VYPR

CVEs

11,223 total · page 194 of 225

  • CVE-2016-10308CriMar 30, 2017
    risk 0.64cvss 9.8epss 0.03

    Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account, with an unchangeable password that is the same across all devices. This account is accessible via both SSH and the device's web interface and grants access to the underlying embedded…

  • CVE-2016-10307CriMar 30, 2017
    risk 0.64cvss 9.8epss 0.02

    Trango ApexLynx 2.0, ApexOrion 2.0, GigaLynx 2.0, GigaOrion 2.0, and StrataLink 3.0 devices have a built-in, hidden root account, with a default password for which the MD5 hash value is public (but the cleartext value is perhaps not yet public). This account is accessible via…

  • CVE-2016-10306CriMar 30, 2017
    risk 0.64cvss 9.8epss 0.03

    Trango Altum AC600 devices have a built-in, hidden root account, with a default password of abcd1234. This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded UNIX OS on the device, allowing full control over it.

  • CVE-2016-10305CriMar 30, 2017
    risk 0.64cvss 9.8epss 0.02

    Trango Apex <= 2.1.1, ApexLynx < 2.0, ApexOrion < 2.0, ApexPlus <= 3.2.0, Giga <= 2.6.1, GigaLynx < 2.0, GigaOrion < 2.0, GigaPlus <= 3.2.3, GigaPro <= 1.4.1, StrataLink < 3.0, and StrataPro devices have a built-in, hidden root account, with a default password that was once…

  • CVE-2017-5226CriMar 29, 2017
    risk 0.65cvss 10.0epss 0.03

    When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the sandbox.

  • CVE-2014-3582CriMar 29, 2017
    risk 0.64cvss 9.8epss 0.02

    In Ambari 1.2.0 through 2.2.2, it may be possible to execute arbitrary system commands on the Ambari Server host while generating SSL certificates for hosts in an Ambari cluster.

  • CVE-2016-9924CriMar 29, 2017
    risk 0.64cvss 9.8epss 0.03

    Zimbra Collaboration Suite (ZCS) before 8.7.4 allows remote attackers to conduct XML External Entity (XXE) attacks.

  • CVE-2016-6807CriMar 28, 2017
    risk 0.64cvss 9.8epss 0.02

    Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. Such operations are invoked by the Ambari Agent process on Ambari Agent hosts, as the user…

  • CVE-2016-8749CriMar 28, 2017
    risk 0.58cvss 9.8epss 0.11

    Apache Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to Remote Code Execution attacks.

  • CVE-2014-6440CriMar 28, 2017
    risk 0.64cvss 9.8epss 0.05

    VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service.

  • CVE-2016-10152CriMar 28, 2017
    risk 0.57cvss 9.8epss 0.07

    The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache.

  • CVE-2016-9470CriMar 28, 2017
    risk 0.59cvss 9.0epss 0.02

    Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected File Download. `www/delivery/asyncspc.php` was vulnerable to the fairly new Reflected File Download (RFD) web attack vector that enables attackers to gain complete control over a victim's machine by virtually…

  • CVE-2016-9125CriMar 28, 2017
    risk 0.64cvss 9.8epss 0.03

    Revive Adserver before 3.2.3 suffers from session fixation, by allowing arbitrary session identifiers to be forced and, at the same time, by not invalidating the existing session upon a successful authentication. Under some circumstances, that could have been an opportunity for…

  • CVE-2016-9124CriMar 28, 2017
    risk 0.64cvss 9.8epss 0.02

    Revive Adserver before 3.2.3 suffers from Improper Restriction of Excessive Authentication Attempts. The login page of Revive Adserver is vulnerable to password-guessing attacks. An account lockdown feature was considered, but rejected to avoid introducing service disruptions to…

  • CVE-2016-9121CriMar 28, 2017
    risk 0.52cvss 9.1epss 0.01

    go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. When deriving a shared key using ECDH-ES for an encrypted message, go-jose neglected to check that the received public key on a message is on the same curve as the static private key of the…

  • CVE-2017-7191CriMar 27, 2017
    risk 0.64cvss 9.8epss 0.03

    The netjoin processing in Irssi 1.x before 1.0.2 allows attackers to cause a denial of service (use-after-free) and possibly execute arbitrary code via unspecified vectors.

  • CVE-2017-6542CriMar 27, 2017
    risk 0.68cvss 9.8epss 0.22

    The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which…

  • CVE-2017-7269CriKEVMar 27, 2017
    risk 0.80cvss 9.8epss 1.00

    Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as…

  • CVE-2017-6013CriMar 27, 2017
    risk 0.64cvss 9.8epss 0.02

    Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the query parameter.

  • CVE-2017-2641CriMar 26, 2017
    risk 0.68cvss 9.8epss 0.15

    In Moodle 2.x and 3.x, SQL injection can occur via user preferences.

  • CVE-2017-5511CriMar 24, 2017
    risk 0.64cvss 9.8epss 0.05

    coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.

  • CVE-2017-5337CriMar 24, 2017
    risk 0.64cvss 9.8epss 0.06

    Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.

  • CVE-2017-5336CriMar 24, 2017
    risk 0.64cvss 9.8epss 0.07

    Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.

  • CVE-2017-5334CriMar 24, 2017
    risk 0.66cvss 9.8epss 0.33

    Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension.

  • CVE-2016-6206CriMar 24, 2017
    risk 0.64cvss 9.8epss 0.04

    Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet.

  • CVE-2016-10145CriMar 24, 2017
    risk 0.57cvss 9.8epss 0.05

    Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.

  • CVE-2016-10144CriMar 24, 2017
    risk 0.57cvss 9.8epss 0.05

    coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.

  • CVE-2016-10133CriMar 24, 2017
    risk 0.64cvss 9.8epss 0.02

    Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artifex Software, Inc. MuJS allows attackers to have unspecified impact by leveraging an error when dropping extra arguments to lightweight functions.

  • CVE-2016-10128CriMar 24, 2017
    risk 0.57cvss 9.8epss 0.04

    Buffer overflow in the git_pkt_parse_line function in transports/smart_pkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet.

  • CVE-2015-8556CriMar 24, 2017
    risk 0.69cvss 10.0epss 0.13

    Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.

  • CVE-2017-6950CriMar 23, 2017
    risk 0.64cvss 9.8epss 0.04

    SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions and execute arbitrary code via a crafted ABAP code, aka SAP Security Note 2407616.

  • CVE-2017-6895CriMar 23, 2017
    risk 0.64cvss 9.8epss 0.03

    USB Pratirodh allows remote attackers to conduct XML External Entity (XXE) attacks via XML data in usb.xml.

  • CVE-2017-6517CriMar 23, 2017
    risk 0.67cvss 9.8epss 0.46

    Microsoft Skype 7.16.0.102 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded by Skype. It allows an attacker to load a .dll of the…

  • CVE-2015-8626CriMar 23, 2017
    risk 0.64cvss 9.8epss 0.02

    The User::randomPassword function in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 generates passwords smaller than $wgMinimalPasswordLength, which makes it easier for remote attackers to obtain access via a brute-force attack.

  • CVE-2015-5729CriMar 23, 2017
    risk 0.64cvss 9.8epss 0.05

    The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and Xpress M288OFW printers generate weak WPA2 PSK keys, which makes it easier for remote attackers to obtain sensitive information or bypass authentication via a brute-force attack.

  • CVE-2015-4166CriMar 23, 2017
    risk 0.64cvss 9.8epss 0.01

    Cloudera Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow attackers to have unspecified impact via vectors related to loss of an encryption key.

  • CVE-2015-0855CriMar 23, 2017
    risk 0.64cvss 9.8epss 0.03

    The _mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path.

  • CVE-2014-8731CriMar 23, 2017
    risk 0.65cvss 9.8epss 0.12

    PHPMemcachedAdmin 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via vectors related "serialized data and the last part of the concatenated filename," which creates a file in webroot.

  • CVE-2014-7279CriMar 23, 2017
    risk 0.68cvss 9.8epss 0.12

    The Konke Smart Plug K does not require authentication for TELNET sessions, which allows remote attackers to obtain "equipment management authority" via TCP traffic to port 23.

  • CVE-2017-6361CriMar 23, 2017
    risk 0.71cvss 9.8epss 0.57

    QNAP QTS before 4.2.4 Build 20170313 allows attackers to execute arbitrary commands via unspecified vectors.

  • CVE-2017-6360CriMar 23, 2017
    risk 0.72cvss 9.8epss 0.66

    QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and obtain sensitive information via unspecified vectors.

  • CVE-2017-6359CriMar 23, 2017
    risk 0.69cvss 9.8epss 0.27

    QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and execute arbitrary commands via unspecified vectors.

  • CVE-2017-5897CriMar 23, 2017
    risk 0.64cvss 9.8epss 0.05

    The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.

  • CVE-2017-5538CriMar 23, 2017
    risk 0.64cvss 9.8epss 0.03

    The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors, which trigger an out-of-bounds read, aka…

  • CVE-2017-5206CriMar 23, 2017
    risk 0.59cvss 9.0epss 0.02

    Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument.

  • CVE-2016-5757CriMar 23, 2017
    risk 0.64cvss 9.8epss 0.02

    iManager Admin Console in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to iFrame manipulation attacks, which could allow remote users to gain access to authentication credentials.

  • CVE-2017-6972CriMar 22, 2017
    risk 0.68cvss 9.8epss 0.15

    AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971.

  • CVE-2017-3853CriMar 22, 2017
    risk 0.64cvss 9.8epss 0.09

    A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow remote code execution with root privileges in the virtual instance running on an…

  • CVE-2017-7230CriMar 22, 2017
    risk 0.68cvss 9.8epss 0.14

    A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and earlier allows remote attackers to execute arbitrary code via a GET request.

  • CVE-2017-7226CriMar 22, 2017
    risk 0.59cvss 9.1epss 0.02

    The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several…