VYPR

CVEs

100,075 total · page 1667 of 2,002

  • CVE-2018-16472HigNov 6, 2018
    risk 0.49cvss 7.5epss 0.02

    A prototype pollution attack in cached-path-relative versions <=1.0.1 allows an attacker to inject properties on Object.prototype which are then inherited by all the JS objects through the prototype chain causing a DoS attack.

  • CVE-2018-9516HigNov 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android…

  • CVE-2018-9489HigNov 6, 2018
    risk 0.49cvss 7.5epss 0.01

    When wifi is switched, function sendNetworkStateChangeBroadcast of WifiStateMachine.java broadcasts an intent including detailed wifi network information. This could lead to information disclosure with no execution privileges needed. User interaction is not needed for…

  • CVE-2018-9488HigNov 6, 2018
    risk 0.54cvss 7.8epss 0.00

    In the SELinux permissions of crash_dump.te, there is a permissions bypass due to a missing restriction. This could lead to a local escalation of privilege, with System privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0…

  • CVE-2018-9465HigNov 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In task_get_unused_fd_flags of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:…

  • CVE-2018-9459HigNov 6, 2018
    risk 0.57cvss 8.8epss 0.02

    In Attachment of Attachment.java and getFilePath of EmlAttachmentProvider.java, there is a possible Elevation of Privilege due to a path traversal error. This could lead to a remote escalation of privilege with no additional execution privileges needed. User interaction is not…

  • CVE-2018-9458HigNov 6, 2018
    risk 0.51cvss 7.8epss 0.01

    In computeFocusedWindow of RootWindowContainer.java, and related functions, there is possible interception of keypresses due to focus being on the wrong window. This could lead to local escalation of privilege revealing the user's keypresses while the screen was locked with no…

  • CVE-2018-9455HigNov 6, 2018
    risk 0.49cvss 7.5epss 0.02

    In sdpu_extract_attr_seq of sdp_utils.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android…

  • CVE-2018-9450HigNov 6, 2018
    risk 0.57cvss 8.8epss 0.03

    In avrc_proc_vendor_command of avrc_api.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:…

  • CVE-2018-9448HigNov 6, 2018
    risk 0.49cvss 7.5epss 0.02

    In avct_bcb_msg_ind of avct_bcb_act.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android…

  • CVE-2018-9436HigNov 6, 2018
    risk 0.49cvss 7.5epss 0.02

    In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:…

  • CVE-2018-9427HigNov 6, 2018
    risk 0.51cvss 7.8epss 0.02

    In CopyToOMX of OMXNodeInstance.cpp there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android…

  • CVE-2018-9422HigNov 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In get_futex_key of futex.c, there is a use-after-free due to improper locking. This could lead to local escalation of privilege with no additional privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID:…

  • CVE-2018-9415HigNov 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In driver_override_store and driver_override_show of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android…

  • CVE-2018-9385HigNov 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:…

  • CVE-2018-9363HigNov 6, 2018
    risk 0.55cvss 8.4epss 0.00

    In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588…

  • CVE-2018-9362HigNov 6, 2018
    risk 0.49cvss 7.5epss 0.02

    In processMessagePart of InboundSmsHandler.java, there is a possible remote denial of service due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2018-9361HigNov 6, 2018
    risk 0.49cvss 7.5epss 0.02

    In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:…

  • CVE-2018-9360HigNov 6, 2018
    risk 0.49cvss 7.5epss 0.02

    In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:…

  • CVE-2018-9359HigNov 6, 2018
    risk 0.49cvss 7.5epss 0.02

    In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:…

  • CVE-2018-9358HigNov 6, 2018
    risk 0.49cvss 7.5epss 0.02

    In gatts_process_attribute_req of gatt_sc.cc, there is a possible read of uninitialized data due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth process with no additional execution privileges needed. User interaction is not needed…

  • CVE-2018-9357HigNov 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In BNEP_Write of bnep_api.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0…

  • CVE-2018-16986HigNov 6, 2018
    risk 0.57cvss 8.8epss 0.03

    Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 devices allows remote attackers to execute arbitrary code via a malformed packet that triggers a buffer overflow.

  • CVE-2014-10077HigNov 6, 2018
    risk 0.42cvss 7.5epss 0.03

    Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where :some_key is present in keep_keys but not present in the hash.

  • CVE-2018-18980HigNov 6, 2018
    risk 0.51cvss 7.5epss 0.25

    An XML External Entity injection (XXE) vulnerability exists in Zoho ManageEngine Network Configuration Manager and OpManager before 12.3.214 via the RequestXML parameter in a /devices/ProcessRequest.do GET request. For example, the attacker can trigger the transmission of local…

  • CVE-2018-17913HigNov 5, 2018
    risk 0.51cvss 7.8epss 0.02

    A type confusion vulnerability exists when processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, which may allow an attacker to execute code in the context of the application.

  • CVE-2018-17909HigNov 5, 2018
    risk 0.51cvss 7.8epss 0.02

    When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, the application fails to check if it is referencing freed memory, which may allow an attacker to execute code under the context of the application.

  • CVE-2018-17905HigNov 5, 2018
    risk 0.51cvss 7.8epss 0.01

    When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with a specific byte, memory corruption may occur within a specific object.

  • CVE-2018-13397HigNov 5, 2018
    risk 0.57cvss 8.8epss 0.02

    There was an argument injection vulnerability in Sourcetree for Windows from version 0.5.1.0 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to…

  • CVE-2018-13396HigNov 5, 2018
    risk 0.57cvss 8.8epss 0.02

    There was an argument injection vulnerability in Sourcetree for macOS from version 1.0b2 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this…

  • CVE-2018-18956HigNov 5, 2018
    risk 0.49cvss 7.5epss 0.03

    The ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x before 4.0.6 allows remote attackers to cause a denial of service (segfault and daemon crash) via crafted input to the SMTP parser, as exploited in the wild in November 2018.

  • CVE-2018-18820HigNov 5, 2018
    risk 0.57cvss 8.1epss 0.49

    A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote…

  • CVE-2018-18950HigNov 5, 2018
    risk 0.49cvss 7.5epss 0.02

    KindEditor through 4.1.11 has a path traversal vulnerability in php/upload_json.php. Anyone can browse a file or directory in the kindeditor/attached/ folder via the path parameter without authentication.

  • CVE-2018-18942HigNov 5, 2018
    risk 0.47cvss 7.2epss 0.02

    In baserCMS before 4.1.4, lib\Baser\Model\ThemeConfig.php allows remote attackers to execute arbitrary PHP code via the admin/theme_configs/form data[ThemeConfig][logo] parameter.

  • CVE-2018-18937HigNov 5, 2018
    risk 0.49cvss 7.5epss 0.02

    An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in ClientDataSet_getValues in client/ied_connection.c.

  • CVE-2018-18936HigNov 5, 2018
    risk 0.49cvss 7.5epss 0.03

    An issue was discovered in PopojiCMS v2.0.1. admin_library.php allows remote attackers to delete arbitrary files via directory traversal in the po-admin/route.php?mod=library&act=delete id parameter.

  • CVE-2018-18935HigNov 5, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the po-admin/route.php?mod=component&act=addnew URI, as demonstrated by adding a level=1 account.

  • CVE-2018-18924HigNov 4, 2018
    risk 0.61cvss 8.8epss 0.09

    The image-upload feature in ProjeQtOr 7.2.5 allows remote attackers to execute arbitrary code by uploading a .shtml file with "#exec cmd" because rejected files remain on the server, with predictable filenames, after a "This file is not a valid image" error message.

  • CVE-2018-16847HigNov 2, 2018
    risk 0.51cvss 7.8epss 0.01

    An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with…

  • CVE-2018-11062HigNov 2, 2018
    risk 0.57cvss 8.8epss 0.02

    Integrated Data Protection Appliance versions 2.0, 2.1, and 2.2 contain undocumented accounts named 'support' and 'admin' that are protected with default passwords. These accounts have limited privileges and can access certain system files only. A malicious user with the…

  • CVE-2018-7799HigNov 2, 2018
    risk 0.51cvss 7.8epss 0.03

    A DLL hijacking vulnerability exists in Schneider Electric Software Update (SESU), all versions prior to V2.2.0, which could allow an attacker to execute arbitrary code on the targeted system when placing a specific DLL file.

  • CVE-2018-7798HigNov 2, 2018
    risk 0.53cvss 8.2epss 0.01

    A Insufficient Verification of Data Authenticity (CWE-345) vulnerability exists in the Modicon M221, all versions, which could cause a change of IPv4 configuration (IP address, mask and gateway) when remotely connected to the device.

  • CVE-2018-3935HigNov 2, 2018
    risk 0.49cvss 7.5epss 0.02

    An exploitable code execution vulnerability exists in the UDP network functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can allocate unlimited memory, resulting in denial of service. An attacker can send a set of packets to trigger this…

  • CVE-2018-3899HigNov 2, 2018
    risk 0.49cvss 7.5epss 0.02

    An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The trans_info call can overwrite a buffer of size 0x104, which is more…

  • CVE-2018-3898HigNov 2, 2018
    risk 0.49cvss 7.5epss 0.02

    An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The trans_info call can overwrite a buffer of size 0x104, which is more…

  • CVE-2018-3892HigNov 2, 2018
    risk 0.53cvss 8.1epss 0.03

    An exploitable firmware downgrade vulnerability exists in the time syncing functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted packet can cause a buffer overflow, resulting in code execution. An attacker can intercept and alter network traffic to trigger this…

  • CVE-2018-1846HigNov 2, 2018
    risk 0.46cvss 7.1epss 0.02

    IBM Rational Engineering Lifecycle Manager 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory…

  • CVE-2018-1835HigNov 2, 2018
    risk 0.46cvss 7.1epss 0.02

    IBM Daeja ViewONE Professional, Standard & Virtual 5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150514.

  • CVE-2018-17912HigNov 2, 2018
    risk 0.49cvss 7.5epss 0.02

    An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when processing parameter entities, which may allow remote file disclosure.

  • CVE-2018-6907HigNov 1, 2018
    risk 0.57cvss 8.8epss 0.00

    A Cross Site Request Forgery (CSRF) vulnerability in the Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 web application allows an attacker to control the RainMachine device via the REST API.