VYPR

CVEs

101,963 total · page 1863 of 2,040

  • CVE-2017-15600HigOct 18, 2017
    risk 0.49cvss 7.5epss 0.02

    In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c.

  • CVE-2015-5227HigOct 18, 2017
    risk 0.57cvss 8.8epss 0.03

    The Landing Pages plugin before 1.9.2 for WordPress allows remote attackers to execute arbitrary code via the url parameter.

  • CVE-2016-5714HigOct 18, 2017
    risk 0.47cvss 7.2epss 0.02

    Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agent 1.3.6 through 1.7.0 allow remote attackers to bypass a host whitelist protection mechanism and execute arbitrary code on Puppet nodes via vectors related to command validation, aka "Puppet Execution Protocol…

  • CVE-2015-7715HigOct 18, 2017
    risk 0.60cvss 8.8epss 0.03

    Cross-site request forgery (CSRF) vulnerability in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allows remote attackers to hijack the authentication of administrators for requests that add a user via an add_user action to administrator/index.php.

  • CVE-2015-7714HigOct 18, 2017
    risk 0.50cvss 7.2epss 0.02

    Multiple SQL injection vulnerabilities in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allow remote administrators to execute arbitrary SQL commands via the (1) id, (2) copy_field in a data_copy action, (3) pshow in an update_field action, (4) css, (5) tip, (6)…

  • CVE-2015-5164HigOct 18, 2017
    risk 0.47cvss 7.2epss 0.04

    The Qpid server on Red Hat Satellite 6 does not properly restrict message types, which allows remote authenticated users with administrative access on a managed content host to execute arbitrary code via a crafted message, related to a pickle processing problem in pulp.

  • CVE-2017-8022HigOct 18, 2017
    risk 0.53cvss 8.1epss 0.03

    An issue was discovered in EMC NetWorker (prior to 8.2.4.9, all supported 9.0.x versions, prior to 9.1.1.3, prior to 9.2.0.4). The Server service (nsrd) is affected by a buffer overflow vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability…

  • CVE-2015-2156HigOct 18, 2017
    risk 0.42cvss 7.5epss 0.05

    Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper…

  • CVE-2014-3709HigOct 18, 2017
    risk 0.50cvss 8.8epss 0.01

    The org.keycloak.services.resources.SocialResource.callback method in JBoss KeyCloak before 1.0.3.Final allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging lack of CSRF protection.

  • CVE-2014-3164HigOct 18, 2017
    risk 0.49cvss 7.5epss 0.01

    cmds/servicemanager/service_manager.c in Android before commit 7d42a3c31ba78a418f9bdde0e0ab951469f321b5 allows attackers to cause a denial of service (NULL pointer dereference, or out-of-bounds write) via vectors related to binder passed lengths.

  • CVE-2017-15595HigOct 18, 2017
    risk 0.60cvss 8.8epss 0.02

    An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking.

  • CVE-2017-15594HigOct 18, 2017
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging.

  • CVE-2017-15592HigOct 18, 2017
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests.

  • CVE-2017-15590HigOct 18, 2017
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because MSI mapping was mishandled.

  • CVE-2017-15588HigOct 18, 2017
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry.

  • CVE-2017-15587HigOct 18, 2017
    risk 0.51cvss 7.8epss 0.01

    An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11.

  • CVE-2017-15578HigOct 18, 2017
    risk 0.60cvss 8.8epss 0.01

    In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via the image parameter to admin/edit_category.php.

  • CVE-2017-15577HigOct 18, 2017
    risk 0.49cvss 7.5epss 0.02

    Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles the rendering of wiki links, which allows remote attackers to obtain sensitive information.

  • CVE-2017-15576HigOct 18, 2017
    risk 0.49cvss 7.5epss 0.02

    Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles Time Entry rendering in activity views, which allows remote attackers to obtain sensitive information.

  • CVE-2017-15575HigOct 18, 2017
    risk 0.48cvss 7.3epss 0.01

    In Redmine before 3.2.6 and 3.3.x before 3.3.3, Redmine.pm lacks a check for whether the Repository module is enabled in a project's settings, which might allow remote attackers to obtain sensitive differences information or possibly have unspecified other impact.

  • CVE-2017-15572HigOct 18, 2017
    risk 0.49cvss 7.5epss 0.02

    In Redmine before 3.2.6 and 3.3.x before 3.3.3, remote attackers can obtain sensitive information (password reset tokens) by reading a Referer log, because account/lost_password does not use a redirect.

  • CVE-2017-9625HigOct 17, 2017
    risk 0.53cvss 8.2epss 0.02

    An Improper Authentication issue was discovered in Envitech EnviDAS Ultimate Versions prior to v1.0.0.5. The web application lacks proper authentication which could allow an attacker to view information and modify settings or execute code remotely.

  • CVE-2017-15565HigOct 17, 2017
    risk 0.57cvss 8.8epss 0.02

    In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document.

  • CVE-2017-14011HigOct 17, 2017
    risk 0.57cvss 8.8epss 0.01

    A Cross-Site Request Forgery issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The application does not sufficiently verify requests, making it susceptible to cross-site request forgery. This may allow an attacker to execute unauthorized code, resulting…

  • CVE-2017-14005HigOct 17, 2017
    risk 0.57cvss 8.8epss 0.01

    An Unverified Password Change issue was discovered in ProMinent MultiFLEX M10a Controller web interface. When setting a new password for a user, the application does not require the user to know the original password. An attacker who is authenticated could change a user's…

  • CVE-2017-6273HigOct 17, 2017
    risk 0.51cvss 7.8epss 0.00

    NVIDIA ADSP Firmware contains a vulnerability in the ADSP Loader component where there is the potential to write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or possible escalation of privileges.

  • CVE-2017-5531HigOct 17, 2017
    risk 0.52cvss 8.0epss 0.01

    Deployments of TIBCO Managed File Transfer Command Center versions 8.0.0 and 8.0.1 and TIBCO Managed File Transfer Internet Server versions 8.0.0 and 8.0.1 that enable the Administrator Service may be affected by a vulnerability which may allow any authenticated user to gain…

  • CVE-2017-3760HigOct 17, 2017
    risk 0.53cvss 8.1epss 0.01

    The Lenovo Service Framework Android application uses a set of nonsecure credentials when performing integrity verification of downloaded applications and/or data. This exposes the application to man-in-the-middle attacks leading to possible remote code execution.

  • CVE-2017-3759HigOct 17, 2017
    risk 0.53cvss 8.1epss 0.02

    The Lenovo Service Framework Android application accepts some responses from the server without proper validation. This exposes the application to man-in-the-middle attacks leading to possible remote code execution.

  • CVE-2014-9118HigOct 17, 2017
    risk 0.64cvss 8.8epss 0.53

    The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd.

  • CVE-2014-8357HigOct 17, 2017
    risk 0.61cvss 8.8epss 0.05

    backupsettings.html in the web administrative portal in Zhone zNID GPON 2426A before S3.0.501 places a session key in a URL, which allows remote attackers to obtain arbitrary user passwords via the sessionKey parameter in a getConfig action to backupsettings.conf.

  • CVE-2014-2664HigOct 17, 2017
    risk 0.57cvss 8.8epss 0.03

    Unrestricted file upload vulnerability in the ProfileController::actionUploadPhoto method in protected/controllers/ProfileController.php in X2Engine X2CRM before 4.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then…

  • CVE-2014-2277HigOct 17, 2017
    risk 0.46cvss 7.1epss 0.00

    The make_temporary_filename function in perltidy 20120701-1 and earlier allows local users to obtain sensitive information or write to arbitrary files via a symlink attack, related to use of the tmpnam function.

  • CVE-2014-9697HigOct 17, 2017
    risk 0.49cvss 7.5epss 0.01

    Huawei USG9560/9520/9580 before V300R001C01SPC300 allows remote attackers to cause a memory leak or denial of service (memory exhaustion, reboot and MPU switchover) via a crafted website.

  • CVE-2014-9489HigOct 17, 2017
    risk 0.50cvss 8.8epss 0.02

    The gollum-grit_adapter Ruby gem dependency in gollum before 3.1.1 and the gollum-lib gem dependency in gollum-lib before 4.0.1 when the string "master" is in any of the wiki documents, allows remote authenticated users to execute arbitrary code via the -O or…

  • CVE-2014-8324HigOct 17, 2017
    risk 0.42cvss 7.5epss 0.04

    network.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter.

  • CVE-2014-8323HigOct 17, 2017
    risk 0.42cvss 7.5epss 0.03

    buddy-ng.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter.

  • CVE-2017-13082HigOct 17, 2017
    risk 0.53cvss 8.1epss 0.05

    Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

  • CVE-2017-15385HigOct 16, 2017
    risk 0.51cvss 7.8epss 0.01

    The store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c in radare2 2.0.0 allows remote attackers to cause a denial of service (r_read_le16 invalid write and application crash) or possibly have unspecified other impact via a crafted ELF file.

  • CVE-2017-9368HigOct 16, 2017
    risk 0.49cvss 7.5epss 0.01

    An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files.

  • CVE-2017-0316HigOct 16, 2017
    risk 0.51cvss 7.8epss 0.00

    In GeForce Experience (GFE) 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges.

  • CVE-2015-7504HigOct 16, 2017
    risk 0.57cvss 8.8epss 0.01

    Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode.

  • CVE-2017-15265HigOct 16, 2017
    risk 0.46cvss 7.0epss 0.00

    Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and…

  • CVE-2017-15221HigOct 16, 2017
    risk 0.54cvss 7.8epss 0.05

    ASX to MP3 converter 3.1.3.7.2010.11.05 has a buffer overflow via a crafted M3U file, a related issue to CVE-2009-1324.

  • CVE-2017-15383HigOct 16, 2017
    risk 0.51cvss 7.8epss 0.00

    Nero 7.10.1.0 has an unquoted BINARY_PATH_NAME for NBService, exploitable via a Trojan horse Nero.exe file in the %PROGRAMFILES(x86)%\Nero directory.

  • CVE-2017-15297HigOct 16, 2017
    risk 0.49cvss 7.5epss 0.03

    SAP Hostcontrol does not require authentication for the SOAP SAPControl endpoint. This is SAP Security Note 2442993.

  • CVE-2017-15296HigOct 16, 2017
    risk 0.57cvss 8.8epss 0.01

    The Java component in SAP CRM has CSRF. This is SAP Security Note 2478964.

  • CVE-2016-4461HigOct 16, 2017
    risk 0.58cvss 8.8epss 0.08

    Apache Struts 2.x before 2.3.29 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-0785.

  • CVE-2014-9147HigOct 16, 2017
    risk 0.53cvss 7.5epss 0.11

    Fiyo CMS 2.0.1.8 allows remote attackers to obtain sensitive information via a direct request to the database backup file in .backup/.

  • CVE-2014-7851HigOct 16, 2017
    risk 0.49cvss 7.5epss 0.01

    oVirt 3.2.2 through 3.5.0 does not invalidate the restapi session after logout from the webadmin, which allows remote authenticated users with knowledge of another user's session data to gain that user's privileges by replacing their session token with that of another user.