VYPR

CVEs

100,082 total · page 1627 of 2,002

  • CVE-2019-3496HigMar 21, 2019
    risk 0.58cvss 8.8epss 0.10

    An issue was discovered on Wifi-soft UniBox controller 3.x devices. The tools/controller/diagnostic_tools_controller Diagnostic Tools Controller is vulnerable to Remote Command Execution, allowing an attacker to execute arbitrary system commands on the server with root user…

  • CVE-2019-3495HigMar 21, 2019
    risk 0.58cvss 8.8epss 0.05

    An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this…

  • CVE-2018-6517HigMar 21, 2019
    risk 0.49cvss 7.5epss 0.01

    Prior to version 0.3.0, chloride's use of net-ssh resulted in host fingerprints for previously unknown hosts getting added to the user's known_hosts file without confirmation. In version 0.3.0 this is updated so that the user's known_hosts file is not updated by chloride.

  • CVE-2018-4058HigMar 21, 2019
    risk 0.50cvss 7.7epss 0.01

    An exploitable unsafe default configuration vulnerability exists in the TURN server functionality of coTURN prior to 4.5.0.9. By default, the TURN server allows relaying external traffic to the loopback interface of its own host. This can provide access to other private services…

  • CVE-2018-20669HigMar 21, 2019
    risk 0.51cvss 7.8epss 0.01

    An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary…

  • CVE-2018-20648HigMar 21, 2019
    risk 0.57cvss 8.8epss 0.01

    PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery (CSRF) via accountedit.php.

  • CVE-2018-20644HigMar 21, 2019
    risk 0.57cvss 8.8epss 0.01

    PHP Scripts Mall Basic B2B Script 2.0.9 has Cross-Site Request Forgery (CSRF) via the Edit profile feature.

  • CVE-2018-20641HigMar 21, 2019
    risk 0.57cvss 8.8epss 0.01

    PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature.

  • CVE-2018-20633HigMar 21, 2019
    risk 0.57cvss 8.8epss 0.01

    PHP Scripts Mall Advance B2B Script 2.1.4 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature.

  • CVE-2018-20628HigMar 21, 2019
    risk 0.49cvss 7.5epss 0.02

    PHP Scripts Mall Charity Foundation Script 1 through 3 allows directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory.

  • CVE-2018-20615HigMar 21, 2019
    risk 0.49cvss 7.5epss 0.04

    An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame…

  • CVE-2018-20556HigMar 21, 2019
    risk 0.62cvss 8.8epss 0.19

    SQL injection vulnerability in Booking Calendar plugin 8.4.3 for WordPress allows remote attackers to execute arbitrary SQL commands via the booking_id parameter.

  • CVE-2018-20323HigMar 21, 2019
    risk 0.65cvss 8.8epss 0.55

    www/soap/application/MCSoap/Logs.php in MailCleaner Community Edition 2018.08 allows remote attackers to execute arbitrary OS commands.

  • CVE-2018-20221HigMar 21, 2019
    risk 0.61cvss 8.8epss 0.10

    Secure/SAService.rem in Deltek Ajera Timesheets 9.10.16 and prior are vulnerable to remote code execution via deserialization of untrusted user input from an authenticated user. The executed code will run as the IIS Application Pool that is running the application.

  • CVE-2018-20220HigMar 21, 2019
    risk 0.53cvss 7.5epss 0.15

    An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. While the web interface requires authentication before it can be interacted with, a large portion of the HTTP endpoints are missing authentication. An attacker is able to view these pages before…

  • CVE-2018-20219HigMar 21, 2019
    risk 0.57cvss 8.1epss 0.15

    An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. After successful authentication, the device sends an authentication cookie to the end user such that they can access the devices web administration panel. This token is hard-coded to a string in the…

  • CVE-2018-19513HigMar 21, 2019
    risk 0.49cvss 7.5epss 0.02

    In Webgalamb through 7.0, log files are exposed to the internet with predictable files/logs/sql_error_log/YYYY-MM-DD-sql_error_log.log filenames. The log file could contain sensitive client data (email addresses) and also facilitates exploitation of SQL injection errors.

  • CVE-2018-19512HigMar 21, 2019
    risk 0.47cvss 7.2epss 0.07

    In Webgalamb through 7.0, a system/ajax.php "wgmfile restore" directory traversal vulnerability could lead to arbitrary code execution by authenticated administrator users, because PHP files are restored under the document root directory.

  • CVE-2018-19487HigMar 21, 2019
    risk 0.49cvss 7.5epss 0.05

    The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_employer_ajax_profile() function through the admin-ajax.php file, which allows remote unauthenticated attackers to enumerate information about users.

  • CVE-2018-19158HigMar 21, 2019
    risk 0.49cvss 7.5epss 0.03

    ColossusCoinXT through 1.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's…

  • CVE-2018-18898HigMar 21, 2019
    risk 0.49cvss 7.5epss 0.02

    The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing.

  • CVE-2018-18862HigMar 21, 2019
    risk 0.57cvss 8.8epss 0.03

    BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control in ITAM forms, as demonstrated by TLS%3APLR-Configuration+Details/Default+Admin+View/, AST%3AARServerConnection/Default+Admin+View/, and AR+System+Administration%3A+Server+Information/…

  • CVE-2018-18466HigMar 21, 2019
    risk 0.46cvss 7.0epss 0.00

    An issue was discovered in SecurEnvoy SecurAccess 9.3.502. When put in Debug mode and used for RDP connections, the application stores the emergency credentials in cleartext in the logs (present in the DEBUG folder) that can be accessed by anyone. NOTE: The vendor disputes this…

  • CVE-2018-18435HigMar 21, 2019
    risk 0.54cvss 7.8epss 0.01

    KioWare Server version 4.9.6 and older installs by default to "C:\kioware_com" with weak folder permissions granting any user full permission "Everyone: (F)" to the contents of the directory and it's sub-folders. In addition, the program installs a service called "KWSService"…

  • CVE-2018-17497HigMar 21, 2019
    risk 0.55cvss 8.4epss 0.00

    eVisitorPass contains default administrative credentials. An attacker could exploit this vulnerability to gain full access to the application.

  • CVE-2018-17496HigMar 21, 2019
    risk 0.55cvss 8.4epss 0.00

    eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error while in kiosk mode. By visiting the kiosk and typing ctrl+shift+esc, an attacker could exploit this vulnerability to open the task manager to kill the process or launch new…

  • CVE-2018-17495HigMar 21, 2019
    risk 0.55cvss 8.4epss 0.00

    eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Help Dialog. By visiting the kiosk and removing the program from fullscreen, an attacker could exploit this vulnerability using the terminal to…

  • CVE-2018-17494HigMar 21, 2019
    risk 0.55cvss 8.4epss 0.00

    eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Start Menu. By visiting the kiosk and pressing windows key twice, an attacker could exploit this vulnerability to close the program and launch other…

  • CVE-2018-17493HigMar 21, 2019
    risk 0.55cvss 8.4epss 0.00

    eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Fullscreen button. By visiting the kiosk and clicking the full screen button in the bottom right, an attacker could exploit this vulnerability to close the program…

  • CVE-2018-17492HigMar 21, 2019
    risk 0.55cvss 8.4epss 0.00

    EasyLobby Solo contains default administrative credentials. An attacker could exploit this vulnerability to gain full access to the application.

  • CVE-2018-17491HigMar 21, 2019
    risk 0.55cvss 8.4epss 0.00

    EasyLobby Solo could allow a local attacker to gain elevated privileges on the system. By visiting the kiosk and typing "esc" to exit the program, an attacker could exploit this vulnerability to perform unauthorized actions on the computer.

  • CVE-2018-17490HigMar 21, 2019
    risk 0.50cvss 7.7epss 0.00

    EasyLobby Solo is vulnerable to a denial of service. By visiting the kiosk and accessing the task manager, a local attacker could exploit this vulnerability to kill the process or launch new processes at will.

  • CVE-2018-17488HigMar 21, 2019
    risk 0.55cvss 8.4epss 0.00

    Lobby Track Desktop could allow a local attacker to gain elevated privileges on the system, caused by an error in the printer dialog. By visiting the kiosk and accessing the print badge screen, an attacker could exploit this vulnerability using the command line to break out of…

  • CVE-2018-17487HigMar 21, 2019
    risk 0.55cvss 8.4epss 0.00

    Lobby Track Desktop could allow a local attacker to gain elevated privileges on the system, caused by an error in the printer dialog. By visiting the kiosk and signing in as a visitor, an attacker could exploit this vulnerability using the command line to break out of kiosk mode.

  • CVE-2018-17485HigMar 21, 2019
    risk 0.55cvss 8.4epss 0.00

    Lobby Track Desktop contains default administrative credentials. An attacker could exploit this vulnerability to gain full access to the application.

  • CVE-2018-16789HigMar 21, 2019
    risk 0.00cvss 7.5epss 0.06

    libhttp/url.c in shellinabox through 2.20 has an implementation flaw in the HTTP request parsing logic. By sending a crafted multipart/form-data HTTP request, an attacker could exploit this to force shellinaboxd into an infinite loop, exhausting available CPU resources and…

  • CVE-2018-15906HigMar 21, 2019
    risk 0.47cvss 7.2epss 0.08

    SolarWinds Serv-U FTP Server 15.1.6 allows remote authenticated users to execute arbitrary code by leveraging the Import feature and modifying a CSV file.

  • CVE-2018-15818HigMar 21, 2019
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Repute ARForms 3.5.1 and prior. An attacker is able to delete any file on the server with web server privileges by sending a malicious request to admin-ajax.php.

  • CVE-2018-15508HigMar 21, 2019
    risk 0.49cvss 7.5epss 0.02

    Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control allowing a remote attackers to cause a denial of service via opening a connection on port 8083 to a device running the Five9 SoftPhone(issue 1 of 2).

  • CVE-2018-15498HigMar 21, 2019
    risk 0.53cvss 8.1epss 0.01

    YSoft SafeQ Server 6 allows a replay attack.

  • CVE-2018-14745HigMar 21, 2019
    risk 0.57cvss 8.8epss 0.02

    Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrite kernel memory due to improper validation of the ring buffer read pointer. The…

  • CVE-2018-14575HigMar 21, 2019
    risk 0.60cvss 8.8epss 0.02

    Trash Bin plugin 1.1.3 for MyBB has cross-site scripting (XSS) via a thread subject and a cross-site request forgery (CSRF) via a post subject.

  • CVE-2018-12572HigMar 21, 2019
    risk 0.51cvss 7.8epss 0.00

    Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data.

  • CVE-2018-12023HigMar 21, 2019
    risk 0.42cvss 7.5epss 0.09

    An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access,…

  • CVE-2018-12022HigMar 21, 2019
    risk 0.42cvss 7.5epss 0.07

    An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an…

  • CVE-2018-11789HigMar 21, 2019
    risk 0.49cvss 7.5epss 0.07

    When accessing the heron-ui webpage, people can modify the file paths outside of the current container to access any file on the host. Example woule be modifying the parameter path= to go to the directory you would like to view. i.e. ..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd.

  • CVE-2018-11767HigMar 21, 2019
    risk 0.48cvss 7.4epss 0.04

    In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanisms.

  • CVE-2018-10093HigMar 21, 2019
    risk 0.66cvss 8.8epss 0.69

    AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Execution.

  • CVE-2017-16232HigMar 21, 2019
    risk 0.49cvss 7.5epss 0.05

    LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue

  • CVE-2016-9166HigMar 21, 2019
    risk 0.49cvss 7.5epss 0.01

    NetIQ eDirectory versions prior to 9.0.2, under some circumstances, could be susceptible to downgrade of communication security.