VYPR

CVEs

100,082 total · page 1651 of 2,002

  • CVE-2018-20616HigDec 31, 2018
    risk 0.57cvss 8.8epss 0.01

    ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_wav_decode_ms_adpcm_data function in ok_wav.c.

  • CVE-2018-20614HigDec 30, 2018
    risk 0.49cvss 7.5epss 0.01

    public\install\install.php in CIM 0.9.3 allows remote attackers to reload the product via the public/install/#/step3 URI.

  • CVE-2018-20613HigDec 30, 2018
    risk 0.57cvss 8.8epss 0.00

    TEMMOKU T1.09 Beta allows admin/user/add CSRF.

  • CVE-2018-20612HigDec 30, 2018
    risk 0.57cvss 8.8epss 0.00

    UWA 2.3.11 allows index.php?g=admin&c=admin&a=add_admin_do CSRF.

  • CVE-2018-20608HigDec 30, 2018
    risk 0.50cvss 7.5epss 0.12

    imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI.

  • CVE-2018-20606HigDec 30, 2018
    risk 0.49cvss 7.5epss 0.03

    imcat 4.4 allows full path disclosure via a dev.php?tools-ipaddr&api=Pcoln&uip= URI.

  • CVE-2018-20603HigDec 30, 2018
    risk 0.57cvss 8.8epss 0.01

    Lei Feng TV CMS (aka LFCMS) 3.8.6 allows admin.php?s=/Member/add.html CSRF.

  • CVE-2018-20602HigDec 30, 2018
    risk 0.49cvss 7.5epss 0.01

    Lei Feng TV CMS (aka LFCMS) 3.8.6 allows full path disclosure via the /install.php?s=/1 URI.

  • CVE-2018-20599HigDec 30, 2018
    risk 0.57cvss 8.8epss 0.02

    UCMS 1.4.7 allows remote attackers to execute arbitrary PHP code by entering this code during an index.php sadmin_fileedit action.

  • CVE-2018-20598HigDec 30, 2018
    risk 0.57cvss 8.8epss 0.01

    UCMS 1.4.7 has ?do=user_addpost CSRF.

  • CVE-2018-20595HigDec 30, 2018
    risk 0.50cvss 8.8epss 0.01

    A CSRF issue was discovered in web/authorization/oauth2/controller/OAuth2ClientController.java in hsweb 3.0.4 because the state parameter in the request is not compared with the state parameter in the session after user authentication is successful.

  • CVE-2018-15007HigDec 28, 2018
    risk 0.51cvss 7.8epss 0.00

    The Sky Elite 6.0L+ Android device with a build fingerprint of SKY/x6069_trx_l601_sky/x6069_trx_l601_sky:6.0/MRA58K/1482897127:user/release-keys contains a pre-installed platform app with a package name of com.fw.upgrade.sysoper (versionCode=238, versionName=2.3.8) that contains…

  • CVE-2018-15005HigDec 28, 2018
    risk 0.46cvss 7.1epss 0.00

    The ZTE ZMAX Champ Android device with a build fingerprint of ZTE/Z917VL/fortune:6.0.1/MMB29M/20170327.120922:user/release-keys contains a pre-installed platform app with a package name of com.zte.zdm.sdm (versionCode=31, versionName=V5.0.3) that contains an exported broadcast…

  • CVE-2018-14988HigDec 28, 2018
    risk 0.49cvss 7.5epss 0.01

    The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201_N/m201_N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android (versionCode=19, versionName=4.4.2-20170213) that contains an exported broadcast receiver…

  • CVE-2018-14987HigDec 28, 2018
    risk 0.46cvss 7.1epss 0.00

    The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201_N/m201_N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android (versionCode=19, versionName=4.4.2-20170213) that dynamically registers a broadcast receiver app…

  • CVE-2018-14986HigDec 28, 2018
    risk 0.49cvss 7.5epss 0.01

    The Leagoo Z5C Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed app with a package name of com.android.messaging (versionCode=1000110, versionName=1.0.001, (android.20170630.092853-0))…

  • CVE-2018-14985HigDec 28, 2018
    risk 0.46cvss 7.1epss 0.00

    The Leagoo Z5C Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.android.settings (versionCode=23, versionName=6.0-android.20170630.092853) that…

  • CVE-2018-14984HigDec 28, 2018
    risk 0.49cvss 7.5epss 0.01

    The Leagoo Z5C Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed app with a package name of com.android.messaging (versionCode=1000110, versionName=1.0.001, (android.20170630.092853-0))…

  • CVE-2018-20579HigDec 28, 2018
    risk 0.46cvss 7.1epss 0.00

    Contiki-NG before 4.2 has a stack-based buffer overflow in the push function in os/lib/json/jsonparse.c that allows an out-of-bounds write of an '{' or '[' character.

  • CVE-2018-20578HigDec 28, 2018
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in NuttX before 7.27. The function netlib_parsehttpurl() in apps/netutils/netlib/netlib_parsehttpurl.c mishandles URLs longer than hostlen bytes (in the webclient, this is set by default to 40), leading to an Infinite Loop. The attack vector is the…

  • CVE-2018-20575HigDec 28, 2018
    risk 0.49cvss 7.5epss 0.01

    Orange Livebox 00.96.320S devices have an undocumented /system_firmwarel.stm URI for manual firmware update. This is related to Firmware 01.11.2017-11:43:44, Boot v0.70.03, Modem 5.4.1.10.1.1A, Hardware 02, and Arcadyan ARV7519RW22-A-L T VR9 1.2.

  • CVE-2018-18696HigDec 28, 2018
    risk 0.57cvss 8.8epss 0.01

    main.aspx in Microstrategy Analytics 10.4.0026.0049 and earlier has CSRF. NOTE: The vendor claims that documentation for preventing a CSRF attack has been provided (https://community.microstrategy.com/s/article/KB37643-New-security-feature-introduced-in-MicroStrategy-Web-9-0?lang…

  • CVE-2018-18667HigDec 28, 2018
    risk 0.49cvss 7.5epss 0.01

    The mintToken function of Pylon (PYLNT) aka PylonToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value, a related issue to CVE-2018-11812.

  • CVE-2018-18666HigDec 28, 2018
    risk 0.49cvss 7.5epss 0.01

    The mintToken function of SwftCoin (SWFTC) aka SwftCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

  • CVE-2018-18665HigDec 28, 2018
    risk 0.49cvss 7.5epss 0.01

    The mintToken function of Nexxus (NXX) aka NexxusToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

  • CVE-2018-20571HigDec 28, 2018
    risk 0.49cvss 7.5epss 0.01

    DamiCMS 6.0.1 allows remote attackers to read arbitrary files via a crafted admin.php?s=Tpl/Add/id request, as demonstrated by admin.php?s=Tpl/Add/id/.\Public\Config\config.ini.php to read the global configuration file.

  • CVE-2018-20553HigDec 28, 2018
    risk 0.00cvss 7.8epss 0.01

    Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c.

  • CVE-2018-20552HigDec 28, 2018
    risk 0.00cvss 7.8epss 0.01

    Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c.

  • CVE-2018-20549HigDec 28, 2018
    risk 0.57cvss 8.8epss 0.02

    There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19.

  • CVE-2018-20548HigDec 28, 2018
    risk 0.57cvss 8.8epss 0.02

    There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 1bpp data.

  • CVE-2018-20547HigDec 28, 2018
    risk 0.53cvss 8.1epss 0.02

    There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for 24bpp data.

  • CVE-2018-20546HigDec 28, 2018
    risk 0.00cvss 8.1epss 0.02

    There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case.

  • CVE-2018-20545HigDec 28, 2018
    risk 0.00cvss 8.8epss 0.02

    There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data.

  • CVE-2018-20542HigDec 28, 2018
    risk 0.00cvss 8.8epss 0.02

    There is a heap-based buffer-overflow at generator_spgemm_csc_reader.c (function libxsmm_sparse_csc_reader) in LIBXSMM 1.10, a different vulnerability than CVE-2018-20541 (which is in a different part of the source code and is seen at a different address).

  • CVE-2018-20541HigDec 28, 2018
    risk 0.00cvss 8.8epss 0.02

    There is a heap-based buffer overflow in libxsmm_sparse_csc_reader at generator_spgemm_csc_reader.c in LIBXSMM 1.10, a different vulnerability than CVE-2018-20542 (which is in a different part of the source code and is seen at different addresses).

  • CVE-2018-17539HigDec 28, 2018
    risk 0.49cvss 7.5epss 0.02

    The BGP daemon (bgpd) in all IP Infusion ZebOS versions to 7.10.6 and all OcNOS versions to 1.3.3.145 allow remote attackers to cause a denial of service attack via an autonomous system (AS) path containing 8 or more autonomous system number (ASN) elements.

  • CVE-2018-1000890HigDec 28, 2018
    risk 0.49cvss 7.5epss 0.02

    FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability in the parameter "filterType" in /attachments.php that can allow the attacker to grab the entire database of the application.

  • CVE-2018-1000889HigDec 28, 2018
    risk 0.57cvss 8.8epss 0.01

    Logisim Evolution version 2.14.3 and earlier contains an XML External Entity (XXE) vulnerability in Circuit file loading functionality (loadXmlFrom in src/com/cburch/logisim/file/XmlReader.java) that can result in information leak, possible RCE depending on system configuration.…

  • CVE-2018-1000888HigDec 28, 2018
    risk 0.55cvss 8.8epss 0.18

    PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the Archive_Tar class. There are several file operations with `$v_header['filename']` as parameter (such as file_exists, is_file, is_dir, etc). When extract is called without a specific…

  • CVE-2018-1000630HigDec 28, 2018
    risk 0.47cvss 7.2epss 0.02

    Battelle V2I Hub 2.5.1 is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to /api/PluginStatusActions.php and /status/pluginStatus.php using the jtSorting or id parameter, which could allow the attacker to view, add,…

  • CVE-2018-1000624HigDec 28, 2018
    risk 0.49cvss 7.5epss 0.02

    Battelle V2I Hub 2.5.1 is vulnerable to a denial of service, caused by the failure to restrict access to a sensitive functionality. By visiting http://V2I_HUB/UI/powerdown.php, a remote attacker could exploit this vulnerability to shut down the system.

  • CVE-2018-20519HigDec 27, 2018
    risk 0.53cvss 8.1epss 0.01

    An issue was discovered in 74cms v4.2.111. It allows remote authenticated users to read or modify arbitrary resumes by changing a job-search intention, as demonstrated by the index.php?c=Personal&a=ajax_save_basic pid parameter.

  • CVE-2018-20404HigDec 26, 2018
    risk 0.49cvss 7.5epss 0.01

    ETK_E900.sys, a SmartETK driver for VIA Technologies EPIA-E900 system board, is vulnerable to denial of service attack via IOCTL 0x9C402048, which calls memmove and constantly fails on an arbitrary (uncontrollable) address, resulting in an eternal hang or a BSoD.

  • CVE-2018-19870HigDec 26, 2018
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.

  • CVE-2018-19616HigDec 26, 2018
    risk 0.58cvss 8.1epss 0.30

    An issue was discovered in Rockwell Automation Allen-Bradley PowerMonitor 1000. An unauthenticated user can add/edit/remove administrators because access control is implemented on the client side via a disabled attribute for a BUTTON element.

  • CVE-2018-19182HigDec 26, 2018
    risk 0.00cvss 8.8epss 0.01

    Engelsystem before commit hash 2e28336 allows CSRF.

  • CVE-2018-18536HigDec 26, 2018
    risk 0.51cvss 7.8epss 0.01

    The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 and earlier expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.

  • CVE-2018-18535HigDec 26, 2018
    risk 0.51cvss 7.8epss 0.01

    The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code.

  • CVE-2018-17987HigDec 26, 2018
    risk 0.49cvss 7.5epss 0.01

    The determineWinner function of a smart contract implementation for HashHeroes Tiles, an Ethereum game, uses a certain blockhash value in an attempt to generate a random number for the case where NUM_TILES equals the number of people who purchased a tile, which allows an…

  • CVE-2018-15518HigDec 26, 2018
    risk 0.50cvss 8.8epss 0.03

    QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.