VYPR

CVEs

100,075 total · page 1661 of 2,002

  • CVE-2018-11911HigNov 27, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper configuration of script may lead to unprivileged access.

  • CVE-2018-11910HigNov 27, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /persist/ which presents a potential issue.

  • CVE-2018-11909HigNov 27, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /cache/ which presents a potential issue.

  • CVE-2018-11908HigNov 27, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /data/ which presents a potential issue.

  • CVE-2018-11907HigNov 27, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /firmware/ which presents a potential issue.

  • CVE-2018-11906HigNov 27, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a security concern with default privileged access to ADB and debug-fs.

  • CVE-2018-11823HigNov 27, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, freeing device memory in driver probe failure will result in double free issue in power module.

  • CVE-2018-11266HigNov 27, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper input validation can lead to an improper access to already freed up dci client entries while closing dci client.

  • CVE-2018-11261HigNov 27, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a possible Use-after-free issue in Media Codec process. Any application using codec service will be affected.

  • CVE-2018-11260HigNov 27, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a fast Initial link setup (FILS) connection request, integer overflow may lead to a buffer overflow when the key length is zero.

  • CVE-2017-11078HigNov 27, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the boot image header, an out of bounds read can occur in boot.

  • CVE-2018-13376HigNov 27, 2018
    risk 0.49cvss 7.5epss 0.02

    An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response.

  • CVE-2018-9083HigNov 27, 2018
    risk 0.53cvss 8.1epss 0.01

    In System Management Module (SMM) versions prior to 1.06, the SMM contains weak default root credentials which could be used to log in to the device OS -- if the attacker manages to enable SSH or Telnet connections via some other vulnerability.

  • CVE-2018-16094HigNov 27, 2018
    risk 0.53cvss 8.1epss 0.01

    In System Management Module (SMM) versions prior to 1.06, an internal SMM function that retrieves configuration settings is prone to a buffer overflow.

  • CVE-2018-16092HigNov 27, 2018
    risk 0.53cvss 8.1epss 0.01

    In System Management Module (SMM) versions prior to 1.06, the FFDC feature includes the collection of SMM system files containing sensitive information; notably, the SMM user account credentials and the system shadow file.

  • CVE-2018-16091HigNov 27, 2018
    risk 0.53cvss 8.1epss 0.01

    In System Management Module (SMM) versions prior to 1.06, the SMM certificate creation and parsing logic is vulnerable to several buffer overflows.

  • CVE-2018-16090HigNov 27, 2018
    risk 0.49cvss 7.5epss 0.01

    In System Management Module (SMM) versions prior to 1.06, the SMM certificate creation and parsing logic is vulnerable to post-authentication command injection.

  • CVE-2018-16089HigNov 27, 2018
    risk 0.49cvss 7.5epss 0.02

    In System Management Module (SMM) versions prior to 1.06, a field in the header of SMM firmware update images is insufficiently sanitized, allowing post-authentication command injection on the SMM as the root user.

  • CVE-2018-11766HigNov 27, 2018
    risk 0.57cvss 8.8epss 0.03

    In Apache Hadoop 2.7.4 to 2.7.6, the security fix for CVE-2016-6811 is incomplete. A user who can escalate to yarn user can possibly run arbitrary commands as root user.

  • CVE-2018-17953HigNov 27, 2018
    risk 0.49cvss 7.5epss 0.01

    A incorrect variable in a SUSE specific patch for pam_access rule matching in PAM 1.3.0 in openSUSE Leap 15.0 and SUSE Linux Enterprise 15 could lead to pam_access rules not being applied (fail open).

  • CVE-2018-13321HigNov 26, 2018
    risk 0.57cvss 8.8epss 0.01

    Incorrect access controls in nasapi in Buffalo TS5600D1206 version 3.61-0.10 allow attackers to call dangerous internal functions via the "method" parameter.

  • CVE-2018-13320HigNov 26, 2018
    risk 0.47cvss 7.2epss 0.03

    System Command Injection in network.set_auth_settings in Buffalo TS5600D1206 version 3.70-0.10 allows attackers to execute system commands via the adminUsername and adminPassword parameters.

  • CVE-2018-13319HigNov 26, 2018
    risk 0.49cvss 7.5epss 0.01

    Incorrect access control in get_portal_info in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to determine sensitive device information via an unauthenticated POST request.

  • CVE-2018-13318HigNov 26, 2018
    risk 0.47cvss 7.2epss 0.03

    System command injection in User.create method in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to execute system commands via the "name" parameter.

  • CVE-2018-19566HigNov 26, 2018
    risk 0.46cvss 7.1epss 0.01

    A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.

  • CVE-2018-19565HigNov 26, 2018
    risk 0.46cvss 7.1epss 0.01

    A buffer over-read in crop_masked_pixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.

  • CVE-2018-18807HigNov 26, 2018
    risk 0.49cvss 7.6epss 0.01

    The web application of the TIBCO Statistica component of TIBCO Software Inc.'s TIBCO Statistica Server contains vulnerabilities which may allow an authenticated user to perform cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Statistica…

  • CVE-2018-1905HigNov 26, 2018
    risk 0.46cvss 7.1epss 0.03

    IBM WebSphere Application Server 9.0.0.0 through 9.0.0.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 152534.

  • CVE-2018-19562HigNov 26, 2018
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in PHPok 4.9.015. admin.php?c=update&f=unzip allows remote attackers to execute arbitrary code via a "Login Background > Program Upgrade > Compressed Packet Upgrade" action in which a .php file is inside a ZIP archive.

  • CVE-2018-19561HigNov 26, 2018
    risk 0.57cvss 8.8epss 0.00

    sikcms 1.1 has CSRF via admin.php?m=Admin&c=Users&a=userAdd to add an administrator account.

  • CVE-2018-19560HigNov 26, 2018
    risk 0.57cvss 8.8epss 0.01

    BageCMS 3.1.3 has CSRF via upload/index.php?r=admini/admin/ownerUpdate to modify a user account.

  • CVE-2018-19555HigNov 26, 2018
    risk 0.57cvss 8.8epss 0.01

    tp4a TELEPORT 3.1.0 has CSRF via user/do-reset-password to change any password, such as the administrator password.

  • CVE-2018-19553HigNov 26, 2018
    risk 0.57cvss 8.8epss 0.01

    Interspire Email Marketer through 6.1.6 has SQL Injection via an updateblock sortorder request to Dynamiccontenttags.php

  • CVE-2018-19552HigNov 26, 2018
    risk 0.57cvss 8.8epss 0.01

    Interspire Email Marketer through 6.1.6 has SQL Injection via a deleteblock blockid[] request to Dynamiccontenttags.php.

  • CVE-2018-19551HigNov 26, 2018
    risk 0.57cvss 8.8epss 0.01

    Interspire Email Marketer through 6.1.6 has SQL Injection via a checkduplicatetags tagname request to Dynamiccontenttags.php.

  • CVE-2018-19550HigNov 26, 2018
    risk 0.61cvss 8.8epss 0.06

    Interspire Email Marketer through 6.1.6 allows arbitrary file upload via a surveys_submit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a admin/temp/surveys/ URI.

  • CVE-2018-19549HigNov 26, 2018
    risk 0.57cvss 8.8epss 0.01

    Interspire Email Marketer through 6.1.6 has SQL Injection via a tagids Delete action to Dynamiccontenttags.php.

  • CVE-2018-19546HigNov 26, 2018
    risk 0.57cvss 8.8epss 0.01

    JTBC(PHP) 3.0.1.7 has CSRF via the console/xml/manage.php?type=action&action=edit URI, as demonstrated by an XSS payload in the content parameter.

  • CVE-2018-19545HigNov 26, 2018
    risk 0.57cvss 8.8epss 0.00

    JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user.

  • CVE-2018-19543HigNov 26, 2018
    risk 0.51cvss 7.8epss 0.02

    An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.

  • CVE-2018-19541HigNov 26, 2018
    risk 0.57cvss 8.8epss 0.03

    An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0,…

  • CVE-2018-19540HigNov 26, 2018
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0,…

  • CVE-2018-19537HigNov 26, 2018
    risk 0.47cvss 7.2epss 0.06

    TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The…

  • CVE-2018-19532HigNov 26, 2018
    risk 0.57cvss 8.8epss 0.02

    A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. It allows an attacker to cause Denial of Service.

  • CVE-2018-19520HigNov 25, 2018
    risk 0.57cvss 8.8epss 0.03

    An issue was discovered in SDCMS 1.6 with PHP 5.x. app/admin/controller/themecontroller.php uses a check_bad function in an attempt to block certain PHP functions such as eval, but does not prevent use of preg_replace 'e' calls, allowing users to execute arbitrary code by…

  • CVE-2018-19518HigNov 25, 2018
    risk 0.59cvss 7.5epss 0.95

    University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of the imap_rimap function in c-client/imap4r1.c and the tcp_aopen function in osdep/unix/tcp_unix.c) without preventing argument injection,…

  • CVE-2018-19504HigNov 23, 2018
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There is a NULL pointer dereference in ifilter_bank() in libfaad/filtbank.c.

  • CVE-2018-19503HigNov 23, 2018
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a stack-based buffer overflow in the function calculate_gain() in libfaad/sbr_hfadj.c.

  • CVE-2018-19502HigNov 23, 2018
    risk 0.51cvss 7.8epss 0.02

    An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a heap-based buffer overflow in the function excluded_channels() in libfaad/syntax.c.

  • CVE-2018-19499HigNov 23, 2018
    risk 0.47cvss 7.2epss 0.02

    Vanilla before 2.5.5 and 2.6.x before 2.6.2 allows Remote Code Execution because authenticated administrators have a reachable call to unserialize in the Gdn_Format class.