VYPR

CVEs

101,963 total · page 1608 of 2,040

  • CVE-2019-14733HigAug 7, 2019
    risk 0.57cvss 8.8epss 0.02

    AdPlug 2.3.1 has multiple heap-based buffer overflows in CradLoader::load() in rad.cpp.

  • CVE-2019-14732HigAug 7, 2019
    risk 0.57cvss 8.8epss 0.01

    AdPlug 2.3.1 has multiple heap-based buffer overflows in Ca2mLoader::load() in a2m.cpp.

  • CVE-2019-14707HigAug 6, 2019
    risk 0.47cvss 7.2epss 0.03

    An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The firmware update process is insecure, leading to remote code execution. The attacker can provide arbitrary firmware in a .dat file via a webparam?system&action=set&upgrade URI.

  • CVE-2019-14706HigAug 6, 2019
    risk 0.49cvss 7.5epss 0.02

    A denial of service issue in HTTPD was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker without authorization can upload a file to upload.php with a filename longer than 256 bytes. This will be placed in the updownload area. It will not…

  • CVE-2019-14705HigAug 6, 2019
    risk 0.47cvss 7.2epss 0.02

    An Incorrect Access Control issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5 because any valid cookie can be used to make requests as an admin.

  • CVE-2019-14703HigAug 6, 2019
    risk 0.57cvss 8.8epss 0.01

    A CSRF issue was discovered in webparam?user&action=set&param=add in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5 to create an admin account.

  • CVE-2019-14701HigAug 6, 2019
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can trigger read operations on an arbitrary file via Path Traversal in the TZ parameter, but cannot retrieve the data that is read. This causes a denial of service if the…

  • CVE-2019-14700HigAug 6, 2019
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. There is disclosure of the existence of arbitrary files via Path Traversal in HTTPD. This occurs because the filename specified in the TZ parameter is accessed with a substantial delay if…

  • CVE-2019-5687HigAug 6, 2019
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which an incorrect use of default permissions for an object exposes it to an unintended actor

  • CVE-2019-5683HigAug 6, 2019
    risk 0.51cvss 7.8epss 0.01

    NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the user mode video driver trace logger component. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead to code…

  • CVE-2019-5682HigAug 6, 2019
    risk 0.51cvss 7.8epss 0.00

    NVIDIA Shield TV Experience prior to v8.0, contains a vulnerability in the NVIDIA Games App where it improperly exports an Activity but does not properly restrict which applications can launch the Activity, which may lead to code execution or denial of service.

  • CVE-2019-5679HigAug 6, 2019
    risk 0.51cvss 7.8epss 0.00

    NVIDIA Shield TV Experience prior to v8.0, NVIDIA Tegra bootloader contains a vulnerability in nvtboot where the Trusted OS image is improperly authenticated, which may lead to code execution, denial of service, escalation of privileges, and information disclosure, code…

  • CVE-2019-13106HigAug 6, 2019
    risk 0.51cvss 7.8epss 0.02

    Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution.

  • CVE-2019-13105HigAug 6, 2019
    risk 0.51cvss 7.8epss 0.01

    Das U-Boot versions 2019.07-rc1 through 2019.07-rc4 can double-free a cached block of data when listing files in a crafted ext4 filesystem.

  • CVE-2019-6000HigAug 6, 2019
    risk 0.57cvss 8.8epss 0.02

    Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS…

  • CVE-2019-5999HigAug 6, 2019
    risk 0.57cvss 8.8epss 0.02

    Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS…

  • CVE-2019-5998HigAug 6, 2019
    risk 0.57cvss 8.8epss 0.03

    Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS…

  • CVE-2019-5994HigAug 6, 2019
    risk 0.57cvss 8.8epss 0.02

    Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS…

  • CVE-2019-2386HigAug 6, 2019
    risk 0.46cvss 7.1epss 0.01

    After user deletion in MongoDB Server the improper invalidation of authorization sessions allows an authenticated user's session to persist and become conflated with new accounts, if those accounts reuse the names of deleted ones. This issue affects MongoDB Server v4.0 versions…

  • CVE-2019-14473HigAug 6, 2019
    risk 0.57cvss 8.8epss 0.02

    eQ-3 Homematic CCU2 and CCU3 use session IDs for authentication but lack authorization checks. Consequently, a valid guest level or user level account can create a new admin level account, read the service messages, clear the system protocol or modify/delete internal programs,…

  • CVE-2019-13104HigAug 6, 2019
    risk 0.51cvss 7.8epss 0.01

    In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem.

  • CVE-2019-14347HigAug 6, 2019
    risk 0.61cvss 8.8epss 0.09

    Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or developer) to create an administrator account via admin/user/add, as demonstrated by a Python PoC script.

  • CVE-2019-14346HigAug 6, 2019
    risk 0.60cvss 8.8epss 0.03

    Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CSRF to change a user password.

  • CVE-2016-10793HigAug 6, 2019
    risk 0.57cvss 8.8epss 0.01

    cPanel before 59.9999.145 allows arbitrary code execution due to an incorrect #! in Mail::SPF scripts (SEC-152).

  • CVE-2016-10792HigAug 6, 2019
    risk 0.57cvss 8.8epss 0.01

    cPanel before 59.9999.145 allows code execution in the context of other accounts via mailman list archives (SEC-141).

  • CVE-2019-14692HigAug 6, 2019
    risk 0.57cvss 8.8epss 0.02

    AdPlug 2.3.1 has a heap-based buffer overflow in CmkjPlayer::load() in mkj.cpp.

  • CVE-2019-14691HigAug 6, 2019
    risk 0.57cvss 8.8epss 0.02

    AdPlug 2.3.1 has a heap-based buffer overflow in CdtmLoader::load() in dtm.cpp.

  • CVE-2019-14690HigAug 6, 2019
    risk 0.57cvss 8.8epss 0.02

    AdPlug 2.3.1 has a heap-based buffer overflow in CxadbmfPlayer::__bmf_convert_stream() in bmf.cpp.

  • CVE-2016-10790HigAug 6, 2019
    risk 0.49cvss 7.5epss 0.01

    cPanel before 60.0.25 does not use TLS for HTTP POSTs to listinput.cpanel.net (SEC-192).

  • CVE-2016-10789HigAug 6, 2019
    risk 0.57cvss 8.8epss 0.01

    cPanel before 60.0.25 allows code execution via the cpsrvd 403 error response handler (SEC-191).

  • CVE-2016-10788HigAug 6, 2019
    risk 0.57cvss 8.8epss 0.02

    cPanel before 60.0.25 allows arbitrary code execution via Maketext in PostgreSQL adminbin (SEC-188).

  • CVE-2016-10787HigAug 6, 2019
    risk 0.53cvss 8.1epss 0.01

    The Host Access Control feature in cPanel before 60.0.25 mishandles actionless host.deny entries (SEC-187).

  • CVE-2019-14475HigAug 5, 2019
    risk 0.49cvss 7.5epss 0.02

    eQ-3 Homematic CCU2 2.47.15 and prior and CCU3 3.47.15 and prior use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID from CVE-2019-9583, resulting in the ability to read the service messages, clear the system protocol, create a…

  • CVE-2019-10980HigAug 5, 2019
    risk 0.51cvss 7.8epss 0.01

    A type confusion vulnerability may be exploited when LAquis SCADA 4.3.1.71 processes a specially crafted project file. This may allow an attacker to execute remote code. The attacker must have local access to the system. A CVSS v3 base score of 7.8 has been calculated; the CVSS…

  • CVE-2019-12264HigAug 5, 2019
    risk 0.47cvss 7.1epss 0.08

    Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component.

  • CVE-2019-11270HigAug 5, 2019
    risk 0.49cvss 7.5epss 0.01

    Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the 'clients.write' authority or scope can bypass the restrictions imposed on clients created via 'clients.write' and create clients with arbitrary scopes that the creator…

  • CVE-2019-4473HigAug 5, 2019
    risk 0.51cvss 7.8epss 0.00

    Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on the AIX platform use insecure absolute RPATHs, which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 163984.

  • CVE-2017-18476HigAug 5, 2019
    risk 0.49cvss 7.5epss 0.01

    Leech Protect in cPanel before 62.0.4 does not protect certain directories (SEC-205).

  • CVE-2017-18475HigAug 5, 2019
    risk 0.57cvss 8.8epss 0.01

    In cPanel before 62.0.4, Exim piped filters ran in the context of an incorrect user account when delivering to a system user (SEC-204).

  • CVE-2017-18470HigAug 5, 2019
    risk 0.57cvss 8.8epss 0.01

    cPanel before 62.0.4 has a fixed password for the Munin MySQL test account (SEC-196).

  • CVE-2016-10773HigAug 5, 2019
    risk 0.57cvss 8.8epss 0.01

    cPanel before 60.0.25 allows format-string injection in exception-message handling (SEC-171).

  • CVE-2016-10771HigAug 5, 2019
    risk 0.53cvss 8.1epss 0.01

    cPanel before 60.0.25 allows file-create and file-chmod operations during ModSecurity Audit logfile processing (SEC-165).

  • CVE-2019-14521HigAug 5, 2019
    risk 0.49cvss 7.5epss 0.02

    The api/admin/logoupload Logo File upload feature in EMCA Energy Logserver 6.1.2 allows attackers to send any kind of file to any location on the server via path traversal in the filename parameter.

  • CVE-2017-18462HigAug 5, 2019
    risk 0.49cvss 7.5epss 0.01

    cPanel before 62.0.17 allows a CPHulk one-day ban bypass when IP based protection is enabled (SEC-224).

  • CVE-2019-14654HigAug 5, 2019
    risk 0.57cvss 8.8epss 0.02

    In Joomla! 3.9.7 and 3.9.8, inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option. In other words, the filter attribute in subform fields allows remote code execution. This is fixed in 3.9.9.

  • CVE-2019-7951HigAug 2, 2019
    risk 0.42cvss 7.5epss 0.01

    An information leakage vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A SOAP web service endpoint does not properly enforce parameters related to access control. This could be abused to leak customer information via…

  • CVE-2019-7950HigAug 2, 2019
    risk 0.42cvss 7.5epss 0.02

    An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access…

  • CVE-2019-7942HigAug 2, 2019
    risk 0.40cvss 7.2epss 0.02

    A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create or edit a product can execute arbitrary code via malicious XML layout updates.

  • CVE-2019-7932HigAug 2, 2019
    risk 0.40cvss 7.2epss 0.02

    A remote code execution vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create sitemaps can…

  • CVE-2019-7930HigAug 2, 2019
    risk 0.40cvss 7.2epss 0.02

    A file upload restriction bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to the import feature can make modifications to a configuration file, resulting in potentially…