VYPR

CVEs

100,082 total · page 1654 of 2,002

  • CVE-2018-1771HigDec 20, 2018
    risk 0.55cvss 8.4epss 0.00

    IBM Domino 9.0 and 9.0.1 could allow an attacker to execute commands on the system by triggering a buffer overflow in the parsing of command line arguments passed to nsd.exe. IBM X-force ID: 148687.

  • CVE-2018-8653HigKEVDec 20, 2018
    risk 0.63cvss 7.5epss 0.30

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is…

  • CVE-2018-20303HigDec 20, 2018
    risk 0.42cvss 7.5epss 0.03

    In pkg/tool/path.go in Gogs before 0.11.82.1218, a directory traversal in the file-upload functionality can allow an attacker to create a file under data/sessions on the server, a similar issue to CVE-2018-18925.

  • CVE-2018-15801HigDec 19, 2018
    risk 0.41cvss 7.4epss 0.01

    Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. In order to be impacted, the same private key for an honest issuer and a malicious user must be used when signing JWTs. In that case, a malicious user could…

  • CVE-2018-15798HigDec 19, 2018
    risk 0.42cvss 7.6epss 0.01

    Pivotal Concourse Release, versions 4.x prior to 4.2.2, login flow allows redirects to untrusted websites. A remote unauthenticated attacker could convince a user to click on a link using the oAuth redirect link with an untrusted website and gain access to that user's access…

  • CVE-2018-18999HigDec 19, 2018
    risk 0.48cvss 7.3epss 0.02

    WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows 2008 R2 SP1. Lack of proper validation of user supplied input may allow an attacker to cause the overflow of a buffer on the stack.

  • CVE-2018-6307HigDec 19, 2018
    risk 0.48cvss 8.1epss 0.27

    LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution.

  • CVE-2018-20024HigDec 19, 2018
    risk 0.49cvss 7.5epss 0.03

    LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS.

  • CVE-2018-20023HigDec 19, 2018
    risk 0.49cvss 7.5epss 0.03

    LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains CWE-665: Improper Initialization vulnerability in VNC Repeater client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used…

  • CVE-2018-20022HigDec 19, 2018
    risk 0.49cvss 7.5epss 0.03

    LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it…

  • CVE-2018-20021HigDec 19, 2018
    risk 0.49cvss 7.5epss 0.04

    LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop vulnerability in VNC client code. Vulnerability allows attacker to consume excessive amount of resources like CPU and RAM

  • CVE-2018-17195HigDec 19, 2018
    risk 0.42cvss 7.5epss 0.01

    The template upload API endpoint accepted requests from different domain when sent in conjunction with ARP spoofing + man in the middle (MiTM) attack, resulting in a CSRF attack. The required attack vector is complex, requiring a scenario with client certificate authentication,…

  • CVE-2018-17194HigDec 19, 2018
    risk 0.42cvss 7.5epss 0.03

    When a client request to a cluster node was replicated to other nodes in the cluster for verification, the Content-Length was forwarded. On a DELETE request, the body was ignored, but if the initial request had a Content-Length value other than 0, the receiving nodes would wait…

  • CVE-2018-20231HigDec 19, 2018
    risk 0.57cvss 8.8epss 0.01

    Cross Site Request Forgery (CSRF) in the two-factor-authentication plugin before 1.3.13 for WordPress allows remote attackers to disable 2FA via the tfa_enable_tfa parameter due to missing nonce validation.

  • CVE-2018-20230HigDec 19, 2018
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in PSPP 1.2.0. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

  • CVE-2018-20228HigDec 19, 2018
    risk 0.52cvss 8.0epss 0.00

    Subsonic V6.1.5 allows internetRadioSettings.view streamUrl CSRF, with resultant SSRF.

  • CVE-2018-20227HigDec 19, 2018
    risk 0.42cvss 7.5epss 0.02

    RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a ZIP archive.

  • CVE-2018-16884HigDec 18, 2018
    risk 0.52cvss 8.0epss 0.01

    A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel…

  • CVE-2018-20213HigDec 18, 2018
    risk 0.49cvss 7.5epss 0.01

    wbook_addworksheet in workbook.c in libexcel.a in libexcel 0.01 allows attackers to cause a denial of service (SEGV) via a long name. NOTE: this is not a Microsoft product.

  • CVE-2017-15031HigDec 18, 2018
    risk 0.49cvss 7.5epss 0.02

    In all versions of ARM Trusted Firmware up to and including v1.4, not initializing or saving/restoring the PMCR_EL0 register can leak secure world timing information.

  • CVE-2018-4015HigDec 18, 2018
    risk 0.53cvss 8.1epss 0.01

    An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud SDK. The configuration of the HTTP client does not enforce a secure connection by default, resulting in a failure to validate TLS certificates. An attacker could impersonate a remote…

  • CVE-2018-20201HigDec 18, 2018
    risk 0.51cvss 7.8epss 0.01

    There is a stack-based buffer over-read in the jsfNameFromString function of jsflash.c in Espruino 2V00, leading to a denial of service or possibly unspecified other impact via a crafted js file.

  • CVE-2018-20197HigDec 18, 2018
    risk 0.51cvss 7.8epss 0.01

    There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the…

  • CVE-2018-20196HigDec 18, 2018
    risk 0.51cvss 7.8epss 0.01

    There is a stack-based buffer overflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because the S_M array is…

  • CVE-2018-20194HigDec 18, 2018
    risk 0.51cvss 7.8epss 0.01

    There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the…

  • CVE-2018-7833HigDec 17, 2018
    risk 0.49cvss 7.5epss 0.01

    An Improper Check for Unusual or Exceptional Conditions vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where an unauthenticated user can send a specially crafted XML data via a POST request to cause the web server to…

  • CVE-2018-7812HigDec 17, 2018
    risk 0.49cvss 7.5epss 0.04

    An Information Exposure through Discrepancy vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where the web server sends different responses in a way that exposes security-relevant information about the state of the…

  • CVE-2018-20188HigDec 17, 2018
    risk 0.57cvss 8.8epss 0.01

    FUEL CMS 1.4.3 has CSRF via users/create/ to add an administrator account.

  • CVE-2018-20092HigDec 17, 2018
    risk 0.49cvss 7.5epss 0.02

    PTC ThingWorx Platform through 8.3.0 is vulnerable to a directory traversal attack on ZIP files via a POST request.

  • CVE-2018-16596HigDec 17, 2018
    risk 0.49cvss 7.5epss 0.01

    A stack-based buffer overflow in the LAN UPnP service running on UDP port 1900 of Swisscom Internet-Box (2, Standard, and Plus) prior to v09.04.00 and Internet-Box light prior to v08.05.02 allows remote code execution. No authentication is required to exploit this vulnerability.…

  • CVE-2018-19295HigDec 17, 2018
    risk 0.44cvss 7.8epss 0.00

    Sylabs Singularity 2.4 to 2.6 allows local users to conduct Improper Input Validation attacks.

  • CVE-2018-18250HigDec 17, 2018
    risk 0.49cvss 7.5epss 0.01

    Icinga Web 2 before 2.6.2 allows parameters that break navigation dashlets, as demonstrated by a single '$' character as the Name of a Navigation item.

  • CVE-2017-18355HigDec 17, 2018
    risk 0.42cvss 7.5epss 0.01

    Installed packages are exposed by node_modules in Rendertron 1.0.0, allowing remote attackers to read absolute paths on the server by examining the "_where" attribute of package.json files.

  • CVE-2017-18354HigDec 17, 2018
    risk 0.42cvss 7.5epss 0.01

    Rendertron 1.0.0 allows for alternative protocols such as 'file://' introducing a Local File Inclusion (LFI) bug where arbitrary files can be read by a remote attacker.

  • CVE-2017-18353HigDec 17, 2018
    risk 0.42cvss 7.5epss 0.01

    Rendertron 1.0.0 includes an _ah/stop route to shutdown the Chrome instance responsible for serving render requests to all users. Visiting this route with a GET request allows any unauthorized remote attacker to disable the core service of the application.

  • CVE-2018-20167HigDec 17, 2018
    risk 0.51cvss 7.8epss 0.03

    Terminology before 1.3.1 allows Remote Code Execution because popmedia is mishandled, as demonstrated by an unsafe "cat README.md" command when \e}pn is used. A popmedia control sequence can allow the malicious execution of executable file formats registered in the X desktop…

  • CVE-2018-20159HigDec 15, 2018
    risk 0.51cvss 7.2epss 0.10

    i-doit open 1.11.2 allows Remote Code Execution because ZIP archives are mishandled. It has an upload feature that allows an authenticated user with the administrator role to upload arbitrary files to the main website directory. Exploitation involves uploading a ".php" file…

  • CVE-2018-20157HigDec 15, 2018
    risk 0.49cvss 7.5epss 0.02

    The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files.

  • CVE-2018-20156HigDec 14, 2018
    risk 0.47cvss 7.2epss 0.02

    The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated "site administrator" users to execute arbitrary PHP code throughout a multisite network.

  • CVE-2018-20151HigDec 14, 2018
    risk 0.42cvss 7.5epss 0.07

    In WordPress before 4.9.9 and 5.x before 5.0.1, the user-activation page could be read by a search engine's web crawler if an unusual configuration were chosen. The search engine could then index and display a user's e-mail address and (rarely) the password that was generated by…

  • CVE-2018-19003HigDec 14, 2018
    risk 0.49cvss 7.5epss 0.03

    GE Mark VIe, EX2100e, EX2100e_Reg, and LS2100e Versions 03.03.28C to 05.02.04C, EX2100e All versions prior to v04.09.00C, EX2100e_Reg All versions prior to v04.09.00C, and LS2100e All versions prior to v04.09.00C The affected versions of the application have a path traversal…

  • CVE-2018-16874HigDec 14, 2018
    risk 0.53cvss 8.1epss 0.05

    In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both '{' and '}' characters). Specifically, it is only vulnerable in GOPATH mode, but…

  • CVE-2018-16873HigDec 14, 2018
    risk 0.58cvss 8.1epss 0.66

    In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in…

  • CVE-2018-3704HigDec 14, 2018
    risk 0.51cvss 7.8epss 0.00

    Improper directory permissions in the installer for the Intel Parallel Studio before 2019 Gold may allow authenticated users to potentially enable an escalation of privilege via local access.

  • CVE-2018-18097HigDec 14, 2018
    risk 0.51cvss 7.8epss 0.00

    Improper directory permissions in Intel Solid State Drive Toolbox before 3.5.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2018-18093HigDec 14, 2018
    risk 0.51cvss 7.8epss 0.00

    Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access.

  • CVE-2018-20145HigDec 13, 2018
    risk 0.00cvss 7.5epss 0.02

    Eclipse Mosquitto 1.5.x before 1.5.5 allows ACL bypass: if the option per_listener_settings was set to true, and the default listener was in use, and the default listener specified an acl_file, then the acl file was being ignored.

  • CVE-2018-19118HigDec 13, 2018
    risk 0.49cvss 7.5epss 0.07

    Zoho ManageEngine ADAudit before 5.1 build 5120 allows remote attackers to cause a denial of service (stack-based buffer overflow) via the 'Domain Name' field when adding a new domain.

  • CVE-2018-1821HigDec 13, 2018
    risk 0.50cvss 7.1epss 0.16

    IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID:…

  • CVE-2018-16557HigDec 13, 2018
    risk 0.53cvss 8.2epss 0.01

    A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions…