVE-2020-14435HigJun 18, 2020
    risk 0.57cvss 8.8epss 0.01

    Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects SRK60 before 2.5.2.104, SRS60 before 2.5.2.104, SRR60 before 2.5.2.104, SRK60B03 before 2.5.2.104, SRK60B04 before 2.5.2.104, SRK60B05 before 2.5.2.104, and SRK60B06 before…

  • CVE-2020-14432HigJun 18, 2020
    risk 0.57cvss 8.8epss 0.00

    Certain NETGEAR devices are affected by CSRF. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before…

  • CVE-2020-14431HigJun 18, 2020
    risk 0.57cvss 8.8epss 0.01

    Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840…

  • CVE-2020-14430HigJun 18, 2020
    risk 0.57cvss 8.8epss 0.01

    Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840…

  • CVE-2020-14429HigJun 18, 2020
    risk 0.57cvss 8.8epss 0.01

    Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects MK62 before 1.0.4.92, MK63 before 1.0.4.92, MR60 before 1.0.4.92, MS60 before 1.0.4.92, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBS750 before…

  • CVE-2020-14428HigJun 18, 2020
    risk 0.57cvss 8.8epss 0.01

    Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840…

  • CVE-2020-14427HigJun 18, 2020
    risk 0.57cvss 8.8epss 0.01

    Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840…

  • CVE-2020-14426HigJun 18, 2020
    risk 0.57cvss 8.8epss 0.01

    Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBK853 before 3.2.10.11, RBR850…

  • CVE-2020-9225HigJun 18, 2020
    risk 0.51cvss 7.8epss 0.00

    FusionSphere OpenStack 6.5.1 have an improper permissions management vulnerability. The software does not correctly perform a privilege assignment when an actor attempts to perform an action. Successful exploit could allow certain user to do certain operations beyond its…

  • CVE-2017-9108HigJun 18, 2020
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in adns before 1.5.2. adnshost mishandles a missing final newline on a stdin read. It is wrong to increment used as well as setting r, since used is incremented according to r, later. Rather one should be doing what read() would have done. Without this…

  • CVE-2017-9107HigJun 18, 2020
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in adns before 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with \, and adns_qf_quoteok_query was specified, qdparselabel would read additional bytes from the buffer and try to treat them as the escape…

  • CVE-2017-9106HigJun 18, 2020
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in adns before 1.5.2. adns_rr_info mishandles a bogus *datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer. This is correct if the input is in the right range; if it isn't, the buffer may be overrun (depending on the…

  • CVE-2017-9105HigJun 18, 2020
    risk 0.57cvss 8.8epss 0.04

    An issue was discovered in adns before 1.5.2. It corrupts a pointer when a nameserver speaks first because of a wrong number of pointer dereferences. This bug may well be exploitable as a remote code execution.

  • CVE-2020-14421HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.06

    aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via the Script Content box on the Add Cron Job screen.

  • CVE-2020-3361HigJun 18, 2020
    risk 0.53cvss 8.1epss 0.02

    A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to gain unauthorized access to a vulnerable Webex site. The vulnerability is due to improper handling of authentication tokens by a vulnerable Webex site. An…

  • CVE-2020-3342HigJun 18, 2020
    risk 0.58cvss 8.8epss 0.04

    A vulnerability in the software update feature of Cisco Webex Meetings Desktop App for Mac could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability is due to improper validation of cryptographic protections on files that…

  • CVE-2020-3336HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.02

    A vulnerability in the software upgrade process of Cisco TelePresence Collaboration Endpoint Software and Cisco RoomOS Software could allow an authenticated, remote attacker to modify the filesystem to cause a denial of service (DoS) or gain privileged access to the root…

  • CVE-2020-3296HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code…

  • CVE-2020-3295HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code…

  • CVE-2020-3294HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code…

  • CVE-2020-3293HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code…

  • CVE-2020-3292HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code…

  • CVE-2020-3291HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code…

  • CVE-2020-3290HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code…

  • CVE-2020-3289HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code…

  • CVE-2020-3288HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code…

  • CVE-2020-3287HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code…

  • CVE-2020-3286HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code…

  • CVE-2020-3279HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary…

  • CVE-2020-3278HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary…

  • CVE-2020-3277HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary…

  • CVE-2020-3276HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary…

  • CVE-2020-3275HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary…

  • CVE-2020-3274HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary…

  • CVE-2020-3269HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands. For more information about these vulnerabilities,…

  • CVE-2020-3268HigJun 18, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands. For more information about these vulnerabilities,…

  • CVE-2020-3263HigJun 18, 2020
    risk 0.49cvss 7.5epss 0.04

    A vulnerability in Cisco Webex Meetings Desktop App could allow an unauthenticated, remote attacker to execute programs on an affected end-user system. The vulnerability is due to improper validation of input that is supplied to application URLs. The attacker could exploit this…

  • CVE-2020-14157HigJun 17, 2020
    risk 0.53cvss 8.1epss 0.01

    The wireless-communication feature of the ABUS Secvest FUBE50001 device does not encrypt sensitive data such as PIN codes or IDs of used proximity chip keys (RFID tokens). This makes it easier for an attacker to disarm the wireless alarm system.

  • CVE-2020-14040HigJun 17, 2020
    risk 0.42cvss 7.5epss 0.02

    The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM…

  • CVE-2020-6869HigJun 17, 2020
    risk 0.53cvss 8.1epss 0.01

    All versions up to 10.06 of ZTEMarket APK are impacted by an information leak vulnerability. Due to Activity Component exposure users can exploit this vulnerability to get the private cookie and execute silent installation.

  • CVE-2020-9332HigJun 17, 2020
    risk 0.51cvss 7.8epss 0.01

    ftusbbus2.sys in FabulaTech USB for Remote Desktop through 2020-02-19 allows privilege escalation via crafted IoCtl code related to a USB HID device.

  • CVE-2020-13637HigJun 17, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and possibly other platforms. It stores the client_key, the device_id, and the public key for end-to-end encryption in cleartext, enabling an attacker (by copying or having access to the…

  • CVE-2019-9944HigJun 17, 2020
    risk 0.49cvss 7.5epss 0.01

    In Open Microscopy Environment OMERO.server 5.0.0 through 5.6.0, the reading of files from imported image filesets may circumvent OMERO permissions restrictions. This occurs because the Bio-Formats feature allows an image file to have embedded pathnames.

  • CVE-2019-9943HigJun 17, 2020
    risk 0.49cvss 7.5epss 0.01

    In ome.services.graphs.GraphTraversal.findObjectDetails in Open Microscopy Environment OMERO.server 5.1.0 through 5.6.0, permissions on OMERO model objects may be circumvented during certain operations such as move and delete, because group permissions are mishandled.

  • CVE-2020-14400HigJun 17, 2020
    risk 0.00cvss 7.5epss 0.03

    An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary