VYPR

CVEs

101,972 total · page 1470 of 2,040

  • CVE-2020-14152HigJun 15, 2020
    risk 0.46cvss 7.1epss 0.01

    In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption.

  • CVE-2019-20838HigJun 15, 2020
    risk 0.49cvss 7.5epss 0.03

    libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.

  • CVE-2020-3961HigJun 15, 2020
    risk 0.51cvss 7.8epss 0.00

    VMware Horizon Client for Windows (prior to 5.4.3) contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries. A local user on the system where the software is installed may exploit this issue to run commands as any user.

  • CVE-2020-13150HigJun 15, 2020
    risk 0.51cvss 7.8epss 0.00

    D-link DSL-2750U ISL2750UEME3.V1E devices allow approximately 90 seconds of access to the control panel, after a restart, before MAC address filtering rules become active.

  • CVE-2020-4494HigJun 15, 2020
    risk 0.49cvss 7.5epss 0.02

    IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow an attacker to bypass authentication…

  • CVE-2020-4470HigJun 15, 2020
    risk 0.52cvss 8.0epss 0.02

    IBM Spectrum Protect Plus 10.1.0 through 10.1.5 Administrative Console could allow an authenticated attacker to upload arbitrary files which could be execute arbitrary code on the vulnerable server. IBM X-Force ID: 181725.

  • CVE-2020-0597HigJun 15, 2020
    risk 0.49cvss 7.5epss 0.03

    Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 14.0.33 may allow an unauthenticated user to potentially enable denial of service via network access.

  • CVE-2020-0596HigJun 15, 2020
    risk 0.49cvss 7.5epss 0.02

    Improper input validation in DHCPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access.

  • CVE-2020-0586HigJun 15, 2020
    risk 0.51cvss 7.8epss 0.00

    Improper initialization in subsystem for Intel(R) SPS versions before SPS_E3_04.01.04.109.0 and SPS_E3_04.08.04.070.0 may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access.

  • CVE-2020-0542HigJun 15, 2020
    risk 0.51cvss 7.8epss 0.00

    Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.

  • CVE-2020-0540HigJun 15, 2020
    risk 0.49cvss 7.5epss 0.02

    Insufficiently protected credentials in Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access.

  • CVE-2020-0538HigJun 15, 2020
    risk 0.49cvss 7.5epss 0.02

    Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable denial of service via network access.

  • CVE-2020-0536HigJun 15, 2020
    risk 0.49cvss 7.5epss 0.02

    Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.0.33 and Intel(R) TXE versions before 3.1.75 and 4.0.25 may allow an unauthenticated user to potentially enable information disclosure via network…

  • CVE-2020-0534HigJun 15, 2020
    risk 0.49cvss 7.5epss 0.02

    Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an unauthenticated user to potentially enable denial of service via network access.

  • CVE-2020-0532HigJun 15, 2020
    risk 0.46cvss 7.1epss 0.01

    Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.

  • CVE-2020-0529HigJun 15, 2020
    risk 0.51cvss 7.8epss 0.00

    Improper initialization in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an unauthenticated user to potentially enable escalation of privilege via local access.

  • CVE-2020-0528HigJun 15, 2020
    risk 0.51cvss 7.8epss 0.00

    Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access.

  • CVE-2019-19109HigJun 15, 2020
    risk 0.57cvss 8.8epss 0.01

    The wpForo plugin 1.6.5 for WordPress allows wp-admin/admin.php?page=wpforo-usergroups CSRF.

  • CVE-2020-14076HigJun 15, 2020
    risk 0.57cvss 8.8epss 0.03

    TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action st_dev_connect, st_dev_disconnect, or st_dev_rconnect with a…

  • CVE-2020-14081HigJun 15, 2020
    risk 0.57cvss 8.8epss 0.02

    TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action send_log_email with the key auth_acname (or auth_passwd), allowing an authenticated user to run arbitrary commands on the device.

  • CVE-2020-14079HigJun 15, 2020
    risk 0.57cvss 8.8epss 0.02

    TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action auto_up_fw (or auto_up_lp) with a sufficiently long update_file_name…

  • CVE-2020-14078HigJun 15, 2020
    risk 0.57cvss 8.8epss 0.02

    TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wifi_captive_portal_login with a sufficiently long REMOTE_ADDR key.

  • CVE-2020-14077HigJun 15, 2020
    risk 0.57cvss 8.8epss 0.02

    TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action set_sta_enrollee_pin_wifi1 (or set_sta_enrollee_pin_wifi0) with a…

  • CVE-2020-14075HigJun 15, 2020
    risk 0.57cvss 8.8epss 0.03

    TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action pppoe_connect, ru_pppoe_connect, or dhcp_connect with the key wan_ifname (or wan0_dns), allowing an authenticated user to run arbitrary commands on the device.

  • CVE-2020-14074HigJun 15, 2020
    risk 0.57cvss 8.8epss 0.02

    TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action kick_ban_wifi_mac_allow with a sufficiently long…

  • CVE-2020-14060HigJun 14, 2020
    risk 0.46cvss 8.1epss 0.09

    FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).

  • CVE-2020-14062HigJun 14, 2020
    risk 0.46cvss 8.1epss 0.08

    FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).

  • CVE-2020-14061HigJun 14, 2020
    risk 0.46cvss 8.1epss 0.04

    FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory,…

  • CVE-2020-10752HigJun 12, 2020
    risk 0.00cvss 7.5epss 0.01

    A flaw was found in the OpenShift API Server, where it failed to sufficiently protect OAuthTokens by leaking them into the logs when an API Server panic occurred. This flaw allows an attacker with the ability to cause an API Server error to read the logs, and use the leaked…

  • CVE-2019-15123HigJun 12, 2020
    risk 0.47cvss 7.2epss 0.02

    The Branding Module in Viki Vera 4.9.1.26180 allows an authenticated user to change the logo on the website. An attacker could use this to upload a malicious .aspx file and gain Remote Code Execution on the site.

  • CVE-2020-14004HigJun 12, 2020
    risk 0.00cvss 7.8epss 0.01

    An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script (run as part of the icinga2 systemd service) executes chmod 2750 /run/icinga2/cmd. /run/icinga2 is under control of an unprivileged user by default. If /run/icinga2/cmd is a symlink, then it will by…

  • CVE-2020-9645HigJun 12, 2020
    risk 0.49cvss 7.5epss 0.03

    Adobe Experience Manager versions 6.5 and earlier have a blind server-side request forgery (ssrf) vulnerability. Successful exploitation could lead to sensitive information disclosure.

  • CVE-2020-9643HigJun 12, 2020
    risk 0.49cvss 7.5epss 0.03

    Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. Successful exploitation could lead to sensitive information disclosure.

  • CVE-2020-9636HigJun 12, 2020
    risk 0.58cvss 8.8epss 0.04

    Adobe Framemaker versions 2019.0.5 and below have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2020-9635HigJun 12, 2020
    risk 0.58cvss 8.8epss 0.04

    Adobe Framemaker versions 2019.0.5 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2020-9634HigJun 12, 2020
    risk 0.58cvss 8.8epss 0.04

    Adobe Framemaker versions 2019.0.5 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2020-14048HigJun 12, 2020
    risk 0.49cvss 7.5epss 0.05

    Zoho ManageEngine ServiceDesk Plus before 11.1 build 11115 allows remote unauthenticated attackers to change the installation status of deployed agents.

  • CVE-2020-4045HigJun 11, 2020
    risk 0.42cvss 7.5epss 0.01

    SSB-DB version 20.0.0 has an information disclosure vulnerability. The get() method is supposed to only decrypt messages when you explicitly ask it to, but there is a bug where it's decrypting any message that it can. This means that it is returning the decrypted content of…

  • CVE-2020-13250HigJun 11, 2020
    risk 0.42cvss 7.5epss 0.03

    HashiCorp Consul and Consul Enterprise include an HTTP API (introduced in 1.2.0) and DNS (introduced in 1.4.3) caching feature that was vulnerable to denial of service. Fixed in 1.6.6 and 1.7.4.

  • CVE-2020-13170HigJun 11, 2020
    risk 0.42cvss 7.5epss 0.02

    HashiCorp Consul and Consul Enterprise did not appropriately enforce scope for local tokens issued by a primary data center, where replication to a secondary data center was not enabled. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4.

  • CVE-2020-12758HigJun 11, 2020
    risk 0.42cvss 7.5epss 0.02

    HashiCorp Consul and Consul Enterprise could crash when configured with an abnormally-formed service-router entry. Introduced in 1.6.0, fixed in 1.6.6 and 1.7.4.

  • CVE-2020-12725HigJun 11, 2020
    risk 0.47cvss 7.2epss 0.01

    Havoc Research discovered an authenticated Server-Side Request Forgery (SSRF) via the "JSON" data source of Redash open-source 8.0.0 and prior. Possibly, other connectors are affected. The SSRF is potent and provides a lot of flexibility in terms of being able to craft HTTP…

  • CVE-2020-5411HigJun 11, 2020
    risk 0.53cvss 8.1epss 0.02

    When configured to enable default typing, Jackson contained a deserialization vulnerability that could lead to arbitrary code execution. Jackson fixed this vulnerability by blacklisting known "deserialization gadgets". Spring Batch configures Jackson with global default typing…

  • CVE-2020-11614HigJun 11, 2020
    risk 0.53cvss 8.1epss 0.00

    Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over cleartext HTTP. Additionally, the application does not perform file integrity validation for files after download. An attacker can perform a man-in-the-middle attack against this…

  • CVE-2020-11613HigJun 11, 2020
    risk 0.51cvss 7.8epss 0.00

    Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. By default, the Authenticated Users group has Modify permissions to the installation folder. Because of this, any user on…

  • CVE-2020-0233HigJun 11, 2020
    risk 0.51cvss 7.8epss 0.00

    In main of main.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:…

  • CVE-2020-0219HigJun 11, 2020
    risk 0.51cvss 7.8epss 0.00

    In onCreate of SliceDeepLinkSpringBoard.java there is a possible insecure Intent. This could lead to local elevation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID:…

  • CVE-2020-0218HigJun 11, 2020
    risk 0.46cvss 7.0epss 0.00

    In loadSoundModel and related functions of SoundTriggerHwService.cpp, there is possible out of bounds write due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-0216HigJun 11, 2020
    risk 0.51cvss 7.8epss 0.00

    In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2020-0215HigJun 11, 2020
    risk 0.51cvss 7.8epss 0.00

    In onCreate of ConfirmConnectActivity.java, there is a possible leak of Bluetooth information due to a permissions bypass. This could lead to local escalation of privilege that exposes a pairing Bluetooth MAC address with no additional execution privileges needed. User…