VYPR

CVEs

101,975 total · page 1841 of 2,040

  • CVE-2017-17801HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.00

    In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8273E060.

  • CVE-2017-17800HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.00

    In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8273A0A0, a different vulnerability than CVE-2017-17798.

  • CVE-2017-17799HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.00

    In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x82730068.

  • CVE-2017-17798HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.00

    In TG Soft Vir.IT eXplorer Lite 8.5.42, the driver file (VIRAGTLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8273A0A0, a different vulnerability than CVE-2017-17800.

  • CVE-2017-17797HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.00

    In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83000058.

  • CVE-2017-17796HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.00

    In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x827300A4.

  • CVE-2017-17795HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.00

    In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83000088.

  • CVE-2017-17793HigDec 20, 2017
    risk 0.49cvss 7.5epss 0.02

    Information Disclosure vulnerability in creer_fichier_zip in admin/maintenance.php in BlogoText through 3.7.6 allows remote attackers to defeat a filename-randomization protection mechanism, and read backup archives on Windows servers, by providing the archiv~1.zip name (aka an…

  • CVE-2017-17789HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.02

    In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.

  • CVE-2017-17787HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.01

    In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c.

  • CVE-2017-17786HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.01

    In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image.

  • CVE-2017-17785HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.01

    In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.

  • CVE-2017-17784HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.01

    In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data.

  • CVE-2017-17783HigDec 20, 2017
    risk 0.49cvss 7.5epss 0.02

    In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage in coders/palm.c when QuantumDepth is 8.

  • CVE-2017-17782HigDec 20, 2017
    risk 0.57cvss 8.8epss 0.02

    In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGImage in coders/png.c, related to oFFs chunk allocation.

  • CVE-2017-17774HigDec 20, 2017
    risk 0.57cvss 8.8epss 0.01

    admin/configuration.php in Piwigo 2.9.2 has CSRF.

  • CVE-2017-17763HigDec 19, 2017
    risk 0.49cvss 7.5epss 0.01

    SuperBeam through 4.1.3, when using the LAN or WiFi Direct Share feature, does not use HTTPS or any integrity-protection mechanism for file transfer, which makes it easier for remote attackers to send crafted files, as demonstrated by APK injection.

  • CVE-2017-17088HigDec 19, 2017
    risk 0.52cvss 7.5epss 0.07

    The Enterprise version of SyncBreeze 10.2.12 and earlier is affected by a Remote Denial of Service vulnerability. The web server does not check bounds when reading server requests in the Host header on making a connection, resulting in a classic Buffer Overflow that causes a…

  • CVE-2017-15049HigDec 19, 2017
    risk 0.62cvss 8.8epss 0.17

    The ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 does not properly sanitize user input when constructing a shell command, which allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handler.

  • CVE-2017-15048HigDec 19, 2017
    risk 0.61cvss 8.8epss 0.10

    Stack-based buffer overflow in the ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handler.

  • CVE-2017-17758HigDec 19, 2017
    risk 0.57cvss 8.8epss 0.03

    TP-Link TL-WVR and TL-WAR devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the interface field of an admin/dhcps command to cgi-bin/luci, related to the zone_get_iface_bydev function in /usr/lib/lua/luci/controller/admin/dhcps.lua…

  • CVE-2017-17757HigDec 19, 2017
    risk 0.57cvss 8.8epss 0.03

    TP-Link TL-WVR and TL-WAR devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the interface field of an admin/wportal command to cgi-bin/luci, related to the get_device_byif function in /usr/lib/lua/luci/controller/admin/wportal.lua…

  • CVE-2017-15876HigDec 19, 2017
    risk 0.47cvss 7.2epss 0.02

    Unrestricted File Upload vulnerability in GPWeb 8.4.61 allows remote authenticated users to upload any type of file, including a PHP shell.

  • CVE-2017-11562HigDec 19, 2017
    risk 0.57cvss 8.8epss 0.01

    A Session Fixation Vulnerability exists in the MT4 Networks SenhaSegura Web Application 2.2.23.8 via login_if.php.

  • CVE-2017-15700HigDec 18, 2017
    risk 0.57cvss 8.8epss 0.02

    A flaw in the org.apache.sling.auth.core.AuthUtil#isRedirectValid method in Apache Sling Authentication Service 1.4.0 allows an attacker, through the Sling login form, to trick a victim to send over their credentials.

  • CVE-2017-15104HigDec 18, 2017
    risk 0.44cvss 7.8epss 0.00

    An access flaw was found in Heketi 5, where the heketi.json configuration file was world readable. An attacker having local access to the Heketi server could read plain-text passwords from the heketi.json file.

  • CVE-2017-15103HigDec 18, 2017
    risk 0.51cvss 8.8epss 0.06

    A security-check flaw was found in the way the Heketi 5 server API handled user requests. An authenticated Heketi user could send specially crafted requests to the Heketi server, resulting in remote command execution as the user running Heketi server and possibly privilege…

  • CVE-2017-17740HigDec 18, 2017
    risk 0.49cvss 7.5epss 0.07

    contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN…

  • CVE-2017-17738HigDec 18, 2017
    risk 0.52cvss 7.5epss 0.06

    The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) allows renaming and modifying files via /tools.html.

  • CVE-2017-17727HigDec 18, 2017
    risk 0.57cvss 8.8epss 0.01

    DedeCMS through 5.6 allows arbitrary file upload and PHP code execution by embedding the PHP code in a .jpg file, which is used in the templet parameter to member/article_edit.php.

  • CVE-2017-16997HigDec 18, 2017
    risk 0.51cvss 7.8epss 0.03

    elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory,…

  • CVE-2017-17715HigDec 16, 2017
    risk 0.57cvss 8.8epss 0.02

    The saveFile method in MediaController.java in the Telegram Messenger application before 2017-12-08 for Android allows directory traversal via a pathname obtained in a file-transfer request from a remote peer, as demonstrated by writing to tgnet.dat or tgnet.dat.bak.

  • CVE-2017-3196HigDec 16, 2017
    risk 0.51cvss 7.8epss 0.01

    PCAUSA Rawether framework does not properly validate BPF data, allowing a crafted malicious BPF program to perform operations on memory outside of its typical bounds on the driver's receipt of network packets. Local attackers can exploit this issue to execute arbitrary code with…

  • CVE-2017-3194HigDec 16, 2017
    risk 0.53cvss 8.1epss 0.01

    Pandora iOS app prior to version 8.3.2 fails to properly validate SSL certificates provided by HTTPS connections, which may enable an attacker to conduct man-in-the-middle (MITM) attacks.

  • CVE-2017-3193HigDec 16, 2017
    risk 0.58cvss 8.8epss 0.06

    Multiple D-Link devices including the DIR-850L firmware versions 1.14B07 and 2.07.B05 contain a stack-based buffer overflow vulnerability in the web administration interface HNAP service.

  • CVE-2017-3190HigDec 16, 2017
    risk 0.49cvss 7.5epss 0.00

    Flash Seats Mobile App for Android version 1.7.9 and earlier and for iOS version 1.9.51 and earlier fails to properly validate SSL certificates provided by HTTPS connections, which may enable an attacker to conduct man-in-the-middle (MITM) attacks.

  • CVE-2017-14092HigDec 16, 2017
    risk 0.57cvss 8.8epss 0.01

    The absence of Anti-CSRF tokens in Trend Micro ScanMail for Exchange 12.0 web interface forms could allow an attacker to submit authenticated requests when an authenticated user browses an attacker-controlled domain.

  • CVE-2017-14091HigDec 16, 2017
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which certain specific installations that utilize a uncommon feature - Other Update Sources - could be exploited to overwrite sensitive files in the ScanMail for Exchange directory.

  • CVE-2017-11397HigDec 16, 2017
    risk 0.51cvss 7.8epss 0.02

    A service DLL preloading vulnerability in Trend Micro Encryption for Email versions 5.6 and below could allow an unauthenticated remote attacker to execute arbitrary code on a vulnerable system.

  • CVE-2017-17712HigDec 16, 2017
    risk 0.46cvss 7.0epss 0.00

    The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.

  • CVE-2017-14184HigDec 15, 2017
    risk 0.57cvss 8.8epss 0.02

    An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2334 and below versions allows regular users to see each other's VPN authentication…

  • CVE-2017-16788HigDec 15, 2017
    risk 0.47cvss 7.2epss 0.04

    Directory traversal vulnerability in the "Upload Groupkey" functionality in the Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote authenticated users with Admin-User access to write to arbitrary files and consequently gain root…

  • CVE-2017-16776HigDec 15, 2017
    risk 0.53cvss 8.1epss 0.01

    Security researchers discovered an authentication bypass vulnerability in version 2.0.2 of the Conserus Workflow Intelligence application by McKesson Medical Imaging Company, which is now a Change Healthcare company. The attacker must send a malicious HTTP GET request to exploit…

  • CVE-2017-17697HigDec 15, 2017
    risk 0.56cvss 8.6epss 0.01

    The Ping() function in ui/api/target.go in Harbor through 1.3.0-rc4 has SSRF via the endpoint parameter to /api/targets/ping.

  • CVE-2017-17695HigDec 15, 2017
    risk 0.57cvss 8.8epss 0.01

    Techno - Portfolio Management Panel through 2017-11-16 allows SQL Injection via the panel/search.php s parameter.

  • CVE-2017-17670HigDec 15, 2017
    risk 0.57cvss 8.8epss 0.02

    In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation.

  • CVE-2017-17405HigDec 15, 2017
    risk 0.66cvss 8.8epss 0.74

    Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernel#open to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is…

  • CVE-2017-5264HigDec 14, 2017
    risk 0.60cvss 8.8epss 0.03

    Versions of Nexpose prior to 6.4.66 fail to adequately validate the source of HTTP requests intended for the Automated Actions administrative web application, and are susceptible to a cross-site request forgery (CSRF) attack.

  • CVE-2016-10703HigDec 14, 2017
    risk 0.42cvss 7.5epss 0.03

    A regular expression Denial of Service (DoS) vulnerability in the file lib/ecstatic.js of the ecstatic npm package, before version 2.0.0, allows a remote attacker to overload and crash a server by passing a maliciously crafted string.

  • CVE-2017-7344HigDec 14, 2017
    risk 0.53cvss 8.1epss 0.02

    A privilege escalation in Fortinet FortiClient Windows 5.4.3 and earlier as well as 5.6.0 allows attacker to gain privilege via exploiting the Windows "security alert" dialog thereby popping up when the "VPN before logon" feature is enabled and an untrusted certificate chain.