VYPR

CVEs

11,223 total · page 196 of 225

  • CVE-2017-6548CriMar 9, 2017
    risk 0.68cvss 9.8epss 0.21

    Buffer overflows in networkmap on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B1, RT-AC3200, RT-AC53U, RT-AC1750, RT-AC1900P, RT-N300, and RT-AC750 routers with…

  • CVE-2017-5178CriMar 8, 2017
    risk 0.65cvss 9.8epss 0.14

    An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with…

  • CVE-2016-9087CriMar 7, 2017
    risk 0.64cvss 9.8epss 0.02

    SQL injection vulnerability in framework/modules/filedownloads/controllers/filedownloadController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the fileid parameter.

  • CVE-2016-9020CriMar 7, 2017
    risk 0.64cvss 9.8epss 0.03

    SQL injection vulnerability in framework/modules/help/controllers/helpController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter.

  • CVE-2016-9019CriMar 7, 2017
    risk 0.64cvss 9.8epss 0.03

    SQL injection vulnerability in the activate_address function in framework/modules/addressbook/controllers/addressController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the is_what parameter.

  • CVE-2016-8863CriMar 7, 2017
    risk 0.64cvss 9.8epss 0.08

    Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a valid URI followed by an invalid one in the…

  • CVE-2016-7789CriMar 7, 2017
    risk 0.64cvss 9.8epss 0.03

    SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the apikey parameter.

  • CVE-2016-7788CriMar 7, 2017
    risk 0.64cvss 9.8epss 0.03

    SQL injection vulnerability in framework/modules/users/models/user.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.

  • CVE-2016-7784CriMar 7, 2017
    risk 0.64cvss 9.8epss 0.03

    SQL injection vulnerability in the getSection function in framework/core/subsystems/expRouter.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the section parameter.

  • CVE-2016-7783CriMar 7, 2017
    risk 0.64cvss 9.8epss 0.03

    SQL injection vulnerability in framework/core/models/expRecord.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.

  • CVE-2016-7782CriMar 7, 2017
    risk 0.64cvss 9.8epss 0.03

    SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the src parameter.

  • CVE-2016-7781CriMar 7, 2017
    risk 0.64cvss 9.8epss 0.03

    SQL injection vulnerability in framework/modules/blog/controllers/blogController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the author parameter.

  • CVE-2016-7780CriMar 7, 2017
    risk 0.64cvss 9.8epss 0.03

    SQL injection vulnerability in cron/find_help.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter.

  • CVE-2017-3159CriMar 7, 2017
    risk 0.57cvss 9.8epss 0.06

    Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws.

  • CVE-2016-7145CriMar 7, 2017
    risk 0.64cvss 9.8epss 0.01

    The m_authenticate function in ircd/m_authenticate.c in nefarious2 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter.

  • CVE-2017-6416CriMar 6, 2017
    risk 0.68cvss 9.8epss 0.11

    An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.

  • CVE-2016-7407CriMar 3, 2017
    risk 0.64cvss 9.8epss 0.06

    The dropbearconvert command in Dropbear SSH before 2016.74 allows attackers to execute arbitrary code via a crafted OpenSSH key file.

  • CVE-2016-7406CriMar 3, 2017
    risk 0.65cvss 9.8epss 0.10

    Format string vulnerability in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via format string specifiers in the (1) username or (2) host argument.

  • CVE-2017-5830CriMar 3, 2017
    risk 0.64cvss 9.8epss 0.03

    Revive Adserver before 4.0.1 allows remote attackers to execute arbitrary code via serialized data in the cookies related to the delivery scripts.

  • CVE-2016-10204CriMar 3, 2017
    risk 0.64cvss 9.8epss 0.02

    SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php.

  • CVE-2016-10194CriMar 3, 2017
    risk 0.64cvss 9.8epss 0.03

    The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the (1) to_speech or (2) to_mp3 method in lib/festivaltts4r/festival4r.rb.

  • CVE-2016-10193CriMar 3, 2017
    risk 0.57cvss 9.8epss 0.02

    The espeak-ruby gem before 1.0.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the speak, save, bytes or bytes_wav method in lib/espeak/speech.rb.

  • CVE-2016-10127CriMar 3, 2017
    risk 0.52cvss 9.0epss 0.02

    PySAML2 allows remote attackers to conduct XML external entity (XXE) attacks via a crafted SAML XML request or response.

  • CVE-2017-6409CriMar 2, 2017
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Unauthenticated CORBA interfaces permit inappropriate access.

  • CVE-2017-6403CriMar 2, 2017
    risk 0.66cvss 9.8epss 0.27

    An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0. NetBackup Cloud Storage Service uses a hardcoded username and password.

  • CVE-2016-8233CriMar 1, 2017
    risk 0.64cvss 9.8epss 0.01

    Log files generated by Lenovo XClarity Administrator (LXCA) versions earlier than 1.2.2 may contain user credentials in a non-secure, clear text form that could be viewed by a non-privileged user.

  • CVE-2017-5885CriFeb 28, 2017
    risk 0.64cvss 9.8epss 0.05

    Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving SetColorMapEntries, which triggers a…

  • CVE-2017-5581CriFeb 28, 2017
    risk 0.64cvss 9.8epss 0.04

    Buffer overflow in the ModifiablePixelBuffer::fillRect function in TigerVNC before 1.7.1 allows remote servers to execute arbitrary code via an RRE message with subrectangle outside framebuffer boundaries.

  • CVE-2016-9558CriFeb 28, 2017
    risk 0.64cvss 9.8epss 0.05

    (1) libdwarf/dwarf_leb.c and (2) dwarfdump/print_frames.c in libdwarf before 20161124 allow remote attackers to have unspecified impact via a crafted bit pattern in a signed leb number, aka a "negation overflow."

  • CVE-2017-6350CriFeb 27, 2017
    risk 0.64cvss 9.8epss 0.03

    An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.

  • CVE-2017-6349CriFeb 27, 2017
    risk 0.64cvss 9.8epss 0.03

    An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.

  • CVE-2017-6342CriFeb 27, 2017
    risk 0.65cvss 9.8epss 0.13

    An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19. When SmartPSS Software is launched, while on the login screen, the software in the…

  • CVE-2017-5946CriFeb 27, 2017
    risk 0.57cvss 9.8epss 0.03

    The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker can upload a malicious file that uses "../" pathname substrings to write arbitrary files to the filesystem.

  • CVE-2017-6205CriFeb 23, 2017
    risk 0.64cvss 9.8epss 0.02

    D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, DGS-1510-28P, DGS-1510-28, and DGS-1510-20 Websmart devices with firmware before 1.31.B003 allow attackers to conduct Unauthenticated Command Bypass attacks via unspecified vectors.

  • CVE-2017-6187CriFeb 22, 2017
    risk 0.69cvss 9.8epss 0.33

    Buffer overflow in the built-in web server in DiskSavvy Enterprise 9.4.18 allows remote attackers to execute arbitrary code via a long URI in a GET request.

  • CVE-2017-6077CriKEVFeb 22, 2017
    risk 0.84cvss 9.8epss 0.68

    ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping_IPAddr field of an HTTP POST request.

  • CVE-2016-1245CriFeb 22, 2017
    risk 0.57cvss 9.8epss 0.04

    It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSIZ to be compatible with a message size; however, BUFSIZ is system-dependent.

  • CVE-2017-5586CriFeb 22, 2017
    risk 0.69cvss 9.8epss 0.23

    OpenText Documentum D2 (formerly EMC Documentum D2) 4.x allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the BeanShell (bsh) and Apache Commons Collections (ACC) libraries.

  • CVE-2016-9400CriFeb 22, 2017
    risk 0.64cvss 9.8epss 0.04

    The CClient::ProcessServerPacket method in engine/client/client.cpp in Teeworlds before 0.6.4 allows remote servers to write to arbitrary physical memory locations and possibly execute arbitrary code via vectors involving snap handling.

  • CVE-2016-9684CriFeb 22, 2017
    risk 0.67cvss 9.8epss 0.07

    The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'viewcert' CGI (/cgi-bin/viewcert) component responsible for processing SSL…

  • CVE-2016-9683CriFeb 22, 2017
    risk 0.68cvss 9.8epss 0.12

    The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'extensionsettings' CGI (/cgi-bin/extensionsettings) component responsible for…

  • CVE-2016-9682CriFeb 22, 2017
    risk 0.69cvss 9.8epss 0.23

    The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI (/cgi-bin/diagnostics) component responsible for emailing out…

  • CVE-2017-2684CriFeb 22, 2017
    risk 0.59cvss 9.0epss 0.02

    Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication.

  • CVE-2016-9053CriFeb 21, 2017
    risk 0.64cvss 9.8epss 0.07

    An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server to fetch a function table outside the bounds of an array resulting in remote code…

  • CVE-2016-9051CriFeb 21, 2017
    risk 0.64cvss 9.8epss 0.07

    An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution.…

  • CVE-2017-6095CriFeb 21, 2017
    risk 0.67cvss 9.8epss 0.06

    A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php (Unauthenticated) with the GET Parameter: list_id.

  • CVE-2017-6070CriFeb 21, 2017
    risk 0.64cvss 9.8epss 0.02

    CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to execute PHP code via the cntnt01fbrp_forma_form_template parameter in admin_store_form.

  • CVE-2017-5959CriFeb 21, 2017
    risk 0.64cvss 9.8epss 0.01

    CSRF token bypass in GeniXCMS before 1.0.2 could result in escalation of privileges. The forgotpassword.php page can be used to acquire a token.

  • CVE-2016-9269CriFeb 21, 2017
    risk 0.68cvss 9.9epss 0.13

    Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated, remote users with least privileges to run arbitrary commands on the system as…

  • CVE-2016-7663CriFeb 20, 2017
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "CoreFoundation" component. It allows remote attackers to execute arbitrary code or cause a denial of…