VYPR

CVEs

101,963 total · page 1874 of 2,040

  • CVE-2017-14544HigSep 18, 2017
    risk 0.51cvss 7.8epss 0.00

    STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at…

  • CVE-2017-14543HigSep 18, 2017
    risk 0.51cvss 7.8epss 0.00

    STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to "Data from Faulting Address controls Branch Selection starting at STDUEPubFile!DllUnregisterServer+0x0000000000039335."

  • CVE-2017-14542HigSep 18, 2017
    risk 0.51cvss 7.8epss 0.00

    STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .epub file, related to a "Read Access Violation on Block Data Move starting at STDUEPubFile!DllUnregisterServer+0x0000000000010262."

  • CVE-2017-14541HigSep 18, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at CADImage+0x000000000001f23e."

  • CVE-2017-14540HigSep 18, 2017
    risk 0.51cvss 7.8epss 0.01

    IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x000000000001f23e."

  • CVE-2017-14539HigSep 18, 2017
    risk 0.51cvss 7.8epss 0.01

    IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at image00000000_00400000+0x000000000011d767."

  • CVE-2017-14538HigSep 18, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting at jbig2dec+0x0000000000008823."

  • CVE-2017-9798HigSep 18, 2017
    risk 0.59cvss 7.5epss 0.95

    Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through…

  • CVE-2014-6106HigSep 18, 2017
    risk 0.57cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager 5.1, 6.0, and 7.0 allows remote attackers to hijack the authentication of users for requests that can cause cross-site scripting attacks, web cache poisoning, or other unspecified impacts via…

  • CVE-2017-9333HigSep 18, 2017
    risk 0.57cvss 8.8epss 0.02

    OpenWebif 1.2.5 allows remote code execution via a URL to the CallOPKG function in the IpkgController class in plugin/controllers/ipkg.py, when the URL refers to an attacker-controlled web site with a Trojan horse package. This has security implications in cases where untrusted…

  • CVE-2017-14530HigSep 18, 2017
    risk 0.52cvss 8.0epss 0.01

    WP_Admin_UI in the Crony Cronjob Manager plugin before 0.4.7 for WordPress has CSRF via the name parameter in an action=manage&do=create operation, as demonstrated by inserting XSS sequences.

  • CVE-2017-14520HigSep 17, 2017
    risk 0.51cvss 7.8epss 0.01

    In Poppler 0.59.0, a floating point exception occurs in Splash::scaleImageYuXd() in Splash.cc, which may lead to a potential attack when handling malicious PDF files.

  • CVE-2017-14519HigSep 17, 2017
    risk 0.49cvss 7.5epss 0.02

    In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opShowText, and Gfx::doShowText calls (aka a Gfx.cc infinite loop).

  • CVE-2017-14518HigSep 17, 2017
    risk 0.51cvss 7.8epss 0.01

    In Poppler 0.59.0, a floating point exception exists in the isImageInterpolationRequired() function in Splash.cc via a crafted PDF document.

  • CVE-2017-14515HigSep 17, 2017
    risk 0.49cvss 7.5epss 0.01

    Heap-based Buffer Overflow on Tenda W15E devices before 15.11.0.14 allows remote attackers to cause a denial of service (temporary HTTP outage and forced logout) via unspecified vectors.

  • CVE-2017-14514HigSep 17, 2017
    risk 0.49cvss 7.5epss 0.02

    Directory Traversal on Tenda W15E devices before 15.11.0.14 allows remote attackers to read unencrypted files via a crafted URL.

  • CVE-2017-14511HigSep 17, 2017
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in SAP E-Recruiting (aka ERECRUIT) 605 through 617. When an external applicant registers to the E-Recruiting application, he/she receives a link by email to confirm access to the provided email address. However, this measure can be bypassed and attackers…

  • CVE-2017-14509HigSep 17, 2017
    risk 0.58cvss 8.8epss 0.06

    An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 (and Sugar Community Edition 6.5.26). A remote file inclusion has been identified in the Connectors module allowing authenticated users to include remotely accessible system files…

  • CVE-2017-14508HigSep 17, 2017
    risk 0.57cvss 8.8epss 0.03

    An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 (and Sugar Community Edition 6.5.26). Several areas have been identified in the Documents and Emails module that could allow an authenticated user to perform SQL injection, as…

  • CVE-2017-14502HigSep 17, 2017
    risk 0.49cvss 7.5epss 0.03

    read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_read_header.

  • CVE-2017-14500HigSep 17, 2017
    risk 0.57cvss 8.8epss 0.03

    Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure (i.e., a podcast file)…

  • CVE-2015-1527HigSep 15, 2017
    risk 0.51cvss 7.8epss 0.00

    Integer overflow in IAudioPolicyService.cpp in Android allows local users to gain privileges via a crafted application, aka Android Bug ID 19261727.

  • CVE-2014-9463HigSep 15, 2017
    risk 0.61cvss 8.8epss 0.15

    functions_vbseo_hook.php in the VBSEO module for vBulletin allows remote authenticated users to execute arbitrary code via the HTTP Referer header to visitormessage.php.

  • CVE-2014-7808HigSep 15, 2017
    risk 0.42cvss 7.5epss 0.01

    Apache Wicket before 1.5.13, 6.x before 6.19.0, and 7.x before 7.0.0-M5 make it easier for attackers to defeat a cryptographic protection mechanism and predict encrypted URLs by leveraging use of CryptoMapper as the default encryption provider.

  • CVE-2017-9805HigKEVSep 15, 2017
    risk 0.69cvss 8.1epss 0.99

    The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.

  • CVE-2017-2299HigSep 15, 2017
    risk 0.49cvss 7.5epss 0.01

    Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 make it very easy to accidentally misconfigure TLS trust. If you specify the `ssl_ca` parameter but do not specify the `ssl_certs_dir` parameter, a default will be provided for the `ssl_certs_dir` that will trust…

  • CVE-2017-14497HigSep 15, 2017
    risk 0.51cvss 7.8epss 0.01

    The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel before 4.13 mishandles vnet headers, which might allow local users to cause a denial of service (buffer overflow, and disk and memory corruption) or possibly have unspecified other impact via crafted system…

  • CVE-2017-10860HigSep 15, 2017
    risk 0.51cvss 7.8epss 0.02

    Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory.

  • CVE-2017-10859HigSep 15, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-10858HigSep 15, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in "i-filter 6.0 install program" file version 1.0.8.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-10855HigSep 15, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in FENCE-Explorer for Windows V8.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-10846HigSep 15, 2017
    risk 0.49cvss 7.5epss 0.02

    Wi-Fi STATION L-02F Software version V10b and earlier allows remote attackers to bypass access restrictions to obtain information on device settings via unspecified vectors.

  • CVE-2017-4924HigSep 15, 2017
    risk 0.57cvss 8.8epss 0.01

    VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. This issue may allow a guest to execute code on the host.

  • CVE-2017-14484HigSep 15, 2017
    risk 0.47cvss 7.3epss 0.00

    The Gentoo sci-mathematics/gimps package before 28.10-r1 for Great Internet Mersenne Prime Search (GIMPS) allows local users to gain privileges by creating a hard link under /var/lib/gimps, because an unsafe "chown -R" command is executed.

  • CVE-2017-2809HigSep 14, 2017
    risk 0.42cvss 7.5epss 0.03

    An exploitable vulnerability exists in the yaml loading functionality of ansible-vault before 1.0.5. A specially crafted vault can execute arbitrary python commands resulting in command execution. An attacker can insert python into the vault to trigger this vulnerability.

  • CVE-2017-0782HigSep 14, 2017
    risk 0.57cvss 8.8epss 0.02

    A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146237.

  • CVE-2017-0781HigSep 14, 2017
    risk 0.62cvss 8.8epss 0.23

    A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146105.

  • CVE-2017-14482HigSep 14, 2017
    risk 0.58cvss 8.8epss 0.04

    GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in…

  • CVE-2017-1002151HigSep 14, 2017
    risk 0.49cvss 7.5epss 0.01

    Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper authorization

  • CVE-2017-1002026HigSep 14, 2017
    risk 0.57cvss 8.8epss 0.02

    Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, The function edit_event_category does not sanitize user-supplied input via the $id parameter before passing it into an SQL statement.

  • CVE-2017-1002025HigSep 14, 2017
    risk 0.47cvss 7.2epss 0.02

    Vulnerability in wordpress plugin add-edit-delete-listing-for-member-module v1.0, The plugin author does not sanitize user supplied input via $act before passing it into an SQL statement.

  • CVE-2017-1002007HigSep 14, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_mail.php doesn't check that the user is authorized before injecting new contacts into the wp_contact table.

  • CVE-2017-1002006HigSep 14, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_contact.php doesn't check that the user is authorized before injecting new contacts into the wp_contact table.

  • CVE-2017-1002005HigSep 14, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/delete.php user input isn't sanitized via the contact_id variable before adding it to the end of an SQL query.

  • CVE-2017-1002004HigSep 14, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/download.php user input isn't sanitized via the id variable before adding it to the end of an SQL query.

  • CVE-2017-13779HigSep 14, 2017
    risk 0.51cvss 7.8epss 0.01

    GSTN_offline_tool in India Goods and Services Tax Network (GSTN) Offline Utility tool before 1.2 executes winstart-server.vbs from the "C:\GST Offline Tool" directory, which has insecure permissions. This allows local users to gain privileges by replacing winstart-server.vbs…

  • CVE-2017-12989HigSep 14, 2017
    risk 0.49cvss 7.5epss 0.02

    The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length().

  • CVE-2017-2816HigSep 13, 2017
    risk 0.57cvss 8.8epss 0.02

    An exploitable buffer overflow vulnerability exists in the tag parsing functionality of LibOFX 0.9.11. A specially crafted OFX file can cause a write out of bounds resulting in a buffer overflow on the stack. An attacker can construct a malicious OFX file to trigger this…

  • CVE-2017-7561HigSep 13, 2017
    risk 0.49cvss 7.5epss 0.02

    Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.

  • CVE-2017-14430HigSep 13, 2017
    risk 0.49cvss 7.5epss 0.01

    D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices allow remote attackers to cause a denial of service (daemon crash) via crafted LAN traffic.