VYPR

CVEs

100,082 total · page 1885 of 2,002

  • CVE-2017-8912HigMay 12, 2017
    risk 0.50cvss 7.2epss 0.03

    CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated administrators to execute arbitrary PHP code via the code parameter to admin/editusertag.php, related to the CreateTagFunction and CallUserTag functions. NOTE: the vendor reportedly has stated this is "a feature, not a…

  • CVE-2017-8905HigMay 11, 2017
    risk 0.57cvss 8.8epss 0.00

    Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215.

  • CVE-2017-8904HigMay 11, 2017
    risk 0.57cvss 8.8epss 0.00

    Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOP_transfer (aka guest transfer) operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214.

  • CVE-2017-8903HigMay 11, 2017
    risk 0.57cvss 8.8epss 0.00

    Xen through 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213.

  • CVE-2016-10370HigMay 11, 2017
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered on OnePlus devices such as the 3T. The OnePlus OTA Updater pushes the signed-OTA image over HTTP without TLS. While it does not allow for installation of arbitrary OTAs (due to the digital signature), it unnecessarily increases the attack surface, and…

  • CVE-2017-8899HigMay 11, 2017
    risk 0.53cvss 8.1epss 0.01

    Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has a composite of Stored XSS and Information Disclosure issues in the attachments feature found in User CP. This can be triggered by any Invision Power Board user and can be used to gain access to…

  • CVE-2016-7476HigMay 11, 2017
    risk 0.49cvss 7.5epss 0.02

    The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, APM, ASM, GTM, Link Controller, PEM, PSM, and WebSafe 11.6.0 before 11.6.0 HF6, 11.5.0 before 11.5.3 HF2, and 11.3.0 before 11.4.1 HF10 may suffer from a memory leak while handling certain types of TCP traffic.…

  • CVE-2016-9100HigMay 11, 2017
    risk 0.51cvss 7.8epss 0.00

    Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.13, ASG 6.7 prior to 6.7.3.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6 prior to 6.6.5.13, and ProxySG 6.7 prior to 6.7.3.1 are susceptible to an information disclosure vulnerability. An attacker with local access to the…

  • CVE-2016-9097HigMay 11, 2017
    risk 0.47cvss 7.2epss 0.02

    The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator…

  • CVE-2016-9092HigMay 11, 2017
    risk 0.57cvss 8.8epss 0.01

    The Symantec Content Analysis (CA) 1.3, 2.x prior to 2.2.1.1, and Mail Threat Defense (MTD) 1.1 management consoles are susceptible to a cross-site request forging (CSRF) vulnerability. A remote attacker can use phishing or other social engineering techniques to access the…

  • CVE-2015-5436HigMay 11, 2017
    risk 0.49cvss 7.5epss 0.02

    A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service (DoS). Note this was originally published in…

  • CVE-2017-8852HigMay 10, 2017
    risk 0.54cvss 7.8epss 0.03

    SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is…

  • CVE-2017-8890HigMay 10, 2017
    risk 0.51cvss 7.8epss 0.01

    The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

  • CVE-2017-7698HigMay 10, 2017
    risk 0.51cvss 7.8epss 0.02

    A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02.

  • CVE-2017-4895HigMay 10, 2017
    risk 0.57cvss 8.8epss 0.00

    Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of this issue may result in an enrolled device having unrestricted access over local Airwatch security controls and data.

  • CVE-2017-1137HigMay 10, 2017
    risk 0.53cvss 8.1epss 0.02

    IBM WebSphere Application Server 8.0 and 8.5.5 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to the admin console. IBM X-Force ID: 121549.

  • CVE-2017-1103HigMay 10, 2017
    risk 0.53cvss 8.1epss 0.01

    IBM Team Concert (RTC) is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM…

  • CVE-2016-9250HigMay 10, 2017
    risk 0.49cvss 7.5epss 0.01

    In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, an unauthenticated user with access to the control plane may be able to delete arbitrary files through an undisclosed mechanism.

  • CVE-2016-5889HigMay 10, 2017
    risk 0.57cvss 8.8epss 0.00

    IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 115085.

  • CVE-2017-8874HigMay 10, 2017
    risk 0.57cvss 8.8epss 0.01

    Multiple cross-site request forgery (CSRF) vulnerabilities in Mautic 1.4.1 allow remote attackers to hijack the authentication of users for requests that (1) delete email campaigns or (2) delete contacts.

  • CVE-2017-8868HigMay 10, 2017
    risk 0.49cvss 7.5epss 0.02

    acp/core/files.browser.php in flatCore 1.4.7 allows file deletion via directory traversal in the delete parameter to acp/acp.php. The risk might be limited to requests submitted through CSRF.

  • CVE-2017-5892HigMay 10, 2017
    risk 0.49cvss 7.5epss 0.01

    ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow JSONP Information Disclosure such as a network map.

  • CVE-2017-5891HigMay 10, 2017
    risk 0.57cvss 8.8epss 0.00

    ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 have Login Page CSRF and Save Settings CSRF.

  • CVE-2017-0352HigMay 9, 2017
    risk 0.51cvss 7.8epss 0.00

    All versions of the NVIDIA GPU Display Driver contain a vulnerability in the GPU firmware where incorrect access control may allow CPU access sensitive GPU control registers, leading to an escalation of privileges

  • CVE-2017-0351HigMay 9, 2017
    risk 0.51cvss 7.8epss 0.00

    All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges.

  • CVE-2017-0350HigMay 9, 2017
    risk 0.51cvss 7.8epss 0.00

    All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used in an offset calculation may lead to denial of service or potential escalation of privileges.

  • CVE-2017-0349HigMay 9, 2017
    risk 0.51cvss 7.8epss 0.00

    All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a pointer passed from a user to the driver is not correctly validated before it is dereferenced for a write operation, may lead…

  • CVE-2017-0348HigMay 9, 2017
    risk 0.51cvss 7.8epss 0.00

    All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges.

  • CVE-2017-0347HigMay 9, 2017
    risk 0.51cvss 7.8epss 0.00

    All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array, which may lead to denial…

  • CVE-2017-0346HigMay 9, 2017
    risk 0.51cvss 7.8epss 0.00

    All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the size of an input buffer is not validated, leading to denial of service or potential escalation of privileges.

  • CVE-2017-0345HigMay 9, 2017
    risk 0.51cvss 7.8epss 0.00

    All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where user provided input used as an array size is not correctly validated allows out of bound access in kernel memory and may lead to…

  • CVE-2017-0344HigMay 9, 2017
    risk 0.51cvss 7.8epss 0.00

    All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape may allow users to gain access to arbitrary physical memory, leading to escalation of privileges.

  • CVE-2017-0343HigMay 9, 2017
    risk 0.46cvss 7.0epss 0.00

    All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) where user can trigger a race condition due to lack of synchronization in two functions leading to a denial of service or potential escalation of privileges.

  • CVE-2017-0342HigMay 9, 2017
    risk 0.51cvss 7.8epss 0.00

    All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where incorrect calculation may cause an invalid address access leading to denial of service or potential escalation of privileges.

  • CVE-2017-0341HigMay 9, 2017
    risk 0.51cvss 7.8epss 0.00

    All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where user provided input can trigger an access to a pointer that has not been initialized which may lead to denial of service or…

  • CVE-2017-8855HigMay 9, 2017
    risk 0.49cvss 7.5epss 0.01

    wolfSSL before 3.11.0 does not prevent wc_DhAgree from accepting a malformed DH key.

  • CVE-2017-8854HigMay 9, 2017
    risk 0.51cvss 7.8epss 0.02

    wolfSSL before 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file.

  • CVE-2017-8853HigMay 9, 2017
    risk 0.49cvss 7.5epss 0.01

    Fiyo CMS v2.0.7 has an arbitrary file delete vulnerability in dapur/apps/app_config/controller/backuper.php via directory traversal in the file parameter during an act=db action.

  • CVE-2017-3074HigMay 9, 2017
    risk 0.58cvss 8.8epss 0.05

    Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3073HigMay 9, 2017
    risk 0.58cvss 8.8epss 0.05

    Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3072HigMay 9, 2017
    risk 0.58cvss 8.8epss 0.05

    Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3071HigMay 9, 2017
    risk 0.58cvss 8.8epss 0.06

    Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3070HigMay 9, 2017
    risk 0.58cvss 8.8epss 0.05

    Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3069HigMay 9, 2017
    risk 0.58cvss 8.8epss 0.05

    Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3068HigMay 9, 2017
    risk 0.62cvss 8.8epss 0.20

    Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3067HigMay 9, 2017
    risk 0.49cvss 7.5epss 0.05

    Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure vulnerability resulting from abuse of the pre-population service in AEM Forms.

  • CVE-2016-9256HigMay 9, 2017
    risk 0.49cvss 7.5epss 0.01

    In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the role_map is not reloaded between the time the permissions are changed and the time of the user's next request. This is a race condition that…

  • CVE-2016-9253HigMay 9, 2017
    risk 0.49cvss 7.5epss 0.01

    In F5 BIG-IP 12.1.0 through 12.1.2, specific websocket traffic patterns may cause a disruption of service for virtual servers configured to use the websocket profile.

  • CVE-2016-9251HigMay 9, 2017
    risk 0.57cvss 8.8epss 0.02

    In F5 BIG-IP 12.0.0 through 12.1.2, an authenticated attacker may be able to cause an escalation of privileges through a crafted iControl REST connection.

  • CVE-2016-6799HigMay 9, 2017
    risk 0.42cvss 7.5epss 0.03

    Product: Apache Cordova Android 5.2.2 and earlier. The application calls methods of the Log class. Messages passed to these methods (Log.v(), Log.d(), Log.i(), Log.w(), and Log.e()) are stored in a series of circular buffers on the device. By default, a maximum of four 16 KB…