VYPR

CVEs

100,075 total · page 1670 of 2,002

  • CVE-2018-4022HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.02

    A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV (matroska) file format. A specially crafted MKV file can cause arbitrary code execution in the context of the current user.

  • CVE-2018-18659HigOct 26, 2018
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-19 Unauthenticated XXE in /management/UdpHttpService issue.

  • CVE-2018-18658HigOct 26, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-20 Unauthenticated Sensitive Information Disclosure via /UDPUpdates/Config/FullUpdateSettings.xml issue.

  • CVE-2018-18657HigOct 26, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-18 Unauthenticated Sensitive Information Disclosure via /gateway/services/EdgeServiceImpl issue.

  • CVE-2018-15688HigOct 26, 2018
    risk 0.50cvss 8.8epss 0.02

    A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.

  • CVE-2018-15687HigOct 26, 2018
    risk 0.42cvss 7.0epss 0.01

    A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.

  • CVE-2018-15686HigOct 26, 2018
    risk 0.47cvss 7.8epss 0.02

    A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd…

  • CVE-2018-5914HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    Improper input validation in TZ led to array out of bound in TZ function while accessing the peripheral details using the incoming data in Snapdragon Mobile, Snapdragon Wear version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD…

  • CVE-2018-5866HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    While processing logs, data is copied into a buffer pointed to by an untrusted pointer in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660.

  • CVE-2018-3588HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    There is improper access control of the SSC and GPU mapped regions which lead to inject code from HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 820, SD 820A, SD 835, SDA660.

  • CVE-2018-11950HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    Unapproved TrustZone applications can be loaded and executed in Snapdragon Mobile in version SD 845, SD 850

  • CVE-2018-11854HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    Lack of check of valid length of input parameter may cause buffer overwrite in WLAN in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660

  • CVE-2018-11853HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    Lack of check on out of range for channels When processing channel list set command will lead to buffer flow in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850,…

  • CVE-2018-11850HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377,…

  • CVE-2018-11849HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564,…

  • CVE-2018-11828HigOct 26, 2018
    risk 0.49cvss 7.5epss 0.01

    When FW tries to get random mac address generated from new SW RNG and ADC values read are constant then DUT get struck in loop while trying to get random ADC samples in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52

  • CVE-2018-11824HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    A stack-based buffer overflow can occur in a firmware routine in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, SDA660

  • CVE-2018-11822HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    A possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660

  • CVE-2018-11821HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    Possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660,…

  • CVE-2018-11305HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    When a series of FDAL messages are sent to the modem, a Use After Free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD…

  • CVE-2017-18311HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    XPU Master privilege escalation is possible due to improper access control of unused configuration xPU ports where unused configuration ports are open in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655,…

  • CVE-2017-18310HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    ClientEnv exposes services 0-32 to HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD…

  • CVE-2017-18309HigOct 26, 2018
    risk 0.46cvss 7.1epss 0.00

    A micro-core of QMP transportation may cause a macro-core to read from or write to arbitrary memory in Snapdragon Mobile in version SD 845, SD 850.

  • CVE-2017-18308HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    Modem segments are unlocked after authentication, leaving modem segments open to all in Snapdragon Mobile, Snapdragon Wear in version MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430

  • CVE-2017-18124HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W,…

  • CVE-2018-18656HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    The PureVPN client before 6.1.0 for Windows stores Login Credentials (username and password) in cleartext. The location of such files is %PROGRAMDATA%\purevpn\config\login.conf. Additionally, all local users can read this file.

  • CVE-2018-18654HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    Crossroads 2.81 does not properly handle the /tmp directory during a build of xr. A local attacker can first create a world-writable subdirectory in a certain location under the /tmp directory, wait until a user process copies xr there, and then replace the entire contents of…

  • CVE-2018-18653HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows privileged local users to bypass intended Secure Boot restrictions and execute untrusted code by loading arbitrary kernel modules. This occurs because a modified kernel/module.c, in…

  • CVE-2018-18652HigOct 25, 2018
    risk 0.47cvss 7.2epss 0.04

    A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. This issue was caused by insufficient filtering of user provided input.

  • CVE-2018-3971HigOct 25, 2018
    risk 0.51cvss 7.8epss 0.01

    An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An…

  • CVE-2018-18638HigOct 24, 2018
    risk 0.53cvss 8.1epss 0.03

    A command injection vulnerability in the setup API in the Neato Botvac Connected 2.2.0 allows network attackers to execute arbitrary commands via shell metacharacters in the ntp field within JSON data to the /robot/initialize endpoint.

  • CVE-2018-17921HigOct 24, 2018
    risk 0.57cvss 8.8epss 0.01

    SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to an attack that may allow an attacker to force-pair the device without human interaction.

  • CVE-2018-9281HigOct 24, 2018
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered on Eaton UPS 9PX 8000 SP devices. The administration panel is vulnerable to a CSRF attack on the change-password functionality. This vulnerability could be used to force a logged-in administrator to perform a silent password update. The affected forms are…

  • CVE-2018-18013HigOct 24, 2018
    risk 0.51cvss 7.8epss 0.03

    * Xen Mobile through 10.8.0 includes a service listening on port 5001 within its firewall that accepts unauthenticated input. If this service is supplied with raw serialised Java objects, it deserialises them back into Java objects in memory, giving rise to a remote code…

  • CVE-2018-14812HigOct 24, 2018
    risk 0.51cvss 7.8epss 0.01

    An uncontrolled search path element (DLL Hijacking) vulnerability has been identified in Fuji Electric Energy Savings Estimator versions V.1.0.2.0 and prior. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the…

  • CVE-2016-10730HigOct 24, 2018
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run by users directly. It uses star to backup and restore data. It runs binaries with root…

  • CVE-2016-10729HigOct 24, 2018
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate commands and perform command…

  • CVE-2018-15442HigOct 24, 2018
    risk 0.55cvss 7.8epss 0.16

    A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. The vulnerability is due to insufficient validation of user-supplied parameters. An attacker…

  • CVE-2018-11804HigOct 24, 2018
    risk 0.49cvss 7.5epss 0.06

    Spark's Apache Maven-based build includes a convenience script, 'build/mvn', that downloads and runs a zinc server to speed up compilation. It has been included in release branches since 1.3.x, up to and including master. This server will accept connections from external hosts…

  • CVE-2018-17935HigOct 24, 2018
    risk 0.53cvss 8.1epss 0.01

    All versions of Telecrane F25 Series Radio Controls before 00.0A use fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent "stop" state.

  • CVE-2018-7432HigOct 23, 2018
    risk 0.49cvss 7.5epss 0.02

    Splunk Enterprise 6.2.x before 6.2.14, 6.3.x before 6.3.10, 6.4.x before 6.4.7, and 6.5.x before 6.5.3; and Splunk Light before 6.6.0 allow remote attackers to cause a denial of service via a crafted HTTP request.

  • CVE-2018-7429HigOct 23, 2018
    risk 0.49cvss 7.5epss 0.02

    Splunkd in Splunk Enterprise 6.2.x before 6.2.14 6.3.x before 6.3.11, and 6.4.x before 6.4.8; and Splunk Light before 6.5.0 allow remote attackers to cause a denial of service via a malformed HTTP request.

  • CVE-2018-18467HigOct 23, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Daniel Gultsch Conversations 2.3.4. It is possible to spoof a custom message to an existing opened conversation by sending an intent.

  • CVE-2018-17968HigOct 23, 2018
    risk 0.49cvss 7.5epss 0.01

    A gambling smart contract implementation for RuletkaIo, an Ethereum gambling game, generates a random value that is predictable by an external contract call. The developer wrote a random() function that uses a block timestamp and block hash from the Ethereum blockchain. This can…

  • CVE-2018-17877HigOct 23, 2018
    risk 0.49cvss 7.5epss 0.02

    A lottery smart contract implementation for Greedy 599, an Ethereum gambling game, generates a random value that is predictable via an external contract call. The developer used the extcodesize() function to prevent a malicious contract from being called, but the attacker can…

  • CVE-2018-17873HigOct 23, 2018
    risk 0.57cvss 8.8epss 0.02

    An incorrect access control vulnerability in the FTP configuration of WiFiRanger devices with firmware version 7.0.8rc3 and earlier allows an attacker with adjacent network access to read the SSH Private Key and log in to the root account.

  • CVE-2018-17447HigOct 23, 2018
    risk 0.49cvss 7.5epss 0.02

    An Information Exposure Through Log Files issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

  • CVE-2018-17444HigOct 23, 2018
    risk 0.49cvss 7.5epss 0.04

    A Directory Traversal issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

  • CVE-2018-14828HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.00

    Advantech WebAccess 8.3.1 and earlier has an improper privilege management vulnerability, which may allow an attacker to access those files and perform actions at a system administrator level.

  • CVE-2018-14820HigOct 23, 2018
    risk 0.49cvss 7.5epss 0.02

    Advantech WebAccess 8.3.1 and earlier has a .dll component that is susceptible to external control of file name or path vulnerability, which may allow an arbitrary file deletion when processing.