VYPR

CVEs

101,963 total · page 1857 of 2,040

  • CVE-2017-14919HigOct 30, 2017
    risk 0.49cvss 7.5epss 0.08

    Node.js before 4.8.5, 6.x before 6.11.5, and 8.x before 8.8.0 allows remote attackers to cause a denial of service (uncaught exception and crash) by leveraging a change in the zlib module 1.2.9 making 8 an invalid value for the windowBits parameter.

  • CVE-2014-0072HigOct 30, 2017
    risk 0.42cvss 7.5epss 0.08

    ios/CDVFileTransfer.m in the Apache Cordova File-Transfer standalone plugin (org.apache.cordova.file-transfer) before 0.4.2 for iOS and the File-Transfer plugin for iOS from Cordova 2.4.0 through 2.9.0 might allow remote attackers to spoof SSL servers by leveraging a default…

  • CVE-2014-0115HigOct 30, 2017
    risk 0.49cvss 7.5epss 0.05

    Directory traversal vulnerability in the log viewer in Apache Storm 0.9.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to log.

  • CVE-2012-0881HigOct 30, 2017
    risk 0.43cvss 7.5epss 0.17

    Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service (CPU consumption) via a crafted message to an XML service, which triggers hash table collisions.

  • CVE-2017-15921HigOct 30, 2017
    risk 0.52cvss 7.5epss 0.08

    In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002010. This is due to the input buffer being NULL or the input buffer…

  • CVE-2017-15920HigOct 30, 2017
    risk 0.52cvss 7.5epss 0.08

    In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002054. This is due to the input buffer being NULL or the input buffer…

  • CVE-2017-9450HigOct 30, 2017
    risk 0.51cvss 7.8epss 0.00

    The Amazon Web Services (AWS) CloudFormation bootstrap tools package (aka aws-cfn-bootstrap) before 1.4-19.10 allows local users to execute arbitrary code with root privileges by leveraging the ability to create files in an unspecified directory.

  • CVE-2017-9377HigOct 30, 2017
    risk 0.58cvss 8.8epss 0.04

    A command injection was identified on Barco ClickShare Base Unit devices with CSM-1 firmware before 1.7.0.3 and CSC-1 firmware before 1.10.0.10. An attacker with access to the product's web API can exploit this vulnerability to completely compromise the vulnerable device.

  • CVE-2017-7411HigOct 30, 2017
    risk 0.66cvss 8.8epss 0.67

    An issue was discovered in Enalean Tuleap 9.6 and prior versions. The vulnerability exists because the User::getRecentElements() method is using the unserialize() function with a preference value that can be arbitrarily manipulated by malicious users through the REST API…

  • CVE-2016-3090HigOct 30, 2017
    risk 0.58cvss 8.8epss 0.06

    The TextParseUtil.translateVariables method in Apache Struts 2.x before 2.3.20 allows remote attackers to execute arbitrary code via a crafted OGNL expression with ANTLR tooling.

  • CVE-2015-0226HigOct 30, 2017
    risk 0.42cvss 7.5epss 0.06

    Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted…

  • CVE-2015-0224HigOct 30, 2017
    risk 0.50cvss 7.5epss 0.15

    qpidd in Apache Qpid 0.30 and earlier allows remote attackers to cause a denial of service (daemon crash) via a crafted protocol sequence set. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0203.

  • CVE-2014-3526HigOct 30, 2017
    risk 0.49cvss 7.5epss 0.02

    Apache Wicket before 1.5.12, 6.x before 6.17.0, and 7.x before 7.0.0-M3 might allow remote attackers to obtain sensitive information via vectors involving identifiers for storing page markup for temporary user sessions.

  • CVE-2013-4246HigOct 30, 2017
    risk 0.57cvss 8.8epss 0.03

    libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive information by editing packed revision properties.

  • CVE-2017-16227HigOct 29, 2017
    risk 0.50cvss 7.5epss 0.19

    The aspath_put function in bgpd/bgp_aspath.c in Quagga before 1.2.2 allows remote attackers to cause a denial of service (session drop) via BGP UPDATE messages, because AS_PATH size calculation for long paths counts certain bytes twice and consequently constructs an invalid…

  • CVE-2017-16000HigOct 29, 2017
    risk 0.47cvss 7.2epss 0.02

    SQL injection vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the graph parameter to module/capacity_per_label/index.php.

  • CVE-2017-15998HigOct 29, 2017
    risk 0.49cvss 7.5epss 0.01

    In the "NQ Contacts Backup & Restore" application 1.1 for Android, DES encryption with a static key is used to secure transmitted contact data. This makes it easier for remote attackers to obtain cleartext information by sniffing the network.

  • CVE-2017-15997HigOct 29, 2017
    risk 0.51cvss 7.8epss 0.00

    In the "NQ Contacts Backup & Restore" application 1.1 for Android, RC4 encryption is used to secure the user password locally stored in shared preferences. Because there is a static RC4 key, an attacker can gain access to user credentials more easily by leveraging access to the…

  • CVE-2017-15996HigOct 29, 2017
    risk 0.51cvss 7.8epss 0.02

    elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized…

  • CVE-2017-15957HigOct 29, 2017
    risk 0.61cvss 8.8epss 0.04

    my_profile.php in Ingenious School Management System 2.3.0 allows a student or teacher to upload an arbitrary file.

  • CVE-2017-15956HigOct 29, 2017
    risk 0.52cvss 7.5epss 0.05

    ConverTo Video Downloader & Converter 1.4.1 allows Arbitrary File Download via the token parameter to download.php.

  • CVE-2017-15951HigOct 28, 2017
    risk 0.51cvss 7.8epss 0.00

    The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact…

  • CVE-2017-15949HigOct 28, 2017
    risk 0.47cvss 7.2epss 0.01

    Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the log_id parameter to admin/editgroup.php.

  • CVE-2017-15945HigOct 27, 2017
    risk 0.51cvss 7.8epss 0.00

    The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera packages before 2017-09-29 have chown calls for user-writable directory trees, which allows local users to gain privileges by leveraging…

  • CVE-2017-15938HigOct 27, 2017
    risk 0.49cvss 7.5epss 0.05

    dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name…

  • CVE-2017-15935HigOct 27, 2017
    risk 0.47cvss 7.2epss 0.03

    Artica Pandora FMS version 7.0 is vulnerable to remote PHP code execution through the manager files function. This is only exploitable by administrators who upload a PHP file.

  • CVE-2017-15582HigOct 27, 2017
    risk 0.49cvss 7.5epss 0.01

    In net.MCrypt in the "Diary with lock" (aka WriteDiary) application 4.72 for Android, hardcoded SecretKey and iv variables are used for the AES parameters, which makes it easier for attackers to obtain the cleartext of stored diary entries.

  • CVE-2017-15581HigOct 27, 2017
    risk 0.49cvss 7.5epss 0.01

    In the "Diary with lock" (aka WriteDiary) application 4.72 for Android, neither HTTPS nor other encryption is used for transmitting data, despite the documentation that the product is intended for "a personal journal of ... secrets and feelings," which allows remote attackers to…

  • CVE-2017-15933HigOct 27, 2017
    risk 0.47cvss 7.2epss 0.02

    SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the host parameter to module/capacity_per_device/index.php.

  • CVE-2017-13090HigOct 27, 2017
    risk 0.60cvss 8.8epss 0.37

    The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries…

  • CVE-2017-13089HigOct 27, 2017
    risk 0.64cvss 8.8epss 0.80

    The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a…

  • CVE-2017-15932HigOct 27, 2017
    risk 0.51cvss 7.8epss 0.01

    In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c via crafted ELF files when parsing the ELF version on 32bit systems.

  • CVE-2017-15931HigOct 27, 2017
    risk 0.51cvss 7.8epss 0.01

    In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c via crafted ELF files on 32bit systems.

  • CVE-2017-15930HigOct 27, 2017
    risk 0.57cvss 8.8epss 0.03

    In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer.

  • CVE-2016-5002HigOct 27, 2017
    risk 0.51cvss 7.8epss 0.08

    XML external entity (XXE) vulnerability in the Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted DTD.

  • CVE-2017-15928HigOct 27, 2017
    risk 0.49cvss 7.5epss 0.02

    In the Ox gem 2.8.0 for Ruby, the process crashes with a segmentation fault when a crafted input is supplied to parse_obj. NOTE: the vendor has stated "Ox should handle the error more gracefully" but has not confirmed a security implication.

  • CVE-2017-15924HigOct 27, 2017
    risk 0.51cvss 7.8epss 0.01

    In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the add_server, build_config, and construct_command_line functions.

  • CVE-2017-6157HigOct 27, 2017
    risk 0.53cvss 8.1epss 0.04

    In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.0 - 11.5.4, virtual servers with a configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable…

  • CVE-2017-0303HigOct 27, 2017
    risk 0.49cvss 7.5epss 0.03

    In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections handled by a Virtual Server with an associated SOCKS profile may not be properly…

  • CVE-2017-5122HigOct 27, 2017
    risk 0.57cvss 8.8epss 0.01

    Inappropriate use of table size handling in V8 in Google Chrome prior to 61.0.3163.100 for Windows allowed a remote attacker to trigger out-of-bounds access via a crafted HTML page.

  • CVE-2017-5121HigOct 27, 2017
    risk 0.58cvss 8.8epss 0.05

    Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to the escape analysis phase.

  • CVE-2017-5116HigOct 27, 2017
    risk 0.58cvss 8.8epss 0.13

    Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

  • CVE-2017-5115HigOct 27, 2017
    risk 0.59cvss 8.8epss 0.26

    Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.

  • CVE-2017-5114HigOct 27, 2017
    risk 0.57cvss 8.8epss 0.01

    Inappropriate use of partition alloc in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file.

  • CVE-2017-5113HigOct 27, 2017
    risk 0.57cvss 8.8epss 0.01

    Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2017-5112HigOct 27, 2017
    risk 0.58cvss 8.8epss 0.05

    Heap buffer overflow in WebGL in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

  • CVE-2017-5111HigOct 27, 2017
    risk 0.57cvss 8.8epss 0.01

    A use after free in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file.

  • CVE-2017-5108HigOct 27, 2017
    risk 0.57cvss 8.8epss 0.01

    Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file.

  • CVE-2017-5100HigOct 27, 2017
    risk 0.57cvss 8.8epss 0.01

    A use after free in Apps in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

  • CVE-2017-5099HigOct 27, 2017
    risk 0.57cvss 8.8epss 0.01

    Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to potentially gain privilege elevation via a crafted HTML page.