VYPR

CVEs

100,082 total · page 1650 of 2,002

  • CVE-2019-0541HigKEVJan 8, 2019
    risk 0.76cvss 8.8epss 0.53

    A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft…

  • CVE-2019-0539HigJan 8, 2019
    risk 0.03cvss 7.5epss 0.83

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0567,…

  • CVE-2019-0538HigJan 8, 2019
    risk 0.52cvss 7.8epss 0.21

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows…

  • CVE-2019-0249HigJan 8, 2019
    risk 0.49cvss 7.5epss 0.02

    Under certain conditions SAP Landscape Management (VCM 3.0) allows an attacker to access information which would otherwise be restricted.

  • CVE-2019-0243HigJan 8, 2019
    risk 0.57cvss 8.8epss 0.02

    Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixed in DW4CORE version 1.0 (SP08)) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

  • CVE-2019-0241HigJan 8, 2019
    risk 0.49cvss 7.5epss 0.02

    SAP Work and Inventory Manager (Agentry_SDK , before 7.0, 7.1) allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.

  • CVE-2019-0240HigJan 8, 2019
    risk 0.49cvss 7.5epss 0.02

    SAP Business Objects Mobile for Android (before 6.3.5) application allows an attacker to provide malicious input in the form of a SAP BI link, preventing legitimate users from accessing the application by crashing it.

  • CVE-2018-2499HigJan 8, 2019
    risk 0.49cvss 7.5epss 0.02

    A security weakness in SAP Financial Consolidation Cube Designer (BOBJ_EADES fixed in versions 8.0, 10.1) may allow an attacker to discover the password hash of an admin user.

  • CVE-2018-2484HigJan 8, 2019
    risk 0.57cvss 8.8epss 0.01

    SAP Enterprise Financial Services (fixed in SAPSCORE 1.13, 1.14, 1.15; S4CORE 1.01, 1.02, 1.03; EA-FINSERV 1.10, 2.0, 5.0, 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0; Bank/CFM 4.63_20) does not perform necessary authorization checks for an authenticated user, resulting…

  • CVE-2019-5488HigJan 7, 2019
    risk 0.49cvss 7.5epss 0.01

    EARCLINK ESPCMS-P8 has SQL injection in the install_pack/index.php?ac=Member&at=verifyAccount verify_key parameter. install_pack/espcms_public/espcms_db.php may allow retrieving sensitive information from the ESPCMS database.

  • CVE-2018-1320HigJan 7, 2019
    risk 0.42cvss 7.5epss 0.08

    Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production…

  • CVE-2018-5481HigJan 7, 2019
    risk 0.48cvss 7.4epss 0.01

    OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle (MITM) attacks.

  • CVE-2018-5410HigJan 7, 2019
    risk 0.54cvss 7.8epss 0.02

    Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a stack-based buffer overflow in the dokan1.sys driver. An attacker can create a device handle to the system driver and send arbitrary input that will trigger the vulnerability. This vulnerability was…

  • CVE-2019-5009HigJan 4, 2019
    risk 0.51cvss 7.2epss 0.10

    Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo upload field, if the uploaded file is in PNG format and has a size of 150x40. One can put PHP code into the image; PHP code can be executed using "<? ?>" tags, as demonstrated by a…

  • CVE-2019-5007HigJan 3, 2019
    risk 0.46cvss 7.1epss 0.02

    An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is an Out-of-Bounds Read Information Disclosure and crash due to a NULL pointer dereference when reading TIFF data during TIFF parsing.

  • CVE-2018-19249HigJan 3, 2019
    risk 0.49cvss 7.5epss 0.01

    The Stripe API v1 allows remote attackers to bypass intended access restrictions by replaying api.stripe.com /v1/tokens XMLHttpRequest data, parsing the response under the object card{}, and reading the cvc_check information if the creation is successful without charging the…

  • CVE-2019-3575HigJan 3, 2019
    risk 0.51cvss 7.8epss 0.00

    Sqla_yaml_fixtures 0.9.1 allows local users to execute arbitrary python code via the fixture_text argument in sqla_yaml_fixtures.load.

  • CVE-2018-19998HigJan 3, 2019
    risk 0.50cvss 8.8epss 0.02

    SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the employee parameter.

  • CVE-2018-19994HigJan 3, 2019
    risk 0.50cvss 8.8epss 0.02

    An error-based SQL injection vulnerability in product/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the desiredstock parameter.

  • CVE-2018-16882HigJan 3, 2019
    risk 0.57cvss 8.8epss 0.00

    A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without…

  • CVE-2017-18330HigJan 3, 2019
    risk 0.51cvss 7.8epss 0.00

    Buffer overflow in AES-CCM and AES-GCM encryption via initialization vector in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425,…

  • CVE-2017-18329HigJan 3, 2019
    risk 0.51cvss 7.8epss 0.00

    Possible Buffer overflow when transmitting an RTP packet in snapdragon automobile and snapdragon wear in versions MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415,…

  • CVE-2017-18328HigJan 3, 2019
    risk 0.51cvss 7.8epss 0.00

    Use after free in QSH client rule processing in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 820, SD 835, SDA660,…

  • CVE-2017-18320HigJan 3, 2019
    risk 0.51cvss 7.8epss 0.00

    QSEE unload attempt on a 3rd party TEE without previously loading results in a data abort in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD…

  • CVE-2017-18141HigJan 3, 2019
    risk 0.51cvss 7.8epss 0.00

    When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions…

  • CVE-2019-3580HigJan 3, 2019
    risk 0.49cvss 7.5epss 0.02

    OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file.

  • CVE-2018-20131HigJan 3, 2019
    risk 0.51cvss 7.8epss 0.00

    The Code42 app before 6.8.4, as used in Code42 for Enterprise, on Linux installs with overly permissive permissions on the /usr/local/crashplan/log directory. This allows a user to manipulate symbolic links to escalate privileges, or show the contents of sensitive files that a…

  • CVE-2018-18264HigJan 3, 2019
    risk 0.06cvss 7.5epss 0.70

    Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster.

  • CVE-2018-20211HigJan 2, 2019
    risk 0.51cvss 7.8epss 0.01

    ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's username, and then copying a Trojan horse ws32_32.dll file into this new folder, aka DLL Hijacking. NOTE: 8.32 is an obsolete version from 2010…

  • CVE-2018-20166HigJan 2, 2019
    risk 0.61cvss 8.8epss 0.07

    A file-upload vulnerability exists in Rukovoditel 2.3.1. index.php?module=configuration/save allows the user to upload a background image, and mishandles extension checking. It accepts uploads of PHP content if the first few characters match GIF data, and the filename ends in…

  • CVE-2018-15490HigJan 2, 2019
    risk 0.46cvss 7.1epss 0.01

    An issue was discovered in ExpressVPN on Windows. The Xvpnd.exe process (which runs as a service with SYSTEM privileges) listens on TCP port 2015, which is used as an RPC interface for communication with the client side of the ExpressVPN application. A JSON-RPC protocol over…

  • CVE-2019-3574HigJan 2, 2019
    risk 0.51cvss 7.8epss 0.01

    In libsixel v1.8.2, there is a heap-based buffer over-read in the function load_jpeg() in the file loader.c, as demonstrated by img2sixel.

  • CVE-2018-20658HigJan 2, 2019
    risk 0.52cvss 7.5epss 0.08

    The server in Core FTP 2.0 build 653 on 32-bit platforms allows remote attackers to cause a denial of service (daemon crash) via a crafted XRMD command.

  • CVE-2018-5197HigJan 2, 2019
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in the ExtCommon.dll user extension module version 9.2, 9.2.1, 9.2.2 of Xplatform ActiveX could allow attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command parameters. An crafted malicious parameters…

  • CVE-2018-20657HigJan 2, 2019
    risk 0.49cvss 7.5epss 0.04

    The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.

  • CVE-2018-17188HigJan 2, 2019
    risk 0.47cvss 7.2epss 0.03

    Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of key components of the database. In some cases, this lead to vulnerabilities where CouchDB admin users could access the underlying operating system as the CouchDB user. Together with other…

  • CVE-2019-3500HigJan 2, 2019
    risk 0.51cvss 7.8epss 0.00

    aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file.

  • CVE-2019-3494HigJan 1, 2019
    risk 0.49cvss 7.5epss 0.01

    Simply-Blog through 2019-01-01 has SQL Injection via the admin/deleteCategories.php delete parameter.

  • CVE-2018-6347HigDec 31, 2018
    risk 0.00cvss 7.5epss 0.01

    An issue in the Proxygen handling of HTTP2 parsing of headers/trailers can lead to a denial-of-service attack. This affects Proxygen prior to v2018.12.31.00.

  • CVE-2018-6346HigDec 31, 2018
    risk 0.00cvss 7.5epss 0.01

    A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings (specifically a circular dependency). This affects Proxygen prior to v2018.12.31.00.

  • CVE-2018-6344HigDec 31, 2018
    risk 0.49cvss 7.5epss 0.02

    A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established. The vulnerability can be used to cause denial of service. It affects WhatsApp for Android prior to v2.18.293, WhatsApp for iOS prior to v2.18.93, and WhatsApp for…

  • CVE-2018-6343HigDec 31, 2018
    risk 0.00cvss 7.5epss 0.01

    Proxygen fails to validate that a secondary auth manager is set before dereferencing it. That can cause a denial of service issue when parsing a Certificate/CertificateRequest HTTP2 Frame over a fizz (TLS 1.3) transport. This issue affects Proxygen releases starting from…

  • CVE-2018-6340HigDec 31, 2018
    risk 0.00cvss 8.1epss 0.01

    The Memcache::getextendedstats function can be used to trigger an out-of-bounds read. Exploiting this issue requires control over memcached server hostnames and/or ports. This affects all supported versions of HHVM (3.30 and 3.27.4 and below).

  • CVE-2018-6337HigDec 31, 2018
    risk 0.00cvss 7.5epss 0.02

    folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. That will result in multiple forked children producing repeat (or similar) results. This affects HHVM 3.26 prior to 3.26.3 and the folly library between v2017.12.11.00 and…

  • CVE-2018-6336HigDec 31, 2018
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the…

  • CVE-2018-6335HigDec 31, 2018
    risk 0.00cvss 7.5epss 0.01

    A Malformed h2 frame can cause 'std::out_of_range' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM (3.25.2, 3.24.6, and 3.21.10 and below) when using the proxygen server to handle HTTP2 requests.

  • CVE-2018-18601HigDec 31, 2018
    risk 0.53cvss 8.1epss 0.01

    The TK_set_deviceModel_req_handle function in the cloud communication component in Guardzilla GZ621W devices with firmware 0.5.1.4 has a Buffer Overflow.

  • CVE-2018-18600HigDec 31, 2018
    risk 0.53cvss 8.1epss 0.02

    The remote upgrade feature in Guardzilla GZ180 devices allow command injection via a crafted new firmware version parameter.

  • CVE-2018-20618HigDec 31, 2018
    risk 0.57cvss 8.8epss 0.01

    ok-file-formats through 2018-10-16 has a heap-based buffer over-read in the ok_mo_decode2 function in ok_mo.c.

  • CVE-2018-20617HigDec 31, 2018
    risk 0.57cvss 8.8epss 0.01

    ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_csv_decode2 function in ok_csv.c.