VYPR

CVEs

100,075 total · page 1931 of 2,002

  • CVE-2015-3441HigJan 5, 2017
    risk 0.57cvss 8.8epss 0.02

    The Parental Control panel in Genexis devices with DRGOS before 1.14.1 allows remote authenticated users to execute arbitrary CLI commands via the (1) start_hour, (2) start_minute, (3) end_hour, (4) end_minute, or (5) hostname parameter.

  • CVE-2016-9754HigJan 5, 2017
    risk 0.51cvss 7.8epss 0.01

    The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain privileges by writing to the /sys/kernel/debug/tracing/buffer_size_kb file.

  • CVE-2016-10030HigJan 5, 2017
    risk 0.46cvss 8.1epss 0.02

    The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an…

  • CVE-2016-10012HigJan 5, 2017
    risk 0.44cvss 7.8epss 0.01

    The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation…

  • CVE-2016-10010HigJan 5, 2017
    risk 0.42cvss 7.0epss 0.04

    sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

  • CVE-2016-10009HigJan 5, 2017
    risk 0.46cvss 7.3epss 0.37

    Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

  • CVE-2016-7902HigJan 4, 2017
    risk 0.57cvss 8.8epss 0.03

    Unrestricted file upload vulnerability in the fileUnzip->unzip method in Dotclear before 2.10.3 allows remote authenticated users with permissions to manage media items to execute arbitrary code by uploading a ZIP file containing a file with a crafted extension, as demonstrated…

  • CVE-2016-6894HigJan 4, 2017
    risk 0.49cvss 7.5epss 0.02

    Arista EOS 4.15 before 4.15.8M, 4.16 before 4.16.7M, and 4.17 before 4.17.0F on DCS-7050 series devices allow remote attackers to cause a denial of service (device reboot) by sending crafted packets to the control plane.

  • CVE-2016-9934HigJan 4, 2017
    risk 0.49cvss 7.5epss 0.07

    ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string.

  • CVE-2016-9933HigJan 4, 2017
    risk 0.49cvss 7.5epss 0.07

    Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted…

  • CVE-2016-8860HigJan 4, 2017
    risk 0.49cvss 7.5epss 0.02

    Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the implementation of or/buffers.c did not ensure that NUL termination was present, which allows remote attackers to cause a denial of…

  • CVE-2016-10116HigJan 4, 2017
    risk 0.53cvss 8.1epss 0.04

    NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier use a pattern of adjective, noun, and three-digit number for the customized password, which makes it…

  • CVE-2016-10097HigJan 2, 2017
    risk 0.49cvss 7.5epss 0.02

    XML External Entity (XXE) Vulnerability in /SSOPOST/metaAlias/%realm%/idpv2 in OpenAM - Access Management 10.1.0 allows remote attackers to read arbitrary files via the SAMLRequest parameter.

  • CVE-2016-10096HigJan 1, 2017
    risk 0.41cvss 7.3epss 0.01

    SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the activation parameter.

  • CVE-2016-10088HigDec 30, 2016
    risk 0.39cvss 7.0epss 0.00

    The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by…

  • CVE-2016-10085HigDec 30, 2016
    risk 0.40cvss 7.2epss 0.02

    admin/languages.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the tab parameter.

  • CVE-2016-10084HigDec 30, 2016
    risk 0.40cvss 7.2epss 0.02

    admin/batch_manager.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the $page['tab'] variable (aka the mode parameter).

  • CVE-2015-8743HigDec 29, 2016
    risk 0.46cvss 7.1epss 0.00

    QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged (CAP_SYS_RAWIO) user/process could use this flaw to leak or corrupt QEMU memory bytes.

  • CVE-2016-10081HigDec 29, 2016
    risk 0.54cvss 7.8epss 0.07

    /usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action.

  • CVE-2015-0854HigDec 29, 2016
    risk 0.51cvss 7.8epss 0.03

    App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Show in Folder" action.

  • CVE-2016-9878HigDec 29, 2016
    risk 0.42cvss 7.5epss 0.06

    An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Paths provided to the ResourceServlet were not properly sanitized and as a result exposed to directory traversal attacks.

  • CVE-2016-7462HigDec 29, 2016
    risk 0.55cvss 8.5epss 0.02

    The Suite REST API in VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to write arbitrary content to files or rename files via a crafted DiskFileItem in a relay-request payload that is mishandled during deserialization.

  • CVE-2016-7461HigDec 29, 2016
    risk 0.57cvss 8.8epss 0.01

    The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service…

  • CVE-2016-7459HigDec 29, 2016
    risk 0.50cvss 7.7epss 0.02

    VMware vCenter Server 5.5 before U3e and 6.0 before U2a allows remote authenticated users to read arbitrary files via a (1) Log Browser, (2) Distributed Switch setup, or (3) Content Library XML document containing an external entity declaration in conjunction with an entity…

  • CVE-2016-7086HigDec 29, 2016
    risk 0.51cvss 7.8epss 0.00

    The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the installation directory.

  • CVE-2016-7085HigDec 29, 2016
    risk 0.51cvss 7.8epss 0.00

    Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2016-7084HigDec 29, 2016
    risk 0.54cvss 7.8epss 0.02

    tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory…

  • CVE-2016-7083HigDec 29, 2016
    risk 0.54cvss 7.8epss 0.01

    VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via…

  • CVE-2016-7082HigDec 29, 2016
    risk 0.51cvss 7.8epss 0.00

    VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via…

  • CVE-2016-7081HigDec 29, 2016
    risk 0.51cvss 7.8epss 0.01

    Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS via unspecified…

  • CVE-2016-7080HigDec 29, 2016
    risk 0.51cvss 7.8epss 0.00

    The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2016-7079.

  • CVE-2016-7079HigDec 29, 2016
    risk 0.51cvss 7.8epss 0.00

    The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2016-7080.

  • CVE-2016-2246HigDec 29, 2016
    risk 0.51cvss 7.8epss 0.01

    HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keyboard application, which allows local users to bypass intended access restrictions and gain privileges via unspecified vectors.

  • CVE-2016-9806HigDec 28, 2016
    risk 0.51cvss 7.8epss 0.00

    Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to…

  • CVE-2016-9794HigDec 28, 2016
    risk 0.51cvss 7.8epss 0.00

    Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START…

  • CVE-2016-9793HigDec 28, 2016
    risk 0.54cvss 7.8epss 0.02

    The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by…

  • CVE-2016-9777HigDec 28, 2016
    risk 0.51cvss 7.8epss 0.00

    KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related…

  • CVE-2016-9755HigDec 28, 2016
    risk 0.51cvss 7.8epss 0.00

    The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service (integer overflow, out-of-bounds write, and GPF) or possibly have unspecified other impact via a crafted application that makes socket,…

  • CVE-2016-9576HigDec 28, 2016
    risk 0.51cvss 7.8epss 0.00

    The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging…

  • CVE-2016-6787HigDec 28, 2016
    risk 0.46cvss 7.0epss 0.00

    kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka Android internal bug 31095224.

  • CVE-2016-6786HigDec 28, 2016
    risk 0.46cvss 7.0epss 0.00

    kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka Android internal bug 30955111.

  • CVE-2012-6704HigDec 28, 2016
    risk 0.44cvss 7.8epss 0.00

    The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by…

  • CVE-2016-10031HigDec 27, 2016
    risk 0.52cvss 7.5epss 0.01

    WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To…

  • CVE-2016-9217HigDec 26, 2016
    risk 0.57cvss 8.8epss 0.01

    A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers could allow an unauthenticated, remote attacker to connect to the database used by these products. More Information: CSCus99394. Known Affected Releases: 7.3(0)ZN(0.99).

  • CVE-2016-10041HigDec 25, 2016
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Sprecher Automation SPRECON-E Service Program before 3.43 SP0. Under certain preconditions, it is possible to execute telegram simulation as a non-admin user. As prerequisites, a user must have created an online-connection, validly authenticated and…

  • CVE-2016-10039HigDec 24, 2016
    risk 0.41cvss 7.3epss 0.02

    Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/getfiles.

  • CVE-2016-10038HigDec 24, 2016
    risk 0.41cvss 7.3epss 0.02

    Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/remove.

  • CVE-2016-10037HigDec 24, 2016
    risk 0.41cvss 7.3epss 0.02

    Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted id (aka dir) parameter, related to browser/directory/getlist.

  • CVE-2016-9037HigDec 23, 2016
    risk 0.49cvss 7.5epss 0.04

    An exploitable out-of-bounds array access vulnerability exists in the xrow_header_decode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the…

  • CVE-2016-9036HigDec 23, 2016
    risk 0.49cvss 7.5epss 0.03

    An exploitable incorrect return value vulnerability exists in the mp_check function of Tarantool's Msgpuck library 1.0.3. A specially crafted packet can cause the mp_check function to incorrectly return success when trying to check if decoding a map16 packet will read outside…