VYPR

CVEs

100,075 total · page 1671 of 2,002

  • CVE-2018-18626HigOct 23, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in PHPYun V4.6. There is a vulnerability that can delete any file or directory via the "admin/index.php?m=database&c=del" sql parameter because del_action() in admin/model/database.class.php mishandles this parameter.

  • CVE-2018-8569HigOct 23, 2018
    risk 0.52cvss 7.8epss 0.13

    A remote code execution vulnerability exists in the Yammer desktop application due to the loading of arbitrary content, aka "Yammer Desktop Application Remote Code Execution Vulnerability." This affects Yammer Desktop App.

  • CVE-2018-18599HigOct 23, 2018
    risk 0.57cvss 8.8epss 0.01

    Stegdetect through 2018-05-26 has an out-of-bounds write in f5_compress in the f5.c file.

  • CVE-2018-16837HigOct 23, 2018
    risk 0.44cvss 7.8epss 0.00

    Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which…

  • CVE-2018-18329HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.01

    A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation…

  • CVE-2018-18328HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.01

    A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation…

  • CVE-2018-18327HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.01

    A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation…

  • CVE-2018-15367HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.01

    A ctl_set KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to…

  • CVE-2018-15366HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.01

    A UrlfWTPPagePtr KERedirect Use-After-Free Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute…

  • CVE-2017-18312HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.00

    While accessing SafeSwitch services, third party can manipulate a given device and perform unauthorized operation due to lack of checking of same state transitions in Snapdragon Automobile, Snapdragon Mobile in version MSM8996AU, SD 410/12, SD 617, SD 650/52, SD 810, SD 820, SD…

  • CVE-2017-18305HigOct 23, 2018
    risk 0.46cvss 7.0epss 0.00

    XBL sec mem dump system call allows complete control of EL3 by unlocking all XPUs if enable fuse is not blown in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835.

  • CVE-2017-18304HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.00

    Insufficient memory allocation in boot due to incorrect size being passed could result in out of bounds access in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD…

  • CVE-2017-18303HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.00

    While processing the sensors registry configuration file, if inputs are not validated a buffer overflow will occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MMDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD…

  • CVE-2017-18298HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.00

    Lack of Input Validation in SDMX API can lead to NULL pointer access in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD…

  • CVE-2017-18297HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.00

    Double memory free while closing TEE SE API Session management in Snapdragon Mobile in version SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820.

  • CVE-2017-18296HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.00

    Access control on applications is not applied while accessing SafeSwitch services can lead to improper access in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD…

  • CVE-2017-18295HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.00

    Possible buffer overflow if input is not null terminated in DSP Service module in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD…

  • CVE-2017-18294HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.00

    While reading file class type from ELF header, a buffer overread may happen if the ELF file size is less than the size of ELF64 header size in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9650, MSM8909W,…

  • CVE-2017-18293HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.00

    When a particular GPIO is protected by blocking access to the corresponding GPIO resource registers, the protection can be bypassed using the corresponding banked GPIO registers instead in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD…

  • CVE-2017-18282HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.00

    Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660.

  • CVE-2017-18172HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.00

    In a device, with screen size 1440x2560, the check of contiguous buffer will overflow on certain buffer size resulting in an Integer Overflow or Wraparound in System UI in Snapdragon Automobile, Snapdragon Mobile in version MDM9635M, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD…

  • CVE-2017-18171HigOct 23, 2018
    risk 0.57cvss 8.8epss 0.01

    Improper input validation for GATT data packet received in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52,…

  • CVE-2017-18170HigOct 23, 2018
    risk 0.57cvss 8.8epss 0.01

    Improper input validation in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD…

  • CVE-2018-18583HigOct 22, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer overflow in insertByte in miniz/lupng.c during a write operation for data obtained from a swap.

  • CVE-2018-18582HigOct 22, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer overflow in insertByte in miniz/lupng.c during a write operation for data obtained from a palette.

  • CVE-2018-18581HigOct 22, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer over-read in internalPrintf in miniz/lupng.c.

  • CVE-2018-15704HigOct 22, 2018
    risk 0.59cvss 8.8epss 0.22

    Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer overflow vulnerability. A remote authenticated attacker could potentially exploit this vulnerability by sending a crafted HTTP request to broadweb/system/opcImg.asp.

  • CVE-2018-18559HigOct 22, 2018
    risk 0.53cvss 8.1epss 0.03

    In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code…

  • CVE-2018-18557HigOct 22, 2018
    risk 0.61cvss 8.8epss 0.15

    LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which…

  • CVE-2018-1850HigOct 22, 2018
    risk 0.57cvss 8.8epss 0.02

    IBM Security Access Manager Appliance 9.0.3.1, 9.0.4.0 and 9.0.5.0 could allow unauthorized administration operations when Advanced Access Control services are running. IBM X-Force ID: 150998.

  • CVE-2018-18550HigOct 21, 2018
    risk 0.57cvss 8.8epss 0.01

    ServersCheck Monitoring Software before 14.3.4 allows SQL Injection by an authenticated user.

  • CVE-2018-18541HigOct 20, 2018
    risk 0.49cvss 7.5epss 0.03

    In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack…

  • CVE-2018-18428HigOct 19, 2018
    risk 0.53cvss 7.5epss 0.11

    TP-Link TL-SC3130 1.6.18P12_121101 devices allow unauthenticated RTSP stream access, as demonstrated by a /jpg/image.jpg URI.

  • CVE-2018-18420HigOct 19, 2018
    risk 0.57cvss 8.8epss 0.01

    Cross-Site Request Forgery (CSRF) vulnerability was discovered in the 8.3 version of Zenario Content Management System via the admin/organizer.ajax.php?path=zenario__content%2Fpanels%2Fcontent URI.

  • CVE-2018-18284HigOct 19, 2018
    risk 0.57cvss 8.6epss 0.16

    Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.

  • CVE-2018-18224HigOct 19, 2018
    risk 0.53cvss 8.1epss 0.02

    A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. This can allow attackers to obtain…

  • CVE-2018-18223HigOct 19, 2018
    risk 0.53cvss 8.1epss 0.02

    Open Design Alliance Drawings SDK 2019Update1 has a vulnerability during the reading of malformed files, allowing attackers to obtain sensitive information from process memory or cause a crash.

  • CVE-2018-18026HigOct 19, 2018
    risk 0.51cvss 7.8epss 0.01

    IMFCameraProtect.sys in IObit Malware Fighter 6.2 (and possibly lower versions) is vulnerable to a stack-based buffer overflow. The attacker can use DeviceIoControl to pass a user specified size which can be used to overwrite return addresses. This can lead to a denial of…

  • CVE-2018-12673HigOct 19, 2018
    risk 0.49cvss 7.5epss 0.01

    An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) web interface can disclose information about the camera including camera hardware, wireless network, and local area network information.

  • CVE-2018-12669HigOct 19, 2018
    risk 0.57cvss 8.8epss 0.01

    SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow remote authenticated users to reset arbitrary accounts via a request to web/cgi-bin/hi3510/param.cgi.

  • CVE-2018-18392HigOct 19, 2018
    risk 0.57cvss 8.8epss 0.01

    Privilege Escalation via Broken Access Control in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

  • CVE-2018-18391HigOct 19, 2018
    risk 0.57cvss 8.8epss 0.01

    User Privilege Escalation in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

  • CVE-2018-18390HigOct 19, 2018
    risk 0.49cvss 7.5epss 0.01

    User Enumeration in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

  • CVE-2017-18348HigOct 19, 2018
    risk 0.46cvss 7.0epss 0.00

    Splunk Enterprise 6.6.x, when configured to run as root but drop privileges to a specific non-root account, allows local users to gain privileges by leveraging access to that non-root account to modify $SPLUNK_HOME/etc/splunk-launch.conf and insert Trojan horse programs into…

  • CVE-2018-15756HigOct 18, 2018
    risk 0.43cvss 7.5epss 0.10

    Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an…

  • CVE-2018-11080HigOct 18, 2018
    risk 0.47cvss 7.3epss 0.00

    Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains Improper File Permission Vulnerabilities. The application contains multiple configuration files with world-readable permissions that could allow an authenticated malicious user to utilize the file contents…

  • CVE-2018-18487HigOct 18, 2018
    risk 0.49cvss 7.5epss 0.01

    In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mt_rand() unsafely, resulting in predictable database backup file locations.

  • CVE-2018-18485HigOct 18, 2018
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in PHPSHE 1.7. admin.php?mod=db&act=del allows remote attackers to delete arbitrary files via directory traversal sequences in the dbname parameter. This can be leveraged to reload the product by deleting install.lock.

  • CVE-2018-18483HigOct 18, 2018
    risk 0.51cvss 7.8epss 0.02

    The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string,…

  • CVE-2015-4632HigOct 18, 2018
    risk 0.56cvss 7.5epss 0.52

    Multiple directory traversal vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the template_path parameter to (1)…