VYPR

CVEs

100,075 total · page 1669 of 2,002

  • CVE-2018-17618HigOct 29, 2018
    risk 0.57cvss 8.8epss 0.03

    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…

  • CVE-2018-17617HigOct 29, 2018
    risk 0.58cvss 8.8epss 0.04

    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…

  • CVE-2018-17616HigOct 29, 2018
    risk 0.58cvss 8.8epss 0.04

    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…

  • CVE-2018-17615HigOct 29, 2018
    risk 0.57cvss 8.8epss 0.03

    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…

  • CVE-2018-18387HigOct 29, 2018
    risk 0.57cvss 8.8epss 0.02

    playSMS through 1.4.2 allows Privilege Escalation through Daemon abuse.

  • CVE-2018-17910HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.05

    WebAccess Versions 8.3.2 and prior. The application fails to properly validate the length of user-supplied data, causing a buffer overflow condition that allows for arbitrary remote code execution.

  • CVE-2018-17908HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    WebAccess Versions 8.3.2 and prior. During installation, the application installer disables user access control and does not re-enable it after the installation is complete. This could allow an attacker to run elevated arbitrary code.

  • CVE-2018-11884HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Improper input validation leads to buffer overflow while processing network list offload command in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660

  • CVE-2018-11882HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Incorrect bound check can lead to potential buffer overwrite in WLAN controller in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.

  • CVE-2018-11880HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.

  • CVE-2018-11879HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845

  • CVE-2018-11877HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    When the buffer length passed is very large in WLAN, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.

  • CVE-2018-11876HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Lack of input validation while copying to buffer in WLAN will lead to a buffer overflow in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.

  • CVE-2018-11875HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Lack of check of buffer size before copying in a WLAN function can lead to a buffer overflow in Snapdragon Mobile in version SD 845, SD 850.

  • CVE-2018-11874HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Buffer overflow if the length of passphrase is more than 32 when setting up secure NDP connection in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.

  • CVE-2018-11873HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Improper input validation leads to buffer overwrite in the WLAN function that handles WLAN roam buffer in Snapdragon Mobile in version SD 845.

  • CVE-2018-11872HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845, SD 850, SDA660

  • CVE-2018-11871HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU,…

  • CVE-2018-11870HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531,…

  • CVE-2018-11867HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Lack of buffer length check before copying in WLAN function while processing FIPS event, can lead to a buffer overflow in Snapdragon Mobile in version SD 845.

  • CVE-2018-11866HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Integer overflow may happen in WLAN when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD…

  • CVE-2018-11865HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Integer overflow may happen when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 835, SD 845,…

  • CVE-2018-11862HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Buffer overflow can happen in WLAN module due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660.

  • CVE-2018-11861HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Buffer overflow can happen in WLAN function due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660.

  • CVE-2018-11859HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Buffer overwrite can happen in WLAN due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850.

  • CVE-2018-11858HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    When processing IE set command, buffer overwrite may occur due to lack of input validation of the IE length in Snapdragon Mobile in version SD 835, SD 845, SD 850.

  • CVE-2018-11857HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Improper input validation in WLAN encrypt/decrypt module can lead to a buffer copy in Snapdragon Mobile in version SD 835, SD 845, SD 850

  • CVE-2018-11856HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850.

  • CVE-2018-18790HigOct 29, 2018
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in zzcms 8.3. SQL Injection exists in admin/special_add.php via a zxbigclassid cookie. (This needs an admin user login.)

  • CVE-2018-18788HigOct 29, 2018
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in zzcms 8.3. SQL Injection exists in admin/classmanage.php via the tablename parameter. (This needs an admin user login.)

  • CVE-2018-18784HigOct 29, 2018
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in zzcms 8.3. SQL Injection exists in admin/tagmanage.php via the tabletag parameter. (This needs an admin user login.)

  • CVE-2018-18771HigOct 29, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in LuLu CMS through 2015-05-14. backend\modules\filemanager\controllers\DefaultController.php allows arbitrary file upload by entering a filename, directory name, and PHP code into the three text input fields.

  • CVE-2018-18742HigOct 29, 2018
    risk 0.57cvss 8.8epss 0.01

    A CSRF issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_User.php?Class=add&CF=user URI.

  • CVE-2018-18737HigOct 29, 2018
    risk 0.49cvss 7.5epss 0.01

    An XXE issue was discovered in Douchat 4.0.4 because Data\notify.php calls simplexml_load_string. This can also be used for SSRF.

  • CVE-2018-18735HigOct 29, 2018
    risk 0.57cvss 8.8epss 0.01

    A CSRF issue was discovered in admin/Index/tiquan in catfish blog 2.0.33.

  • CVE-2018-18734HigOct 29, 2018
    risk 0.57cvss 8.8epss 0.00

    A CSRF issue was discovered in admin/Index/addmanageuser.html in Catfish CMS 4.8.30.

  • CVE-2018-18732HigOct 29, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'ntpServer'…

  • CVE-2018-18731HigOct 29, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'deviceMac'…

  • CVE-2018-18730HigOct 29, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'startIp' and…

  • CVE-2018-18727HigOct 29, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'deviceList'…

  • CVE-2018-18718HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in gThumb through 3.6.2. There is a double-free vulnerability in the add_themes_from_dir method in dlg-contact-sheet.c because of two successive calls of g_free, each of which frees the same buffer.

  • CVE-2018-18713HigOct 29, 2018
    risk 0.49cvss 7.5epss 0.02

    The function down_sql_action() in /admin/model/database.class.php in PHPYun 4.6 allows remote attackers to read arbitrary files via directory traversal in an m=database&c=down_sql&name=../ URI.

  • CVE-2018-18712HigOct 29, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's username via index.php?m=member&f=index&v=edit&uid=1.

  • CVE-2018-18711HigOct 29, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's password via index.php?m=core&f=panel&v=edit_info.

  • CVE-2018-18709HigOct 29, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "firewallEn"…

  • CVE-2018-18708HigOct 29, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "page" parameter of…

  • CVE-2018-18707HigOct 29, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "ssid" parameter…

  • CVE-2018-18706HigOct 29, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "page" parameter of…

  • CVE-2018-18703HigOct 29, 2018
    risk 0.49cvss 7.5epss 0.04

    PhpTpoint Mailing Server Using File Handling 1.0 suffers from multiple Arbitrary File Read vulnerabilities in different sections that allow an attacker to read sensitive files on the system via directory traversal, bypassing the login page, as demonstrated by the…

  • CVE-2018-18699HigOct 29, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in GoPro gpmf-parser 1.2.1. There is an out-of-bounds write in OpenMP4Source in GPMF_mp4reader.c.