VYPR

CVEs

11,223 total · page 190 of 225

  • CVE-2017-8775CriMay 4, 2017
    risk 0.64cvss 9.8epss 0.01

    Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file.

  • CVE-2017-8774CriMay 4, 2017
    risk 0.64cvss 9.8epss 0.01

    Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file.

  • CVE-2017-8773CriMay 4, 2017
    risk 0.64cvss 9.8epss 0.02

    Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper validation of dwCompressionSize of Microsoft WIM Header WIMHEADER_V1_PACKED. This…

  • CVE-2017-7229CriMay 3, 2017
    risk 0.59cvss 9.1epss 0.01

    PGP/MIME encrypted messages injected into a Vaultive O365 (before 4.5.21) frontend via IMAP or SMTP have their Content-Type changed from 'Content-Type: multipart/encrypted; protocol="application/pgp-encrypted"; boundary="abc123abc123"' to 'Content-Type: text/plain' - this…

  • CVE-2017-7432CriMay 3, 2017
    risk 0.64cvss 9.8epss 0.02

    Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability.

  • CVE-2017-7476CriMay 2, 2017
    risk 0.64cvss 9.8epss 0.04

    Gnulib before 2017-04-26 has a heap-based buffer overflow with the TZ environment variable. The error is in the save_abbr function in time_rz.c.

  • CVE-2017-6551CriMay 2, 2017
    risk 0.64cvss 9.8epss 0.04

    Pexip Infinity before 14.2 allows remote attackers to cause a denial of service (service restart) or execute arbitrary code via vectors related to Conferencing Nodes.

  • CVE-2017-5689CriKEVMay 2, 2017
    risk 0.86cvss 9.8epss 0.92

    An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged…

  • CVE-2016-5006CriMay 2, 2017
    risk 0.64cvss 9.8epss 0.01

    The Cloud Controller in Cloud Foundry before 239 logs user-provided service objects at creation, which allows attackers to obtain sensitive user credential information via unspecified vectors.

  • CVE-2016-10243CriMay 2, 2017
    risk 0.64cvss 9.8epss 0.07

    TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file.

  • CVE-2017-8399CriMay 1, 2017
    risk 0.64cvss 9.8epss 0.03

    PCRE2 before 10.30 has an out-of-bounds write caused by a stack-based buffer overflow in pcre2_match.c, related to a "pattern with very many captures."

  • CVE-2016-8649CriMay 1, 2017
    risk 0.59cvss 9.1epss 0.03

    lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls.

  • CVE-2017-8378CriMay 1, 2017
    risk 0.64cvss 9.8epss 0.02

    Heap-based buffer overflow in the PdfParser::ReadObjects function in base/PdfParser.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors related to m_offsets.size.

  • CVE-2017-6520CriMay 1, 2017
    risk 0.59cvss 9.1epss 0.02

    The Multicast DNS (mDNS) responder used in BOSE Soundtouch 30 inadvertently responds to IPv4 unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive…

  • CVE-2017-6519CriMay 1, 2017
    risk 0.59cvss 9.1epss 0.03

    avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially…

  • CVE-2017-8366CriApr 30, 2017
    risk 0.64cvss 9.8epss 0.02

    The strescape function in ec_strings.c in Ettercap 0.8.2 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted filter that is mishandled by etterfilter.

  • CVE-2017-8359CriApr 30, 2017
    risk 0.64cvss 9.8epss 0.02

    Google gRPC before 2017-03-29 has an out-of-bounds write caused by a heap-based use-after-free related to the grpc_call_destroy function in core/lib/surface/call.c.

  • CVE-2017-8358CriApr 30, 2017
    risk 0.64cvss 9.8epss 0.02

    LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx.

  • CVE-2017-6553CriApr 29, 2017
    risk 0.70cvss 9.8epss 0.42

    Buffer Overflow in Quest One Identity Privilege Manager for Unix before 6.0.0.061 allows remote attackers to obtain full access to the policy server via an ACT_ALERT_EVENT request that causes memory corruption in the pmmasterd daemon.

  • CVE-2017-7945CriApr 29, 2017
    risk 0.64cvss 9.8epss 0.02

    The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to…

  • CVE-2016-8584CriApr 28, 2017
    risk 0.64cvss 9.8epss 0.06

    Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values, which allows remote attackers to bypass authentication by guessing the value.

  • CVE-2017-2142CriApr 28, 2017
    risk 0.64cvss 9.8epss 0.03

    Buffer overflow in WN-G300R3 firmware Ver.1.03 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

  • CVE-2017-2096CriApr 28, 2017
    risk 0.64cvss 9.8epss 0.06

    smalruby-editor v0.4.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

  • CVE-2017-7895CriApr 28, 2017
    risk 0.65cvss 9.8epss 0.11

    The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to…

  • CVE-2017-8305CriApr 27, 2017
    risk 0.64cvss 9.8epss 0.01

    The UDFclient (before 0.8.8) custom strlcpy implementation has a buffer overflow. UDFclient's strlcpy is used only on systems with a C library (e.g., glibc) that lacks its own strlcpy.

  • CVE-2017-8307CriApr 27, 2017
    risk 0.64cvss 9.8epss 0.02

    In Avast Antivirus before v17, using the LPC interface API exposed by the AvastSVC.exe Windows service, it is possible to launch predefined binaries, or replace or delete arbitrary files. This vulnerability is exploitable by any unprivileged user when Avast Self-Defense is…

  • CVE-2017-8297CriApr 27, 2017
    risk 0.64cvss 9.8epss 0.03

    A path traversal vulnerability exists in simple-file-manager before 2017-04-26, affecting index.php (the sole "Simple PHP File Manager" component).

  • CVE-2017-5135CriApr 27, 2017
    risk 0.64cvss 9.1epss 0.17

    Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases. The Technicolor (formerly Cisco) DPC3928SL with firmware D3928SL-P15-13-A386-c3420r55105-160127a could be reached by any SNMP community string from the…

  • CVE-2017-3066CriKEVApr 27, 2017
    risk 0.86cvss 9.8epss 0.91

    Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserialization vulnerability in the Apache BlazeDS library. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-8289CriApr 27, 2017
    risk 0.64cvss 9.8epss 0.02

    Stack-based buffer overflow in the ipv6_addr_from_str function in sys/net/network_layer/ipv6/addr/ipv6_addr_from_str.c in RIOT prior to 2017-04-25 allows local attackers, and potentially remote attackers, to cause a denial of service or possibly have unspecified other impact via…

  • CVE-2017-8287CriApr 27, 2017
    risk 0.64cvss 9.8epss 0.03

    FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c.

  • CVE-2017-8283CriApr 26, 2017
    risk 0.64cvss 9.8epss 0.05

    dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by…

  • CVE-2017-8225CriApr 25, 2017
    risk 0.68cvss 9.8epss 0.18

    On Wireless IP Camera (P2P) WIFICAM devices, access to .ini files (containing credentials) is not correctly checked. An attacker can bypass authentication by providing an empty loginuse parameter and an empty loginpas parameter in the URI.

  • CVE-2017-8224CriApr 25, 2017
    risk 0.67cvss 9.8epss 0.09

    Wireless IP Camera (P2P) WIFICAM devices have a backdoor root account that can be accessed with TELNET.

  • CVE-2017-8220CriApr 25, 2017
    risk 0.67cvss 9.9epss 0.36

    TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow remote code execution with a single HTTP request by placing shell commands in a "host=" line within HTTP POST data.

  • CVE-2017-8218CriApr 25, 2017
    risk 0.64cvss 9.8epss 0.02

    vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n has a backdoor admin account with the 1234 password, a backdoor guest account with the guest password, and a backdoor test account with the test password.

  • CVE-2017-8110CriApr 25, 2017
    risk 0.65cvss 10.0epss 0.01

    www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 10690 has XXE in api/it-recht-kanzlei/api-it-recht-kanzlei.php.

  • CVE-2017-3623CriApr 24, 2017
    risk 0.70cvss 10.0epss 0.22

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel RPC). For supported versions that are affected see note. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise…

  • CVE-2017-3553CriApr 24, 2017
    risk 0.65cvss 9.9epss 0.02

    Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Rules Engine). The supported version that is affected is 11.1.2.3.0. Easily "exploitable" vulnerability allows low privileged attacker with network access via HTTP to compromise…

  • CVE-2017-3549CriApr 24, 2017
    risk 0.63cvss 9.1epss 0.16

    Vulnerability in the Oracle Scripting component of Oracle E-Business Suite (subcomponent: Scripting Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows unauthenticated…

  • CVE-2017-3510CriApr 24, 2017
    risk 0.63cvss 9.6epss 0.02

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones virtualized NIC driver). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple…

  • CVE-2017-3508CriApr 24, 2017
    risk 0.59cvss 9.1epss 0.02

    Vulnerability in the Primavera Gateway component of Oracle Primavera Products Suite (subcomponent: Primavera Desktop Integration). Supported versions that are affected are 1.0, 1.1, 14.2, 15.1, 15.2, 16.1 and 16.2. Easily "exploitable" vulnerability allows high privileged…

  • CVE-2017-3503CriApr 24, 2017
    risk 0.65cvss 9.9epss 0.02

    Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access (Apache Commons BeanUtils)). Supported versions that are affected are 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily "exploitable"…

  • CVE-2017-3234CriApr 24, 2017
    risk 0.64cvss 9.8epss 0.02

    Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager). The supported version that is affected is Prior to 5.7. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via SFT to…

  • CVE-2016-6903CriApr 24, 2017
    risk 0.65cvss 9.9epss 0.05

    lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.

  • CVE-2016-6902CriApr 24, 2017
    risk 0.65cvss 9.9epss 0.05

    lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.

  • CVE-2011-3428CriApr 24, 2017
    risk 0.64cvss 9.8epss 0.02

    Buffer overflow in QuickTime before 7.7.1 for Windows allows remote attackers to execute arbitrary code.

  • CVE-2017-8105CriApr 24, 2017
    risk 0.64cvss 9.8epss 0.04

    FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.

  • CVE-2015-7568CriApr 24, 2017
    risk 0.67cvss 9.8epss 0.04

    SQL injection vulnerability in the password recovery feature in Yeager CMS 1.2.1 allows remote attackers to change the account credentials of known users via the "userEmail" parameter.

  • CVE-2015-7247CriApr 24, 2017
    risk 0.68cvss 9.8epss 0.10

    D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames, passwords, keys, values, and web account hashes (super and admin) in plaintext when running a configuration backup, which allows remote attackers to obtain sensitive information.