VYPR

CVEs

11,223 total · page 192 of 225

  • CVE-2016-10324CriApr 13, 2017
    risk 0.64cvss 9.8epss 0.02

    In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_clrncpy() function defined in osipparser2/osip_port.c.

  • CVE-2014-7921CriApr 13, 2017
    risk 0.64cvss 9.8epss 0.01

    mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7920.

  • CVE-2014-7920CriApr 13, 2017
    risk 0.64cvss 9.8epss 0.02

    mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921.

  • CVE-2016-6143CriApr 13, 2017
    risk 0.64cvss 9.8epss 0.04

    SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors involving the audit logs, aka SAP Security Note 2170806.

  • CVE-2016-4800CriApr 13, 2017
    risk 0.64cvss 9.8epss 0.06

    The path normalization mechanism in PathResource class in Eclipse Jetty 9.3.x before 9.3.9 on Windows allows remote attackers to bypass protected resource restrictions and other security constraints via a URL with certain escaped characters, related to backslashes.

  • CVE-2016-2555CriApr 13, 2017
    risk 0.73cvss 9.8epss 0.80

    SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php.

  • CVE-2015-8282CriApr 13, 2017
    risk 0.67cvss 9.8epss 0.07

    SeaWell Networks Spectrum SDC 02.05.00 has a default password of "admin" for the "admin" account.

  • CVE-2015-8271CriApr 13, 2017
    risk 0.64cvss 9.8epss 0.06

    The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arbitrary code.

  • CVE-2015-6674CriApr 13, 2017
    risk 0.64cvss 9.8epss 0.02

    Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836.

  • CVE-2017-7628CriApr 13, 2017
    risk 0.64cvss 9.8epss 0.01

    The "Smart related articles" extension 1.1 for Joomla! has SQL injection in dialog.php (attacker must use search_cats variable in POST method to exploit this vulnerability).

  • CVE-2017-7280CriApr 12, 2017
    risk 0.64cvss 9.8epss 0.06

    An issue was discovered in api/includes/systems.php in Unitrends Enterprise Backup before 9.0.0. User input is not properly filtered before being sent to a popen function. This allows for remote code execution by sending a specially crafted user variable.

  • CVE-2017-7279CriApr 12, 2017
    risk 0.64cvss 9.8epss 0.04

    An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 web server can escalate to root privileges by modifying the "token" cookie issued at login.

  • CVE-2016-4337CriApr 12, 2017
    risk 0.67cvss 9.8epss 0.02

    SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recover_login action.

  • CVE-2015-7564CriApr 12, 2017
    risk 0.60cvss 9.8epss 0.03

    Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an action_on_quick_icon action to item.query.php or the (2) order or (3) direction parameter in an (a) connections_logs, (b)…

  • CVE-2016-6808CriApr 12, 2017
    risk 0.65cvss 9.8epss 0.19

    Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42.

  • CVE-2017-7722CriApr 12, 2017
    risk 0.69cvss 10.0epss 0.13

    In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker…

  • CVE-2017-7719CriApr 12, 2017
    risk 0.64cvss 9.8epss 0.02

    SQL injection in the Spider Event Calendar (aka spider-event-calendar) plugin before 1.5.52 for WordPress is exploitable with the order_by parameter to calendar_functions.php or widget_Theme_functions.php, related to front_end/frontend_functions.php.

  • CVE-2017-3063CriApr 12, 2017
    risk 0.64cvss 9.8epss 0.09

    Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the ActionScript2 NetStream class. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3062CriApr 12, 2017
    risk 0.64cvss 9.8epss 0.10

    Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in ActionScript2 when creating a getter/setter property. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3061CriApr 12, 2017
    risk 0.69cvss 9.8epss 0.25

    Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3060CriApr 12, 2017
    risk 0.64cvss 9.8epss 0.08

    Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3059CriApr 12, 2017
    risk 0.64cvss 9.8epss 0.10

    Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3037CriApr 12, 2017
    risk 0.64cvss 9.8epss 0.06

    Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2989CriApr 12, 2017
    risk 0.59cvss 9.1epss 0.04

    Adobe Campaign versions Build 8770 and earlier have an input validation bypass that could be exploited to read, write, or delete data from the Campaign database.

  • CVE-2017-7588CriApr 12, 2017
    risk 0.69cvss 9.8epss 0.34

    On certain Brother devices, authorization is mishandled by including a valid AuthCookie cookie in the HTTP response to a failed login attempt. Affected models are: MFC-J6973CDW MFC-J4420DW MFC-8710DW MFC-J4620DW MFC-L8850CDW MFC-J3720 MFC-J6520DW MFC-L2740DW MFC-J5910DW…

  • CVE-2016-7552CriApr 12, 2017
    risk 0.74cvss 9.8epss 0.93

    On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a session_id cookie allows a remote, unauthenticated attacker to delete arbitrary files as root. This can be used to bypass authentication or cause a DoS.

  • CVE-2016-7547CriApr 12, 2017
    risk 0.74cvss 9.8epss 0.93

    A command execution flaw on the Trend Micro Threat Discovery Appliance 2.6.1062r1 exists with the timezone parameter in the admin_sys_time.cgi interface.

  • CVE-2017-7695CriApr 11, 2017
    risk 0.64cvss 9.8epss 0.02

    Unrestricted File Upload exists in BigTree CMS before 4.2.17: if an attacker uploads an 'xxx.php[space]' file, they could bypass a safety check and execute any code.

  • CVE-2017-7691CriApr 11, 2017
    risk 0.64cvss 9.8epss 0.02

    A code injection vulnerability exists in SAP TREX / Business Warehouse Accelerator (BWA). The vendor response is SAP Security Note 2419592.

  • CVE-2017-7689CriApr 11, 2017
    risk 0.64cvss 9.8epss 0.06

    A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0.

  • CVE-2013-6647CriApr 11, 2017
    risk 0.64cvss 9.8epss 0.01

    A use-after-free in AnimationController::endAnimationUpdate in Google Chrome.

  • CVE-2016-1908CriApr 11, 2017
    risk 0.65cvss 9.8epss 0.14

    The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging…

  • CVE-2016-0779CriApr 11, 2017
    risk 0.64cvss 9.8epss 0.10

    The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote attackers to execute arbitrary code via a crafted serialized object.

  • CVE-2017-7462CriApr 11, 2017
    risk 0.68cvss 9.8epss 0.13

    Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory.

  • CVE-2017-7625CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.03

    In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the content parameter to "/dapur/apps/app_theme/libs/save_file.php" and then execute code.

  • CVE-2017-7239CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.04

    Ninka before 1.3.2 might allow remote attackers to obtain sensitive information, manipulate license compliance scan results, or cause a denial of service (process hang) via a crafted filename.

  • CVE-2017-5983CriApr 10, 2017
    risk 0.65cvss 9.8epss 0.16

    The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object.

  • CVE-2016-6878CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.01

    The Curve25519 code in botan before 1.11.31, on systems without a native 128-bit integer type, might allow attackers to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang.

  • CVE-2016-10311CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.02

    Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238.

  • CVE-2015-7826CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.01

    botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote attackers to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting *.example.com as a match for bar.foo.example.com.

  • CVE-2016-10321CriApr 10, 2017
    risk 0.57cvss 9.8epss 0.03

    web2py before 2.14.6 does not properly check if a host is denied before verifying passwords, allowing a remote attacker to perform brute-force attacks.

  • CVE-2016-5074CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.01

    CloudView NMS before 2.10a has a format string issue exploitable over SNMP.

  • CVE-2016-5070CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.01

    Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext.

  • CVE-2016-5069CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.01

    Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL.

  • CVE-2016-5068CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.02

    Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests.

  • CVE-2016-5066CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.02

    Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user.

  • CVE-2016-5065CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.03

    Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection.

  • CVE-2016-5053CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.03

    OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary commands via TCP port 4000.

  • CVE-2015-7292CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.02

    Stack-based buffer overflow in the havok_write function in drivers/staging/havok/havok.c in Amazon Fire OS before 2016-01-15 allows attackers to cause a denial of service (panic) or possibly have unspecified other impact via a long string to /dev/hv.

  • CVE-2015-7273CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.01

    Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has XXE.