VYPR

CVEs

100,082 total · page 1657 of 2,002

  • CVE-2018-5805HigDec 7, 2018
    risk 0.00cvss 8.8epss 0.02

    A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash.

  • CVE-2018-5802HigDec 7, 2018
    risk 0.00cvss 8.8epss 0.02

    An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.

  • CVE-2017-16909HigDec 7, 2018
    risk 0.00cvss 8.8epss 0.02

    An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image.

  • CVE-2018-7080HigDec 7, 2018
    risk 0.49cvss 7.5epss 0.01

    A vulnerability exists in the firmware of embedded BLE radios that are part of some Aruba Access points. An attacker who is able to exploit the vulnerability could install new, potentially malicious firmware into the AP's BLE radio and could then gain access to the AP's console…

  • CVE-2018-7079HigDec 7, 2018
    risk 0.47cvss 7.2epss 0.01

    Aruba ClearPass Policy Manager guest authorization failure. Certain administrative operations in ClearPass Guest do not properly enforce authorization rules, which allows any authenticated administrative user to execute those operations regardless of privilege level. This could…

  • CVE-2018-7067HigDec 7, 2018
    risk 0.47cvss 7.2epss 0.01

    A Remote Authentication bypass in Aruba ClearPass Policy Manager leads to complete cluster compromise. An authentication flaw in all versions of ClearPass could allow an attacker to compromise the entire cluster through a specially crafted API call. Network access to the…

  • CVE-2018-7065HigDec 7, 2018
    risk 0.47cvss 7.2epss 0.01

    An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation. All versions of ClearPass are affected by multiple authenticated SQL injection vulnerabilities. In each case, an authenticated administrative user of any type could…

  • CVE-2018-7063HigDec 7, 2018
    risk 0.53cvss 8.1epss 0.01

    In Aruba ClearPass, disabled API admins can still perform read/write operations. In certain circumstances, API admins in ClearPass which have been disabled may still be able to perform read/write operations on parts of the XML API. This can lead to unauthorized access to the API…

  • CVE-2018-16861HigDec 7, 2018
    risk 0.49cvss 7.6epss 0.01

    A cross-site scripting (XSS) flaw was found in the foreman component of satellite. An attacker with privilege to create entries using the Hosts, Monitor, Infrastructure, or Administer Menus is able to execute a XSS attacks against other users, possibly leading to malicious code…

  • CVE-2018-19960HigDec 7, 2018
    risk 0.39cvss 7.0epss 0.00

    The debug_mode function in web/web.py in OnionShare through 1.3.1, when --debug is enabled, uses the /tmp/onionshare_server.log pathname for logging, which might allow local users to overwrite files or obtain sensitive information by using this pathname.

  • CVE-2018-1920HigDec 7, 2018
    risk 0.46cvss 7.1epss 0.02

    IBM Marketing Platform 9.1.0, 9.1.2 and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 152855.

  • CVE-2018-1424HigDec 7, 2018
    risk 0.46cvss 7.1epss 0.02

    IBM Marketing Platform 9.1.0, 9.1.2, and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 139029.

  • CVE-2018-17924HigDec 7, 2018
    risk 0.56cvss 8.6epss 0.04

    Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even…

  • CVE-2017-14888HigDec 7, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Userspace can pass IEs to the host driver and if multiple append commands are received, then the integer variable that stores the length can overflow and the subsequent…

  • CVE-2018-19939HigDec 7, 2018
    risk 0.49cvss 7.5epss 0.01

    The Goodix GT9xx touchscreen driver for custom Linux kernels on Xiaomi daisy-o-oss and daisy-p-oss as used in Mi A2 Lite and RedMi6 pro devices through 2018-08-27 has a NULL pointer dereference in kfree after a kmalloc failure in gtp_read_Color in…

  • CVE-2018-19935HigDec 7, 2018
    risk 0.49cvss 7.5epss 0.07

    ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function.

  • CVE-2018-19931HigDec 7, 2018
    risk 0.51cvss 7.8epss 0.02

    An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.

  • CVE-2018-6757HigDec 6, 2018
    risk 0.52cvss 7.5epss 0.01

    Privilege Escalation vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware.

  • CVE-2018-6756HigDec 6, 2018
    risk 0.54cvss 7.8epss 0.01

    Authentication Abuse vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute unauthorized commands via specially crafted malware.

  • CVE-2018-6755HigDec 6, 2018
    risk 0.50cvss 7.2epss 0.01

    Weak Directory Permission Vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware.

  • CVE-2018-19923HigDec 6, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. There is member/member_email.php?action=edit CSRF.

  • CVE-2018-19660HigDec 6, 2018
    risk 0.60cvss 8.8epss 0.31

    An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. A specially crafted HTTP POST request to /goform/webSettingProfileSecurity can result in running OS commands…

  • CVE-2018-19659HigDec 6, 2018
    risk 0.58cvss 8.8epss 0.04

    An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. A specially crafted HTTP POST request to /goform/net_WebPingGetValue can result in running OS commands as…

  • CVE-2018-16601HigDec 6, 2018
    risk 0.53cvss 8.1epss 0.04

    An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of…

  • CVE-2018-16528HigDec 6, 2018
    risk 0.53cvss 8.1epss 0.03

    Amazon Web Services (AWS) FreeRTOS through 1.3.1 allows remote attackers to execute arbitrary code because of mbedTLS context object corruption in prvSetupConnection and GGD_SecureConnect_Connect in AWS TLS connectivity modules.

  • CVE-2018-16526HigDec 6, 2018
    risk 0.53cvss 8.1epss 0.04

    Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to leak information or execute arbitrary code because of a Buffer Overflow during generation of a…

  • CVE-2018-16525HigDec 6, 2018
    risk 0.53cvss 8.1epss 0.04

    Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to execute arbitrary code or leak information because of a Buffer Overflow during parsing of DNS\LLMNR…

  • CVE-2018-16523HigDec 6, 2018
    risk 0.48cvss 7.4epss 0.02

    Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions.

  • CVE-2018-16522HigDec 6, 2018
    risk 0.53cvss 8.1epss 0.02

    Amazon Web Services (AWS) FreeRTOS through 1.3.1 has an uninitialized pointer free in SOCKETS_SetSockOpt.

  • CVE-2018-19911HigDec 6, 2018
    risk 0.49cvss 7.5epss 0.03

    FreeSWITCH through 1.8.2, when mod_xml_rpc is enabled, allows remote attackers to execute arbitrary commands via the api/system or txtapi/system (or api/bg_system or txtapi/bg_system) query string on TCP port 8080, as demonstrated by an api/system?calc URI. This can also be…

  • CVE-2018-19908HigDec 6, 2018
    risk 0.62cvss 8.8epss 0.17

    An issue was discovered in MISP 2.4.9x before 2.4.99. In app/Model/Event.php (the STIX 1 import code), an unescaped filename string is used to construct a shell command. This vulnerability can be abused by a malicious authenticated user to execute arbitrary commands by tweaking…

  • CVE-2018-9568HigDec 6, 2018
    risk 0.51cvss 7.8epss 0.01

    In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel.…

  • CVE-2018-9567HigDec 6, 2018
    risk 0.51cvss 7.8epss 0.00

    On Pixel devices there is a bug causing verified boot to show the same certificate fingerprint despite using different signing keys. This may lead to local escalation of privilege if people are relying on those fingerprints to determine what version of the OS the device is…

  • CVE-2018-9565HigDec 6, 2018
    risk 0.49cvss 7.5epss 0.01

    In readBytes of xltdecwbxml.c, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:…

  • CVE-2018-9562HigDec 6, 2018
    risk 0.49cvss 7.5epss 0.01

    In bta_ag_do_disc of bta_ag_sdp.cc, there is a possible out-of-bound read due to an incorrect parameter size. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android.…

  • CVE-2018-9560HigDec 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In HID_DevAddRecord of hidd_api.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth service with User execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2018-9559HigDec 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In persist_set_key and other functions of cryptfs.cpp, there is a possible out-of-bounds write due to an uncaught error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2018-9558HigDec 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In rw_t2t_handle_tlv_detect of rw_t2t_ndef.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC kernel with no additional execution privileges needed. User interaction is needed for exploitation.…

  • CVE-2018-9557HigDec 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In really_install_package of install.cpp, there is a possible free of arbitrary memory due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android.…

  • CVE-2018-9555HigDec 6, 2018
    risk 0.57cvss 8.8epss 0.01

    In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2018-9553HigDec 6, 2018
    risk 0.51cvss 7.8epss 0.01

    In MasteringMetadata::Parse of mkvparser.cc there is a possible double free due to an insecure default value. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…

  • CVE-2018-9551HigDec 6, 2018
    risk 0.51cvss 7.8epss 0.01

    In CAacDecoder_Init of aacdecoder.cpp, there is a possible out-of-bound write due to a missing bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product:…

  • CVE-2018-9550HigDec 6, 2018
    risk 0.51cvss 7.8epss 0.01

    In CAacDecoder_Init of aacdecoder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…

  • CVE-2018-9549HigDec 6, 2018
    risk 0.51cvss 7.8epss 0.01

    In lppTransposer of lpp_tran.cpp there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0…

  • CVE-2018-9547HigDec 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In unflatten of GraphicBuffer.cpp, there is a possible bad fd close due to improper input validation. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2018-9538HigDec 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In V4L2SliceVideoDecodeAccelerator::Dequeue of v4l2_slice_video_decode_accelerator.cc, there is a possible out of bounds read of a function pointer due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed.…

  • CVE-2018-15332HigDec 6, 2018
    risk 0.46cvss 7.0epss 0.00

    The svpn component of the F5 BIG-IP APM client prior to version 7.1.7.2 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host in a race condition.

  • CVE-2018-19907HigDec 6, 2018
    risk 0.57cvss 8.8epss 0.02

    A Server-Side Template Injection issue was discovered in Crafter CMS 3.0.18. Attackers with developer privileges may execute OS commands by Creating/Editing a template file (.ftl filetype) that triggers a call to freemarker.template.utility.Execute in the FreeMarker library…

  • CVE-2018-19898HigDec 6, 2018
    risk 0.57cvss 8.8epss 0.01

    ThinkCMF X2.2.2 has SQL Injection via the method edit_post in ArticleController.class.php and is exploitable by normal authenticated users via the post[id][1] parameter in an article edit_post action.

  • CVE-2018-19897HigDec 6, 2018
    risk 0.47cvss 7.2epss 0.01

    ThinkCMF X2.2.2 has SQL Injection via the function _listorders() in AdminbaseController.class.php and is exploitable with the manager privilege via the listorders[key][1] parameter in a Link listorders action.