VYPR

CVEs

101,975 total · page 1566 of 2,040

  • CVE-2019-15389HigNov 14, 2019
    risk 0.53cvss 8.1epss 0.01

    The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.1.13). This app contains an exported service…

  • CVE-2019-15388HigNov 14, 2019
    risk 0.53cvss 8.1epss 0.01

    The Coolpad 1851 Android device with a build fingerprint of Coolpad/android/android:8.1.0/O11019/1534834761:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.1.13). This app contains an…

  • CVE-2019-15351HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    The Tecno Camon Android device with a build fingerprint of TECNO/H622/TECNO-ID5b:8.1.0/O11019/G-180829V31:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). This app contains an exported…

  • CVE-2019-15350HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    The Tecno Camon Android device with a build fingerprint of TECNO/H622/TECNO-ID5b:8.1.0/O11019/G-180829V31:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). This app contains an exported…

  • CVE-2019-15349HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    The Tecno Camon Android device with a build fingerprint of TECNO/H612/TECNO-ID5a:8.1.0/O11019/F-180828V106:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). This app contains an…

  • CVE-2019-15348HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    The Tecno Camon Android device with a build fingerprint of TECNO/H612/TECNO-ID5a:8.1.0/O11019/F-180828V106:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). This app contains an…

  • CVE-2019-15347HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    The Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). This app contains an…

  • CVE-2019-15346HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    The Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). This app contains an…

  • CVE-2019-15345HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    The Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.8). This app contains an…

  • CVE-2019-15344HigNov 14, 2019
    risk 0.53cvss 8.1epss 0.01

    The Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.8). This app contains an…

  • CVE-2019-15343HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    The Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.8). This app contains an…

  • CVE-2019-15342HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    The Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). This app contains…

  • CVE-2019-15341HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    The Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). This app contains…

  • CVE-2019-14818HigNov 14, 2019
    risk 0.49cvss 7.5epss 0.03

    A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory…

  • CVE-2019-14602HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    Improper permissions in the installer for the Nuvoton* CIR Driver versions 1.02.1002 and before may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2019-14566HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    Insufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access.

  • CVE-2019-14565HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access.

  • CVE-2019-11182HigNov 14, 2019
    risk 0.49cvss 7.5epss 0.01

    Memory corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.

  • CVE-2019-11181HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    Out of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable escalation of privilege via network access.

  • CVE-2019-11180HigNov 14, 2019
    risk 0.49cvss 7.5epss 0.01

    Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.

  • CVE-2019-11178HigNov 14, 2019
    risk 0.53cvss 8.1epss 0.01

    Stack overflow in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure and/or denial of service via network access.

  • CVE-2019-11177HigNov 14, 2019
    risk 0.49cvss 7.5epss 0.01

    Unhandled exception in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.

  • CVE-2019-11175HigNov 14, 2019
    risk 0.49cvss 7.5epss 0.01

    Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.

  • CVE-2019-11173HigNov 14, 2019
    risk 0.46cvss 7.1epss 0.00

    Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via local access.

  • CVE-2019-11170HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    Authentication bypass in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via local access.

  • CVE-2019-11156HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    Logic errors in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, denial of service, and information disclosure via local access.

  • CVE-2019-11155HigNov 14, 2019
    risk 0.46cvss 7.1epss 0.00

    Improper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable denial of service and information disclosure via local access.

  • CVE-2019-11154HigNov 14, 2019
    risk 0.46cvss 7.1epss 0.00

    Improper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable denial of service and information disclosure via local access.

  • CVE-2019-11153HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    Memory corruption issues in Intel(R) PROSet/Wireless WiFi Software extension DLL before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and a denial of service via local access.

  • CVE-2019-11152HigNov 14, 2019
    risk 0.57cvss 8.8epss 0.01

    Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 may allow a privileged user to potentially enable escalation of privilege, denial of service, and information disclosure via adjacent access.

  • CVE-2019-11151HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 may allow a privileged user to potentially enable escalation of privilege, denial of service, and information disclosure via local access.

  • CVE-2019-11137HigNov 14, 2019
    risk 0.53cvss 8.2epss 0.00

    Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user…

  • CVE-2012-1170HigNov 14, 2019
    risk 0.49cvss 7.5epss 0.01

    Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough

  • CVE-2019-8240HigNov 14, 2019
    risk 0.49cvss 7.5epss 0.03

    Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2019-8239HigNov 14, 2019
    risk 0.49cvss 7.5epss 0.03

    Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2019-7962HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.01

    Adobe Illustrator CC versions 23.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.

  • CVE-2019-7960HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.01

    Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.

  • CVE-2012-1168HigNov 14, 2019
    risk 0.53cvss 8.2epss 0.02

    Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.

  • CVE-2012-1156HigNov 14, 2019
    risk 0.42cvss 7.5epss 0.02

    Moodle before 2.2.2 has users' private files included in course backups

  • CVE-2012-1155HigNov 14, 2019
    risk 0.49cvss 7.5epss 0.02

    Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to

  • CVE-2019-18647HigNov 14, 2019
    risk 0.47cvss 7.2epss 0.02

    The Untangle NG firewall 14.2.0 is vulnerable to an authenticated command injection when logged in as an admin user.

  • CVE-2019-18646HigNov 14, 2019
    risk 0.47cvss 7.2epss 0.01

    The Untangle NG firewall 14.2.0 is vulnerable to authenticated inline-query SQL injection within the timeDataDynamicColumn parameter when logged in as an admin user.

  • CVE-2019-18895HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.01

    Scanguard through 2019-11-12 on Windows has Insecure Permissions for the installation directory, leading to privilege escalation via a Trojan horse executable file.

  • CVE-2019-18949HigNov 14, 2019
    risk 0.49cvss 7.5epss 0.01

    SnowHaze before 2.6.6 is sometimes too late to honor a per-site JavaScript blocking setting, which leads to unintended JavaScript execution via a chain of webpage redirections targeted to the user's browser configuration.

  • CVE-2011-1588HigNov 14, 2019
    risk 0.44cvss 7.8epss 0.01

    Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error.

  • CVE-2011-1145HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.

  • CVE-2011-1070HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    v86d before 0.1.10 do not verify if received netlink messages are sent by the kernel. This could allow unprivileged users to manipulate the video mode and potentially other consequences.

  • CVE-2019-3661HigNov 14, 2019
    risk 0.53cvss 8.1epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute database commands via carefully constructed time based payloads.

  • CVE-2019-3660HigNov 13, 2019
    risk 0.55cvss 8.4epss 0.01

    Improper Neutralization of HTTP requests in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute commands on the server remotely via carefully constructed HTTP requests.

  • CVE-2019-3651HigNov 13, 2019
    risk 0.57cvss 8.8epss 0.01

    Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to ePO as an administrator via using the atduser credentials, which were too permissive.