VYPR

CVEs

101,972 total · page 1469 of 2,040

  • CVE-2020-14399HigJun 17, 2020
    risk 0.00cvss 7.5epss 0.03

    An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed.

  • CVE-2020-14398HigJun 17, 2020
    risk 0.00cvss 7.5epss 0.03

    An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c.

  • CVE-2020-14397HigJun 17, 2020
    risk 0.00cvss 7.5epss 0.03

    An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.

  • CVE-2020-14396HigJun 17, 2020
    risk 0.00cvss 7.5epss 0.03

    An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.

  • CVE-2019-20840HigJun 17, 2020
    risk 0.00cvss 7.5epss 0.03

    An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.

  • CVE-2019-20839HigJun 17, 2020
    risk 0.00cvss 7.5epss 0.04

    libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.

  • CVE-2018-21247HigJun 17, 2020
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

  • CVE-2020-14295HigJun 17, 2020
    risk 0.57cvss 7.2epss 0.86

    A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries.

  • CVE-2020-12827HigJun 17, 2020
    risk 0.40cvss 7.2epss 0.03

    MJML prior to 4.6.3 contains a path traversal vulnerability when processing the mj-include directive within an MJML document.

  • CVE-2020-13224HigJun 17, 2020
    risk 0.57cvss 8.8epss 0.02

    TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices…

  • CVE-2020-11904HigJun 17, 2020
    risk 0.48cvss 7.3epss 0.03

    The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write.

  • CVE-2020-11902HigJun 17, 2020
    risk 0.48cvss 7.3epss 0.09

    The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read.

  • CVE-2020-11900HigJun 17, 2020
    risk 0.54cvss 8.2epss 0.13

    The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free.

  • CVE-2020-4054HigJun 16, 2020
    risk 0.41cvss 7.3epss 0.02

    In Sanitize (RubyGem sanitize) greater than or equal to 3.0.0 and less than 5.2.1, there is a cross-site scripting vulnerability. When HTML is sanitized using Sanitize's "relaxed" config, or a custom config that allows certain elements, some content in a math or svg element may…

  • CVE-2020-14212HigJun 16, 2020
    risk 0.57cvss 8.8epss 0.02

    FFmpeg through 4.3 has a heap-based buffer overflow in avio_get_str in libavformat/aviobuf.c because dnn_backend_native.c calls ff_dnn_load_model_native and a certain index check is omitted.

  • CVE-2020-9289HigJun 16, 2020
    risk 0.49cvss 7.5epss 0.02

    Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in FortiManager 6.2.3 and below, FortiAnalyzer 6.2.3 and below may allow an attacker with access to the CLI configuration or the CLI backup file to decrypt the sensitive data, via knowledge of…

  • CVE-2020-7513HigJun 16, 2020
    risk 0.49cvss 7.5epss 0.01

    A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to intercept traffic and read configuration data.

  • CVE-2020-7511HigJun 16, 2020
    risk 0.49cvss 7.5epss 0.01

    A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to acquire a password by brute force.

  • CVE-2020-7510HigJun 16, 2020
    risk 0.49cvss 7.5epss 0.01

    A CWE-200: Information Exposure vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow attacker to obtain private keys.

  • CVE-2020-7509HigJun 16, 2020
    risk 0.47cvss 7.2epss 0.01

    A CWE-269: Improper privilege management (write) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to elevate their privileges and delete files.

  • CVE-2020-7507HigJun 16, 2020
    risk 0.49cvss 7.5epss 0.01

    A CWE-400: Uncontrolled Resource Consumption vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to login multiple times resulting in a denial of service.

  • CVE-2020-7506HigJun 16, 2020
    risk 0.49cvss 7.5epss 0.01

    A CWE-200: Information Exposure vulnerability exists in Easergy T300, Firmware V1.5.2 and prior, which could allow an attacker to pack or unpack the archive with the firmware for the controller and modules using the usual tar archiver resulting in an information exposure.

  • CVE-2020-7505HigJun 16, 2020
    risk 0.47cvss 7.2epss 0.01

    A CWE-494 Download of Code Without Integrity Check vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to inject data with dangerous content into the firmware and execute arbitrary code on the system.

  • CVE-2020-7503HigJun 16, 2020
    risk 0.57cvss 8.8epss 0.01

    A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to execute malicious commands on behalf of a legitimate user when xsrf-token data is intercepted.

  • CVE-2020-7502HigJun 16, 2020
    risk 0.49cvss 7.5epss 0.02

    A CWE-787: Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (Firmware version 4.3 and prior), which may cause a Denial of Service when specific TCP/IP crafted packets are sent to the Modicon M218 Logic Controller.

  • CVE-2020-7501HigJun 16, 2020
    risk 0.57cvss 8.8epss 0.01

    A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 16 and prior) and Vijeo Designer (V6.2 SP9 and prior) which could cause unauthorized read and write when downloading and uploading project or firmware into Vijeo Designer Basic and…

  • CVE-2020-7496HigJun 16, 2020
    risk 0.51cvss 7.8epss 0.01

    A CWE-88: Argument Injection or Modification vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)which could cause unauthorized write access when opening the project file.

  • CVE-2020-7494HigJun 16, 2020
    risk 0.51cvss 7.8epss 0.01

    A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause malicious code execution when opening the project…

  • CVE-2020-7493HigJun 16, 2020
    risk 0.51cvss 7.8epss 0.01

    A CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause malicious code execution when opening the…

  • CVE-2020-13162HigJun 16, 2020
    risk 0.46cvss 7.0epss 0.01

    A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges.

  • CVE-2020-14195HigJun 16, 2020
    risk 0.46cvss 8.1epss 0.05

    FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).

  • CVE-2020-8543HigJun 16, 2020
    risk 0.49cvss 7.5epss 0.02

    OX App Suite through 7.10.3 has Improper Input Validation.

  • CVE-2020-4310HigJun 16, 2020
    risk 0.49cvss 7.5epss 0.02

    IBM MQ and MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C are vulnerable to a denial of service attack due to an error within the Data Conversion logic. IBM X-Force ID: 177081.

  • CVE-2020-0234HigJun 16, 2020
    risk 0.51cvss 7.8epss 0.00

    In crus_afe_get_param of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2019-18614HigJun 16, 2020
    risk 0.51cvss 7.8epss 0.00

    On the Cypress CYW20735 evaluation board, any data that exceeds 384 bytes is copied and causes an overflow. This is because the maximum BLOC buffer size for sending and receiving data is set to 384 bytes, but everything else is still configured to the usual size of 1092 (which…

  • CVE-2020-13431HigJun 16, 2020
    risk 0.51cvss 7.8epss 0.00

    I2P before 0.9.46 allows local users to gain privileges via a Trojan horse I2PSvc.exe file because of weak permissions on a certain %PROGRAMFILES% subdirectory.

  • CVE-2020-14163HigJun 15, 2020
    risk 0.00cvss 7.5epss 0.01

    An issue was discovered in ecma/operations/ecma-container-object.c in JerryScript 2.2.0. Operations with key/value pairs did not consider the case where garbage collection is triggered after the key operation but before the value operation, as demonstrated by improper read…

  • CVE-2020-5755HigJun 15, 2020
    risk 0.51cvss 7.8epss 0.00

    Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming. This could allow attackers to trigger a crash or wait upon Webroot service restart to rewrite and hijack dlls in this directory for privilege escalation.

  • CVE-2020-5742HigJun 15, 2020
    risk 0.57cvss 8.8epss 0.01

    Improper Access Control in Plex Media Server prior to June 15, 2020 allows any origin to execute cross-origin application requests.

  • CVE-2020-12005HigJun 15, 2020
    risk 0.49cvss 7.5epss 0.02

    FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…

  • CVE-2020-12003HigJun 15, 2020
    risk 0.49cvss 7.5epss 0.05

    FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…

  • CVE-2020-11999HigJun 15, 2020
    risk 0.53cvss 8.1epss 0.03

    FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…

  • CVE-2020-14159HigJun 15, 2020
    risk 0.57cvss 8.8epss 0.02

    By using an Automate API in ConnectWise Automate before 2020.5.178, a remote authenticated user could execute commands and/or modifications within an individual Automate instance by triggering an SQL injection vulnerability in /LabTech/agent.aspx. This affects versions before…

  • CVE-2020-13651HigJun 15, 2020
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in DigDash 2018R2 before p20200528, 2019R1 before p20200421, and 2019R2 before p20200430. It allows a user to provide data that will be used to generate the JNLP file used by a client to obtain the right Java application. By providing an…

  • CVE-2020-13650HigJun 15, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in DigDash 2018R2 before p20200210 and 2019R1 before p20200210. The login page is vulnerable to Server-Side Request Forgery (SSRF) that allows use of the application as a proxy. Sent to an external server, a forged request discloses application…

  • CVE-2020-14156HigJun 15, 2020
    risk 0.00cvss 8.8epss 0.02

    user_channel/passwd_mgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /etc/ipmi-pass has strong file permissions.

  • CVE-2020-14149HigJun 15, 2020
    risk 0.49cvss 7.5epss 0.02

    In uftpd before 2.12, handle_CWD in ftpcmd.c mishandled the path provided by the user, causing a NULL pointer dereference and denial of service, as demonstrated by a CWD /.. command.

  • CVE-2020-14148HigJun 15, 2020
    risk 0.00cvss 7.5epss 0.03

    The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function.

  • CVE-2020-14147HigJun 15, 2020
    risk 0.00cvss 7.7epss 0.03

    An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox…

  • CVE-2020-14153HigJun 15, 2020
    risk 0.46cvss 7.1epss 0.01

    In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers.