VYPR

CVEs

101,963 total · page 1859 of 2,040

  • CVE-2012-4568HigOct 23, 2017
    risk 0.57cvss 8.8epss 0.01

    Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS (formerly MyDMS) before 3.3.8 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.

  • CVE-2011-4334HigOct 23, 2017
    risk 0.61cvss 8.8epss 0.06

    edit.php in LabWiki 1.1 and earlier does not properly verify uploaded user files, which allows remote authenticated users to upload arbitrary PHP files via a PHP file with a .gif extension in the userfile parameter.

  • CVE-2017-15808HigOct 23, 2017
    risk 0.60cvss 8.8epss 0.01

    In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.

  • CVE-2010-2232HigOct 23, 2017
    risk 0.49cvss 7.5epss 0.04

    In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker to overwrite an existing file.

  • CVE-2017-9946HigOct 23, 2017
    risk 0.51cvss 7.5epss 0.25

    A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. An attacker with network access to the integrated web server (80/tcp and 443/tcp) could bypass the authentication and download sensitive information from…

  • CVE-2017-15805HigOct 23, 2017
    risk 0.49cvss 7.5epss 0.02

    Cisco Small Business SA520 and SA540 devices with firmware 2.1.71 and 2.2.0.7 allow ../ directory traversal in scgi-bin/platform.cgi via the thispage parameter, for reading arbitrary files.

  • CVE-2017-15567HigOct 23, 2017
    risk 0.51cvss 7.8epss 0.00

    The certificate import component in IDEMIA (formerly Morpho) MorphoSmart 1300 Series (aka MSO 1300 Series) devices allows local users to obtain a command shell, and consequently gain privileges, via unspecified vectors. NOTE: the vendor disputes this because there is no command…

  • CVE-2017-15378HigOct 23, 2017
    risk 0.57cvss 8.8epss 0.01

    SQL Injection exists in the E-Sic 1.0 password reset parameter (aka the cpfcnpj parameter to the /reset URI).

  • CVE-2017-15377HigOct 23, 2017
    risk 0.49cvss 7.5epss 0.02

    In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c. The search engine doesn't stop when it should after no…

  • CVE-2017-14332HigOct 23, 2017
    risk 0.53cvss 8.1epss 0.01

    Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values.

  • CVE-2017-14328HigOct 23, 2017
    risk 0.49cvss 7.5epss 0.01

    Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot.

  • CVE-2017-7149HigOct 23, 2017
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the "StorageKit" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility hints, because the stored hint value…

  • CVE-2017-7137HigOct 23, 2017
    risk 0.51cvss 7.8epss 0.02

    An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file.

  • CVE-2017-7136HigOct 23, 2017
    risk 0.51cvss 7.8epss 0.02

    An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file.

  • CVE-2017-7135HigOct 23, 2017
    risk 0.51cvss 7.8epss 0.02

    An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file.

  • CVE-2017-7134HigOct 23, 2017
    risk 0.51cvss 7.8epss 0.02

    An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file.

  • CVE-2017-7133HigOct 23, 2017
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "MobileBackup" component. It allows remote attackers to obtain sensitive cleartext information in opportunistic circumstances by leveraging read access to a backup archive that…

  • CVE-2017-7127HigOct 23, 2017
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. iCloud before 7.0 on Windows is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "SQLite" component. It allows attackers to…

  • CVE-2017-7120HigOct 23, 2017
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-7117HigOct 23, 2017
    risk 0.61cvss 8.8epss 0.10

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-7116HigOct 23, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to read data from kernel memory locations via crafted Wi-Fi traffic.

  • CVE-2017-7115HigOct 23, 2017
    risk 0.56cvss 8.1epss 0.08

    An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption)…

  • CVE-2017-7114HigOct 23, 2017
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged…

  • CVE-2017-7111HigOct 23, 2017
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-7107HigOct 23, 2017
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-7104HigOct 23, 2017
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-7102HigOct 23, 2017
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-7100HigOct 23, 2017
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-7099HigOct 23, 2017
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-7098HigOct 23, 2017
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-7096HigOct 23, 2017
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-7095HigOct 23, 2017
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-7094HigOct 23, 2017
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-7093HigOct 23, 2017
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-7092HigOct 23, 2017
    risk 0.58cvss 8.8epss 0.05

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-7091HigOct 23, 2017
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-7090HigOct 23, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-7087HigOct 23, 2017
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-7086HigOct 23, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "libc" component. It allows remote attackers to cause a denial of service (resource…

  • CVE-2017-7081HigOct 23, 2017
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-7080HigOct 23, 2017
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended certificate-trust…

  • CVE-2017-7077HigOct 23, 2017
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2017-7076HigOct 23, 2017
    risk 0.51cvss 7.8epss 0.02

    An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file.

  • CVE-2017-15789HigOct 22, 2017
    risk 0.51cvss 7.8epss 0.01

    XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x00000000000048e7."

  • CVE-2017-15788HigOct 22, 2017
    risk 0.51cvss 7.8epss 0.01

    XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x0000000000002d83."

  • CVE-2017-15787HigOct 22, 2017
    risk 0.51cvss 7.8epss 0.01

    XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation starting at xnview+0x0000000000580063."

  • CVE-2017-15786HigOct 22, 2017
    risk 0.51cvss 7.8epss 0.01

    XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADImage+0x00000000001a78db."

  • CVE-2017-15785HigOct 22, 2017
    risk 0.51cvss 7.8epss 0.01

    XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation near NULL starting at Unknown Symbol @ 0x0000000000000000 called from…

  • CVE-2017-15784HigOct 22, 2017
    risk 0.51cvss 7.8epss 0.01

    XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to an "Illegal Instruction Violation starting at xnview+0x0000000000370074."

  • CVE-2017-15783HigOct 22, 2017
    risk 0.51cvss 7.8epss 0.01

    XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADImage+0x0000000000285ce1."