VYPR

CVEs

100,082 total · page 1892 of 2,002

  • CVE-2016-6368HigApr 20, 2017
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly…

  • CVE-2017-1122HigApr 20, 2017
    risk 0.48cvss 7.4epss 0.00

    IBM Security Guardium 8.2, 9.0, and 10.0 contains a vulnerability that could allow a local attacker with CLI access to inject arbitrary commands which would be executed as root. IBM X-Force ID: 121174.

  • CVE-2016-5401HigApr 20, 2017
    risk 0.57cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page.

  • CVE-2016-3734HigApr 20, 2017
    risk 0.50cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read.

  • CVE-2016-1161HigApr 20, 2017
    risk 0.52cvss 8.0epss 0.01

    Cross-site request forgery (CSRF) vulnerability in ManageEngine Password Manager Pro before 8.5 (Build 8500).

  • CVE-2015-8285HigApr 20, 2017
    risk 0.52cvss 7.5epss 0.05

    The webssx.sys driver in QuickHeal 16.00 allows remote attackers to cause a denial of service.

  • CVE-2017-5156HigApr 20, 2017
    risk 0.57cvss 8.8epss 0.01

    A Cross-Site Request Forgery issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. The client request may be forged from a different site. This will allow an external site to access internal RDP systems on behalf of the…

  • CVE-2017-2784HigApr 20, 2017
    risk 0.53cvss 8.1epss 0.03

    An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. A specially crafted x509 certificate, when parsed by mbed TLS library, can cause an invalid free of a stack…

  • CVE-2016-4862HigApr 20, 2017
    risk 0.57cvss 8.8epss 0.02

    Twigmo bundled with CS-Cart 4.3.9 and earlier and Twigmo bundled with CS-Cart Multi-Vendor 4.3.9 and earlier allow remote authenticated users to execute arbitrary PHP code on the servers.

  • CVE-2016-4850HigApr 20, 2017
    risk 0.53cvss 8.1epss 0.02

    LINE for Windows before 4.8.3 allows man-in-the-middle attackers to execute arbitrary code.

  • CVE-2016-1218HigApr 20, 2017
    risk 0.57cvss 8.8epss 0.02

    SQL injection vulnerability in Cybozu Garoon before 4.2.2.

  • CVE-2016-6337HigApr 20, 2017
    risk 0.49cvss 7.5epss 0.01

    MediaWiki 1.27.x before 1.27.1 might allow remote attackers to bypass intended session access restrictions by leveraging a call to the UserGetRights function after Session::getAllowedUserRights.

  • CVE-2016-6335HigApr 20, 2017
    risk 0.49cvss 7.5epss 0.02

    MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 does not generate head items in the context of a given title, which allows remote attackers to obtain sensitive information via a parse action to api.php.

  • CVE-2016-6332HigApr 20, 2017
    risk 0.49cvss 7.5epss 0.02

    MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1, when $wgBlockDisablesLogin is true, might allow remote attackers to obtain sensitive information by leveraging failure to terminate sessions when a user account is blocked.

  • CVE-2016-6331HigApr 20, 2017
    risk 0.49cvss 7.5epss 0.02

    ApiParse in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to bypass intended per-title read restrictions via a parse action to api.php.

  • CVE-2016-5409HigApr 20, 2017
    risk 0.49cvss 7.5epss 0.01

    Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies.

  • CVE-2016-4650HigApr 20, 2017
    risk 0.51cvss 7.8epss 0.02

    Heap-based buffer overflow in IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-4293HigApr 20, 2017
    risk 0.51cvss 7.8epss 0.04

    Multiple heap-based buffer overflows in the (1) CBookBase::SetDefTableStyle and (2) CBookBase::SetDefPivotStyle functions in Hancom Office 2014 VP allow remote attackers to execute arbitrary code via a crafted Hangul Hcell Document (.cell) file.

  • CVE-2017-7692HigApr 20, 2017
    risk 0.63cvss 8.8epss 0.32

    SquirrelMail 1.4.22 (and other versions before 20170427_0200-SVN) allows post-authentication remote code execution via a sendmail.cf file that is mishandled in a popen call. It's possible to exploit this vulnerability to execute arbitrary shell commands on the remote server. The…

  • CVE-2017-7283HigApr 20, 2017
    risk 0.58cvss 8.8epss 0.04

    An authenticated user of Unitrends Enterprise Backup before 9.1.2 can execute arbitrary OS commands by sending a specially crafted filename to the /api/restore/download-files endpoint, related to the downloadFiles function in api/includes/restore.php.

  • CVE-2017-6919HigApr 20, 2017
    risk 0.49cvss 7.5epss 0.02

    Drupal 8 before 8.2.8 and 8.3 before 8.3.1 allows critical access bypass by authenticated users if the RESTful Web Services (rest) module is enabled and the site allows PATCH requests.

  • CVE-2017-7979HigApr 19, 2017
    risk 0.51cvss 7.8epss 0.00

    The cookie feature in the packet action API implementation in net/sched/act_api.c in the Linux kernel 4.11.x through 4.11-rc7 mishandles the tb nlattr array, which allows local users to cause a denial of service (uninitialized memory access and refcount underflow, and system…

  • CVE-2017-7978HigApr 19, 2017
    risk 0.49cvss 7.5epss 0.01

    Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290.

  • CVE-2017-7976HigApr 19, 2017
    risk 0.46cvss 7.1epss 0.01

    Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (application crash) or disclosure of sensitive information…

  • CVE-2013-7463HigApr 19, 2017
    risk 0.49cvss 7.5epss 0.01

    The aescrypt gem 1.0.0 for Ruby does not randomize the CBC IV for use with the AESCrypt.encrypt and AESCrypt.decrypt functions, which allows attackers to defeat cryptographic protection mechanisms via a chosen plaintext attack.

  • CVE-2017-7975HigApr 19, 2017
    risk 0.51cvss 7.8epss 0.02

    Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to a denial of service (application crash) or possibly…

  • CVE-2017-7963HigApr 19, 2017
    risk 0.49cvss 7.5epss 0.02

    The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1.4 allow attackers to cause a denial of service (memory consumption and application crash) via operations on long strings. NOTE: the vendor disputes this, stating "There is no security issue here,…

  • CVE-2017-7961HigApr 19, 2017
    risk 0.51cvss 7.8epss 0.02

    The cr_tknzr_parse_rgb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified…

  • CVE-2017-7948HigApr 19, 2017
    risk 0.51cvss 7.8epss 0.02

    Integer overflow in the mark_curve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via a crafted PostScript document.

  • CVE-2017-7850HigApr 19, 2017
    risk 0.51cvss 7.8epss 0.00

    Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode.

  • CVE-2016-10345HigApr 18, 2017
    risk 0.44cvss 7.8epss 0.00

    In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could allow local attackers to gain the privileges of the passenger user.

  • CVE-2017-5656HigApr 18, 2017
    risk 0.42cvss 7.5epss 0.07

    Apache CXF's STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associated with delegation tokens, which means that an attacker could craft a token which would return an identifer corresponding to a cached token for another user.

  • CVE-2017-7645HigApr 18, 2017
    risk 0.49cvss 7.5epss 0.06

    The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.

  • CVE-2017-5662HigApr 18, 2017
    risk 0.48cvss 7.3epss 0.04

    In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the…

  • CVE-2017-5661HigApr 18, 2017
    risk 0.48cvss 7.3epss 0.03

    In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user…

  • CVE-2017-7892HigApr 17, 2017
    risk 0.49cvss 7.5epss 0.01

    Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on pointer arithmetic calculations that overflow. An example compiler with…

  • CVE-2017-1161HigApr 17, 2017
    risk 0.48cvss 7.3epss 0.01

    IBM API Connect 5.0.6.0 could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of URLs for the Developer Portal. By crafting a malicious URL, an attacker could exploit this vulnerability to execute arbitrary commands on the…

  • CVE-2016-3036HigApr 17, 2017
    risk 0.49cvss 7.5epss 0.02

    IBM Cognos TM1 10.1 and 10.2 is vulnerable to a denial of service, caused by a stack-based buffer overflow when parsing packets. A remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 114612.

  • CVE-2017-5659HigApr 17, 2017
    risk 0.49cvss 7.5epss 0.03

    Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding.

  • CVE-2016-5396HigApr 17, 2017
    risk 0.49cvss 7.5epss 0.03

    Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb Attack.

  • CVE-2017-5650HigApr 17, 2017
    risk 0.42cvss 7.5epss 0.08

    In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handling of an HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection that were currently waiting for a WINDOW_UPDATE before allowing the application to write more data. These…

  • CVE-2017-5647HigApr 17, 2017
    risk 0.43cvss 7.5epss 0.17

    A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lost when send file processing of the previous…

  • CVE-2016-7551HigApr 17, 2017
    risk 0.49cvss 7.5epss 0.05

    chain_sip in Asterisk Open Source 11.x before 11.23.1 and 13.x 13.11.1 and Certified Asterisk 11.6 before 11.6-cert15 and 13.8 before 13.8-cert3 allows remote attackers to cause a denial of service (port exhaustion).

  • CVE-2017-7889HigApr 17, 2017
    risk 0.51cvss 7.8epss 0.00

    The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an…

  • CVE-2017-7885HigApr 17, 2017
    risk 0.46cvss 7.1epss 0.01

    Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow in the jbig2_decode_symbol_dict function in jbig2_symbol_dict.c in libjbig2dec.a…

  • CVE-2017-7615HigApr 16, 2017
    risk 0.67cvss 8.8epss 0.91

    MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php.

  • CVE-2017-7881HigApr 15, 2017
    risk 0.57cvss 8.8epss 0.01

    BigTree CMS through 4.2.17 relies on a substring check for CSRF protection, which allows remote attackers to bypass this check by placing the required admin/developer/ URI within a query string in an HTTP Referer header. This was found in core/admin/modules/developer/_header.php…

  • CVE-2017-7879HigApr 14, 2017
    risk 0.49cvss 7.5epss 0.01

    SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read the content database.

  • CVE-2017-7877HigApr 14, 2017
    risk 0.57cvss 8.8epss 0.01

    CSRF vulnerability in flatCore version 1.4.6 allows remote attackers to modify CMS configurations.

  • CVE-2017-7717HigApr 14, 2017
    risk 0.57cvss 8.8epss 0.02

    SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP NetWeaver AS Java 7.4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2356504.