VYPR

CVEs

101,975 total · page 1847 of 2,040

  • CVE-2017-16857HigDec 5, 2017
    risk 0.55cvss 8.5epss 0.01

    It is possible to bypass the bitbucket auto-unapprove plugin via minimal brute-force because it is relying on asynchronous events on the back-end. This allows an attacker to merge any code into unsuspecting repositories. This affects all versions of the auto-unapprove plugin,…

  • CVE-2016-1255HigDec 5, 2017
    risk 0.51cvss 7.8epss 0.00

    The pg_ctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, in Ubuntu 14.04 LTS before 154ubuntu1.1, in Ubuntu 16.04 LTS before 173ubuntu0.1,…

  • CVE-2016-1254HigDec 5, 2017
    risk 0.42cvss 7.5epss 0.03

    Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor.

  • CVE-2017-8824HigDec 5, 2017
    risk 0.54cvss 7.8epss 0.01

    The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.

  • CVE-2017-17066HigDec 5, 2017
    risk 0.49cvss 7.5epss 0.02

    The (1) i2pd before 2.17 and (2) kovri pre-alpha implementations of the I2P routing protocol do not properly handle Garlic DeliveryTypeTunnel packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer…

  • CVE-2017-16929HigDec 5, 2017
    risk 0.57cvss 8.1epss 0.13

    The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote attacker to read/write arbitrary files. This can be exploited via ../…

  • CVE-2017-15889HigDec 4, 2017
    risk 0.66cvss 8.8epss 0.72

    Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) before 5.2-5967-5 allows remote authenticated users to execute arbitrary commands via disk field.

  • CVE-2017-12079HigDec 4, 2017
    risk 0.49cvss 7.5epss 0.02

    Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain arbitrary files via prog_id field.

  • CVE-2017-17056HigDec 4, 2017
    risk 0.57cvss 8.8epss 0.01

    The ZKTime Web Software 2.0.1.12280 allows the Administrator to elevate the privileges of the application user using a 'password_change()' function of the Modify Password component, reachable via the old_password, new_password1, and new_password2 parameters to the…

  • CVE-2017-17130HigDec 4, 2017
    risk 0.57cvss 8.8epss 0.02

    The ff_free_picture_tables function in libavcodec/mpegpicture.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to vc1_decode_i_blocks_adv.

  • CVE-2017-17129HigDec 4, 2017
    risk 0.57cvss 8.8epss 0.01

    The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.

  • CVE-2017-17126HigDec 4, 2017
    risk 0.51cvss 7.8epss 0.02

    The load_debug_section function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via an ELF file that lacks section headers.

  • CVE-2017-17125HigDec 4, 2017
    risk 0.51cvss 7.8epss 0.02

    nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service (_bfd_elf_get_symbol_version_string buffer over-read and application crash) or possibly have unspecified other impact via a crafted ELF file.

  • CVE-2017-17124HigDec 4, 2017
    risk 0.51cvss 7.8epss 0.02

    The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service…

  • CVE-2017-17122HigDec 4, 2017
    risk 0.51cvss 7.8epss 0.02

    The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly…

  • CVE-2017-17121HigDec 4, 2017
    risk 0.51cvss 7.8epss 0.02

    The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (memory access violation) or possibly have unspecified other impact via a COFF binary in which a relocation refers to a location…

  • CVE-2017-17114HigDec 4, 2017
    risk 0.51cvss 7.8epss 0.00

    ntguard.sys and ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 have a Memory Corruption vulnerability via a 0x83000084 DeviceIoControl request.

  • CVE-2017-17112HigDec 4, 2017
    risk 0.51cvss 7.8epss 0.00

    ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a Pool Corruption vulnerability via a 0x83000058 DeviceIoControl request.

  • CVE-2017-17104HigDec 4, 2017
    risk 0.49cvss 7.5epss 0.02

    Fiyo CMS 2.0.7 has an arbitrary file read vulnerability in dapur/apps/app_theme/libs/check_file.php via $_GET['src'] or $_GET['name'].

  • CVE-2017-17103HigDec 4, 2017
    risk 0.57cvss 8.8epss 0.01

    Fiyo CMS 2.0.7 has SQL injection in /apps/app_user/sys_user.php via $_POST[name] or $_POST[email]. This vulnerability can lead to escalation from normal user privileges to administrator privileges.

  • CVE-2017-17102HigDec 4, 2017
    risk 0.49cvss 7.5epss 0.01

    Fiyo CMS 2.0.7 has SQL injection in /system/site.php via $_REQUEST['link'].

  • CVE-2017-17099HigDec 3, 2017
    risk 0.52cvss 7.8epss 0.12

    There exists an unauthenticated SEH based Buffer Overflow vulnerability in the HTTP server of Flexense SyncBreeze Enterprise v10.1.16. When sending a GET request with an excessive length, it is possible for a malicious user to overwrite the SEH record and execute a payload that…

  • CVE-2017-8823HigDec 3, 2017
    risk 0.53cvss 8.1epss 0.02

    In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, there is a use-after-free in onion service v2 during intro-point expiration because the expiring list is mismanaged in certain error cases, aka…

  • CVE-2017-8821HigDec 3, 2017
    risk 0.49cvss 7.5epss 0.02

    In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, an attacker can cause a denial of service (application hang) via crafted PEM input that signifies a public key requiring a password, which…

  • CVE-2017-8820HigDec 3, 2017
    risk 0.49cvss 7.5epss 0.02

    In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, remote attackers can cause a denial of service (NULL pointer dereference and application crash) against directory authorities via a malformed…

  • CVE-2017-8819HigDec 3, 2017
    risk 0.49cvss 7.5epss 0.01

    In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion services, aka TROVE-2017-009. An attacker can send many INTRODUCE2 cells to…

  • CVE-2017-17095HigDec 2, 2017
    risk 0.61cvss 8.8epss 0.11

    tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file.

  • CVE-2017-17091HigDec 2, 2017
    risk 0.51cvss 8.8epss 0.08

    wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string.

  • CVE-2017-17090HigDec 2, 2017
    risk 0.58cvss 7.5epss 0.82

    An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and older, and 15.1.2 and older, and Certified Asterisk 13.13-cert7 and older. If the chan_skinny (aka SCCP protocol) channel driver is flooded with certain requests, it can cause the…

  • CVE-2017-16953HigDec 1, 2017
    risk 0.53cvss 7.5epss 0.11

    connoppp.cgi on ZTE ZXDSL 831CII devices does not require HTTP Basic Authentication, which allows remote attackers to modify the PPPoE configuration or set up a malicious configuration via a GET request.

  • CVE-2017-16895HigDec 1, 2017
    risk 0.54cvss 7.8epss 0.01

    The (1) arq_updater, (2) arqcommitter, (3) standardrestorer, (4) arqglacierrestorer, and (5) arqs3glacierrestorer helper apps in Arq 5.x before 5.10 for Mac allow local users to gain root privileges via a crafted data packet.

  • CVE-2017-16612HigDec 1, 2017
    risk 0.49cvss 7.5epss 0.05

    libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through…

  • CVE-2017-15357HigDec 1, 2017
    risk 0.51cvss 7.4epss 0.01

    The setpermissions function in the auto-updater in Arq before 5.9.7 for Mac allows local users to gain root privileges via a symlink attack on the updater binary itself.

  • CVE-2017-14486HigDec 1, 2017
    risk 0.49cvss 7.5epss 0.01

    The Vibease Wireless Remote Vibrator app for Android and the Vibease Chat app for iOS use cleartext to exchange messages with other apps and the PLAIN SASL mechanism to send auth tokens to Vibease servers, which allows remote attackers to obtain user credentials, messages, and…

  • CVE-2017-13663HigDec 1, 2017
    risk 0.49cvss 7.5epss 0.00

    Encryption key exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to decrypt log files via an exposed key.

  • CVE-2017-15701HigDec 1, 2017
    risk 0.42cvss 7.5epss 0.04

    In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older…

  • CVE-2017-10901HigDec 1, 2017
    risk 0.49cvss 7.5epss 0.01

    Buffer overflow in PTW-WMS1 firmware version 2.000.012 allows remote attackers to conduct denial-of-service attacks via unspecified vectors.

  • CVE-2017-10895HigDec 1, 2017
    risk 0.49cvss 7.5epss 0.01

    sDNSProxy.exe ver1.1.0.0 and earlier allows remote attackers to cause a denial of service via unspecified vectors.

  • CVE-2017-10894HigDec 1, 2017
    risk 0.49cvss 7.5epss 0.01

    StreamRelay.NET.exe ver2.14.0.7 and earlier allows remote attackers to cause a denial of service via unspecified vectors.

  • CVE-2017-10892HigDec 1, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Music Center for PC version 1.0.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-10891HigDec 1, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Media Go version 3.2.0.191 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-10874HigDec 1, 2017
    risk 0.49cvss 7.5epss 0.01

    PWR-Q200 does not use random values for source ports of DNS query packets, which allows remote attackers to conduct DNS cache poisoning attacks.

  • CVE-2017-17085HigDec 1, 2017
    risk 0.53cvss 7.5epss 0.17

    In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length.

  • CVE-2017-17084HigDec 1, 2017
    risk 0.49cvss 7.5epss 0.03

    In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length.

  • CVE-2017-17083HigDec 1, 2017
    risk 0.49cvss 7.5epss 0.03

    In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer.

  • CVE-2017-11286HigDec 1, 2017
    risk 0.49cvss 7.5epss 0.08

    Adobe ColdFusion has an XML external entity (XXE) injection vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11.

  • CVE-2017-1000405HigNov 30, 2017
    risk 0.49cvss 7.0epss 0.03

    The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario breaks the new…

  • CVE-2017-1000406HigNov 30, 2017
    risk 0.49cvss 7.5epss 0.01

    OpenDaylight Karaf 0.6.1-Carbon fails to clear the cache after a password change, allowing the old password to be used until the Karaf cache is manually cleared (e.g. via restart).

  • CVE-2017-14949HigNov 30, 2017
    risk 0.42cvss 7.5epss 0.02

    Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, because only general external entities (not parameter external entities) are properly considered. This is related to…

  • CVE-2017-14868HigNov 30, 2017
    risk 0.49cvss 7.5epss 0.03

    Restlet Framework before 2.3.11, when using SimpleXMLProvider, allows remote attackers to access arbitrary files via an XXE attack in a REST API HTTP request. This affects use of the Jax-rs extension.