VYPR

CVEs

100,082 total · page 1613 of 2,002

  • CVE-2016-1587HigApr 22, 2019
    risk 0.39cvss 7.1epss 0.01

    The Snapweb interface before version 0.21.2 was exposing controls to install or remove snap packages without controlling the identity of the user, nor the origin of the connection. An attacker could have used the controls to remotely add a valid, but malicious, snap package,…

  • CVE-2016-1573HigApr 22, 2019
    risk 0.51cvss 7.8epss 0.00

    Versions of Unity8 before 8.11+16.04.20160122-0ubuntu1 file plugins/Dash/CardCreator.js will execute any code found in place of a fallback image supplied by a scope.

  • CVE-2015-1341HigApr 22, 2019
    risk 0.48cvss 7.4epss 0.00

    Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function _python_module_path.

  • CVE-2015-1340HigApr 22, 2019
    risk 0.39cvss 7.0epss 0.01

    LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer() has an unsafe Chmod() call that races against the stat in the Filepath.Walk() function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice.

  • CVE-2014-1426HigApr 22, 2019
    risk 0.56cvss 8.6epss 0.01

    A vulnerability in maasserver.api.get_file_by_name of Ubuntu MAAS allows unauthenticated network clients to download any file. This issue affects: Ubuntu MAAS versions prior to 1.9.2.

  • CVE-2011-3147HigApr 22, 2019
    risk 0.49cvss 8.6epss 0.01

    Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem.

  • CVE-2019-11452HigApr 22, 2019
    risk 0.47cvss 7.2epss 0.01

    whatsns 4.0 allows index.php?admin_category/remove.html cid[] SQL injection.

  • CVE-2019-11451HigApr 22, 2019
    risk 0.47cvss 7.2epss 0.01

    whatsns 4.0 allows index.php?inform/add.html qid SQL injection.

  • CVE-2019-11243HigApr 22, 2019
    risk 0.53cvss 8.1epss 0.01

    In Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientConfig() method returns a copy of the provided config, with credentials removed (bearer token, username/password, and client certificate/key data). In the affected versions, rest.AnonymousClientConfig() did not…

  • CVE-2019-11447HigApr 22, 2019
    risk 0.64cvss 8.8epss 0.53

    An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload process in the profile area via the avatar_file field to index.php?mod=main&opt=personal. There is no effective control of $imgsize in /core/modules/dashboard.php.…

  • CVE-2019-11446HigApr 22, 2019
    risk 0.61cvss 8.8epss 0.08

    An issue was discovered in ATutor through 2.2.4. It allows the user to run commands on the server with the teacher user privilege. The Upload Files section in the File Manager field contains an arbitrary file upload vulnerability via upload.php. The $IllegalExtensions value only…

  • CVE-2019-11445HigApr 22, 2019
    risk 0.51cvss 7.2epss 0.14

    OpenKM 6.3.2 through 6.3.7 allows an attacker to upload a malicious JSP file into the /okm:root directories and move that file to the home directory of the site, via frontend/FileUpload and admin/repository_export.jsp. This is achieved by interfering with the Filesystem path…

  • CVE-2019-11444HigApr 22, 2019
    risk 0.51cvss 7.2epss 0.13

    An issue was discovered in Liferay Portal CE 7.1.2 GA3. An attacker can use Liferay's Groovy script console to execute OS commands. Commands can be executed via a [command].execute() call, as demonstrated by "def cmd =" in the ServerAdminPortlet_script value to…

  • CVE-2019-11416HigApr 22, 2019
    risk 0.61cvss 8.8epss 0.04

    A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user.

  • CVE-2019-11415HigApr 22, 2019
    risk 0.53cvss 7.5epss 0.14

    An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""} string to v1/system/login.

  • CVE-2019-11414HigApr 22, 2019
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router.

  • CVE-2019-11413HigApr 22, 2019
    risk 0.00cvss 7.5epss 0.02

    An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match function in regexp.c lacks a depth check.

  • CVE-2019-11412HigApr 22, 2019
    risk 0.00cvss 7.5epss 0.02

    An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call.

  • CVE-2019-11405HigApr 22, 2019
    risk 0.00cvss 8.1epss 0.01

    OpenAPI Tools OpenAPI Generator before 4.0.0-20190419.052012-560 uses http:// URLs in various build.gradle, build.gradle.mustache, and build.sbt files, which may have caused insecurely resolved dependencies.

  • CVE-2019-11404HigApr 22, 2019
    risk 0.46cvss 8.1epss 0.01

    arrow-kt Arrow before 0.9.0 resolved Gradle build artifacts (for compiling and building the published JARs) over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by an MITM attack.

  • CVE-2019-11401HigApr 22, 2019
    risk 0.40cvss 7.2epss 0.03

    A issue was discovered in SiteServer CMS 6.9.0. It allows remote attackers to execute arbitrary code because an administrator can add the permitted file extension .aassp, which is converted to .asp because the "as" substring is deleted.

  • CVE-2019-11378HigApr 20, 2019
    risk 0.57cvss 8.8epss 0.04

    An issue was discovered in ProjectSend r1053. upload-process-form.php allows finished_files[]=../ directory traversal. It is possible for users to read arbitrary files and (potentially) access the supporting database, delete arbitrary files, access user passwords, or run…

  • CVE-2019-11377HigApr 20, 2019
    risk 0.57cvss 8.8epss 0.02

    wcms/wex/finder/action.php in WCMS v0.3.2 has a Arbitrary File Upload Vulnerability via developer/finder because .php is a valid extension according to the fm_get_text_exts function.

  • CVE-2019-11376HigApr 20, 2019
    risk 0.47cvss 7.2epss 0.02

    SOY CMS v3.0.2 allows remote attackers to execute arbitrary PHP code via a <?php substring in the second text box. NOTE: the vendor indicates that there was an assumption that the content is "made editable on its own.

  • CVE-2019-11374HigApr 20, 2019
    risk 0.61cvss 8.8epss 0.10

    74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI.

  • CVE-2019-11354HigApr 19, 2019
    risk 0.56cvss 7.8epss 0.23

    The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for…

  • CVE-2019-11351HigApr 19, 2019
    risk 0.58cvss 8.8epss 0.04

    TeamSpeak 3 Client before 3.2.5 allows remote code execution in the Qt framework.

  • CVE-2019-2041HigApr 19, 2019
    risk 0.47cvss 7.3epss 0.00

    In the configuration of NFC modules on certain devices, there is a possible failure to distinguish individual devices due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for…

  • CVE-2019-2037HigApr 19, 2019
    risk 0.49cvss 7.5epss 0.01

    In l2cu_send_peer_config_rej of l2c_utils.cc, there is a possible out-of-bound read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2019-2035HigApr 19, 2019
    risk 0.51cvss 7.8epss 0.00

    In rw_i93_sm_update_ndef of rw_i93.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…

  • CVE-2019-2034HigApr 19, 2019
    risk 0.51cvss 7.8epss 0.00

    In rw_i93_sm_read_ndef of rw_i93.cc, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the NFC process with no additional execution privileges needed. User interaction is needed for exploitation. Product:…

  • CVE-2019-2033HigApr 19, 2019
    risk 0.51cvss 7.8epss 0.00

    In create_hdr of dnssd_clientstub.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID:…

  • CVE-2019-2032HigApr 19, 2019
    risk 0.51cvss 7.8epss 0.00

    In SetScanResponseData of ble_advertiser_hci_interface.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.…

  • CVE-2019-2031HigApr 19, 2019
    risk 0.51cvss 7.8epss 0.00

    In rw_t3t_act_handle_check_ndef_rsp of rw_t3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2019-2029HigApr 19, 2019
    risk 0.57cvss 8.8epss 0.01

    In btm_proc_smp_cback of tm_ble.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0…

  • CVE-2019-2028HigApr 19, 2019
    risk 0.57cvss 8.8epss 0.01

    In numerous hand-crafted functions in libmpeg2, NEON registers are not preserved. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1…

  • CVE-2019-2027HigApr 19, 2019
    risk 0.57cvss 8.8epss 0.01

    In floor0_inverse1 of floor0.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0…

  • CVE-2019-2026HigApr 19, 2019
    risk 0.51cvss 7.8epss 0.00

    In updateAssistMenuItems of Editor.java, there is a possible escape from the Setup Wizard due to a missing permission check. This could lead to local escalation of privilege and FRP bypass with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2019-5008HigApr 19, 2019
    risk 0.49cvss 7.5epss 0.03

    hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device driver.

  • CVE-2019-4055HigApr 19, 2019
    risk 0.49cvss 7.5epss 0.02

    IBM MQ 8.0.0.0 through 8.0.0.10, 9.0.0.0 through 9.0.0.5, and 9.1.0.0 through 9.1.1 is vulnerable to a denial of service attack within the TLS key renegotiation function. IBM X-Force ID: 156564.

  • CVE-2019-10245HigApr 19, 2019
    risk 0.49cvss 7.5epss 0.02

    In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load.

  • CVE-2019-11339HigApr 19, 2019
    risk 0.00cvss 8.8epss 0.03

    The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via crafted MPEG-4 video data.

  • CVE-2019-11338HigApr 19, 2019
    risk 0.00cvss 8.8epss 0.02

    libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data.

  • CVE-2019-11332HigApr 18, 2019
    risk 0.57cvss 8.8epss 0.02

    MKCMS 5.0 allows remote attackers to take over arbitrary user accounts by posting a username and e-mail address to ucenter/repass.php, which triggers e-mail transmission with the password, as demonstrated by 123456.

  • CVE-2019-11331HigApr 18, 2019
    risk 0.53cvss 8.1epss 0.03

    Network Time Protocol (NTP), as specified in RFC 5905, uses port 123 even for modes where a fixed port number is not required, which makes it easier for remote attackers to conduct off-path attacks.

  • CVE-2019-11324HigApr 18, 2019
    risk 0.42cvss 7.5epss 0.03

    The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This…

  • CVE-2019-3719HigApr 18, 2019
    risk 0.53cvss 8.0epss 0.16

    Dell SupportAssist Client versions prior to 3.2.0.90 contain a remote code execution vulnerability. An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and…

  • CVE-2019-3718HigApr 18, 2019
    risk 0.57cvss 8.8epss 0.01

    Dell SupportAssist Client versions prior to 3.2.0.90 contain an improper origin validation vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to attempt CSRF attacks on users of the impacted systems.

  • CVE-2019-3398HigKEVApr 18, 2019
    risk 0.80cvss 8.8epss 0.97

    Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has 'Admin' permissions for a space…

  • CVE-2018-16877HigApr 18, 2019
    risk 0.00cvss 7.8epss 0.00

    A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.