VYPR

CVEs

101,975 total · page 1567 of 2,040

  • CVE-2019-18951HigNov 13, 2019
    risk 0.53cvss 7.5epss 0.20

    SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary files.

  • CVE-2019-0396HigNov 13, 2019
    risk 0.46cvss 7.1epss 0.01

    SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), corrected in versions 4.1 and 4.2, does not sufficiently validate an XML document accepted from an untrusted source. An attacker can craft a message that contains malicious elements that will…

  • CVE-2010-5108HigNov 13, 2019
    risk 0.49cvss 7.5epss 0.01

    Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an attacker to change the status and resolution of tickets without having proper permissions.

  • CVE-2019-0389HigNov 13, 2019
    risk 0.57cvss 8.8epss 0.01

    An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise.

  • CVE-2013-3366HigNov 13, 2019
    risk 0.57cvss 8.8epss 0.01

    Undocumented TELNET service in TRENDnet TEW-812DRU when a web page named backdoor contains an HTML parameter of password and a value of j78G¬DFdg_24Mhw3.

  • CVE-2010-4664HigNov 13, 2019
    risk 0.57cvss 8.8epss 0.01

    In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session.

  • CVE-2014-1214HigNov 13, 2019
    risk 0.61cvss 8.8epss 0.04

    views/upload.php in the ProJoom Smart Flash Header (NovaSFH) component 3.0.2 and earlier for Joomla! allows remote attackers to upload and execute arbitrary files via a crafted (1) dest parameter and (2) arbitrary extension in the Filename parameter.

  • CVE-2011-4972HigNov 13, 2019
    risk 0.49cvss 7.5epss 0.02

    hook_file_download in the CKEditor module 7.x-1.4 for Drupal does not properly restrict access to private files, which allows remote attackers to read private files via a direct request.

  • CVE-2010-4661HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.00

    udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.

  • CVE-2010-4657HigNov 13, 2019
    risk 0.49cvss 7.5epss 0.02

    PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.

  • CVE-2019-2210HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.00

    In load_logging_config of qmi_vs_service.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2019-18884HigNov 13, 2019
    risk 0.57cvss 8.8epss 0.01

    index.php/team_members/add_team_member in RISE Ultimate Project Manager 2.3 has CSRF for adding authorized users.

  • CVE-2019-18844HigNov 13, 2019
    risk 0.42cvss 7.5epss 0.02

    The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pci_core.h (instead of other mechanisms for propagating error information or diagnostic information), which might allow attackers to cause a denial of…

  • CVE-2019-18837HigNov 13, 2019
    risk 0.49cvss 8.6epss 0.01

    An issue was discovered in crun before 0.10.5. With a crafted image, it doesn't correctly check whether a target is a symlink, resulting in access to files outside of the container. This occurs in libcrun/linux.c and libcrun/chroot_realpath.c.

  • CVE-2010-4654HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.01

    poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack.

  • CVE-2019-2214HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.00

    In binder_transaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2019-2213HigNov 13, 2019
    risk 0.48cvss 7.4epss 0.00

    In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2019-2211HigNov 13, 2019
    risk 0.49cvss 7.5epss 0.01

    In createProjectionMapForQuery of TvProvider.java, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1…

  • CVE-2019-2208HigNov 13, 2019
    risk 0.49cvss 7.5epss 0.01

    In PromiseBuiltinsAssembler::NewPromiseCapability of builtins-promise.cc, there is a possible out of bounds read in v8 JIT code due to a bug in code generation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is…

  • CVE-2019-2207HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.00

    In nfa_hci_handle_admin_gate_rsp of nfa_hci_act.cc, there is a possible out of bound write due to missing bounds checks. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2019-2206HigNov 13, 2019
    risk 0.57cvss 8.8epss 0.01

    In rw_i93_sm_set_read_only of rw_i93.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2019-2203HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.00

    In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2019-2202HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.00

    In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2019-2201HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.02

    In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for…

  • CVE-2019-2195HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.00

    In tokenize of sqlite3_android.cpp, there is a possible attacker controlled INSERT statement due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2019-2193HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.00

    In WelcomeActivity.java and related files, there is a possible permissions bypass due to a partially provisioned Device Policy Client. This could lead to local escalation of privilege, leaving an Admin app installed with no indication to the user, with User execution privileges…

  • CVE-2019-2192HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.00

    In call of SliceProvider.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2019-18279HigNov 13, 2019
    risk 0.57cvss 8.8epss 0.01

    In Phoenix SCT WinFlash 1.1.12.0 through 1.5.74.0, the included drivers could be used by a malicious Windows application to gain elevated privileges. Adverse impacts are limited to the Windows environment and there is no known direct impact to the UEFI firmware. This was fixed…

  • CVE-2019-5294HigNov 13, 2019
    risk 0.49cvss 7.5epss 0.01

    There is an out of bound read vulnerability in some Huawei products. A remote, unauthenticated attacker may send a corrupt or crafted message to the affected products. Due to a buffer read overflow error when parsing the message, successful exploit may cause some service to be…

  • CVE-2019-5289HigNov 13, 2019
    risk 0.49cvss 7.5epss 0.01

    Gauss100 OLTP database in ManageOne with versions of 6.5.0 have an out-of-bounds read vulnerability due to the insufficient checks of the specific packet length. Attackers can construct invalid packets to attack the active and standby communication channels. Successful exploit…

  • CVE-2019-18931HigNov 13, 2019
    risk 0.57cvss 8.8epss 0.02

    Western Digital My Cloud EX2 Ultra firmware 2.31.195 allows a Buffer Overflow with Extended Instruction Pointer (EIP) control via crafted GET/POST parameters.

  • CVE-2019-18930HigNov 13, 2019
    risk 0.57cvss 8.8epss 0.03

    Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users (including guest account) to remotely execute arbitrary code via a stack-based buffer overflow. There is no size verification logic in one of functions in libscheddl.so, and download_mgr.cgi makes it possible…

  • CVE-2019-18929HigNov 13, 2019
    risk 0.57cvss 8.8epss 0.03

    Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users (including guest accounts) to remotely execute arbitrary code via a download_mgr.cgi stack-based buffer overflow.

  • CVE-2019-15948HigNov 13, 2019
    risk 0.57cvss 8.8epss 0.03

    Texas Instruments CC256x and WL18xx dual-mode Bluetooth controller devices, when LE scan mode is used, allow remote attackers to trigger a buffer overflow via a malformed Bluetooth Low Energy advertising packet, to cause a denial of service or potentially execute arbitrary code.…

  • CVE-2013-4655HigNov 13, 2019
    risk 0.49cvss 7.5epss 0.02

    Symlink Traversal vulnerability in Belkin N900 due to misconfiguration in the SMB service.

  • CVE-2019-5288HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.01

    P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs…

  • CVE-2019-5287HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.01

    P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs…

  • CVE-2019-5282HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.01

    Bastet module of some Huawei smartphones with Versions earlier than Emily-AL00A 9.0.0.182(C00E82R1P21), Versions earlier than Emily-TL00B 9.0.0.182(C01E82R1P21), Versions earlier than Emily-L09C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.203(C432E7R1P11),…

  • CVE-2019-18397HigNov 13, 2019
    risk 0.44cvss 7.8epss 0.02

    A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then…

  • CVE-2019-5233HigNov 13, 2019
    risk 0.57cvss 8.8epss 0.01

    Huawei smartphones with versions earlier than Taurus-AL00B 10.0.0.41(SP2C00E41R3P2) have an improper authentication vulnerability. Successful exploitation may cause the attacker to access specific components.

  • CVE-2019-5228HigNov 12, 2019
    risk 0.51cvss 7.8epss 0.01

    Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition…

  • CVE-2017-17224HigNov 12, 2019
    risk 0.57cvss 8.8epss 0.00

    Some Huawei smart phones with versions earlier than Harry-AL00C 9.1.0.206(C00E205R3P1) have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the…

  • CVE-2010-3844HigNov 12, 2019
    risk 0.50cvss 8.8epss 0.01

    An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack.

  • CVE-2010-3305HigNov 12, 2019
    risk 0.57cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in pixelpost 1.7.3 could allow remote attackers to change the admin password.

  • CVE-2019-14367HigNov 12, 2019
    risk 0.49cvss 7.5epss 0.01

    Slack-Chat through 1.5.5 leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.).

  • CVE-2019-14366HigNov 12, 2019
    risk 0.49cvss 7.5epss 0.02

    WP SlackSync plugin through 1.8.5 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.).

  • CVE-2019-14365HigNov 12, 2019
    risk 0.49cvss 7.5epss 0.02

    The Intercom plugin through 1.2.1 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.).

  • CVE-2011-2335HigNov 12, 2019
    risk 0.49cvss 7.5epss 0.01

    A double-free vulnerability exists in WebKit in Google Chrome before Blink M12 in the WebCore::CSSSelector function.

  • CVE-2010-2488HigNov 12, 2019
    risk 0.49cvss 7.5epss 0.02

    NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic stats when there are unauthenticated connections.

  • CVE-2019-1457HigNov 12, 2019
    risk 0.51cvss 7.8epss 0.03

    A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document, aka 'Microsoft Office Excel Security Feature Bypass'.