VYPR

CVEs

11,223 total · page 199 of 225

  • CVE-2016-10043CriJan 31, 2017
    risk 0.69cvss 10.0epss 0.10

    An issue was discovered in Radisys MRF Web Panel (SWMS) 9.0.1. The MSM_MACRO_NAME POST parameter in /swms/ms.cgi was discovered to be vulnerable to OS command injection attacks. It is possible to use the pipe character (|) to inject arbitrary OS commands and retrieve the output…

  • CVE-2016-9132CriJan 30, 2017
    risk 0.64cvss 9.8epss 0.02

    In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which later causes memory…

  • CVE-2016-6604CriJan 30, 2017
    risk 0.64cvss 9.8epss 0.03

    NULL pointer dereference in Samsung Exynos fimg2d driver for Android L(5.0/5.1) and M(6.0) allows attackers to have unspecified impact via unknown vectors. The Samsung ID is SVE-2016-6382.

  • CVE-2016-6269CriJan 30, 2017
    risk 0.59cvss 9.1epss 0.04

    Multiple directory traversal vulnerabilities in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allow remote attackers to read and delete arbitrary files via the tmpfname parameter to (1)…

  • CVE-2017-5611CriJan 30, 2017
    risk 0.57cvss 9.8epss 0.10

    SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name.

  • CVE-2016-10182CriJan 30, 2017
    risk 0.64cvss 9.8epss 0.09

    An issue was discovered on the D-Link DWR-932B router. qmiweb allows command injection with ` characters.

  • CVE-2016-10178CriJan 30, 2017
    risk 0.64cvss 9.8epss 0.07

    An issue was discovered on the D-Link DWR-932B router. HELODBG on port 39889 (UDP) launches the "/sbin/telnetd -l /bin/sh" command.

  • CVE-2016-10177CriJan 30, 2017
    risk 0.64cvss 9.8epss 0.07

    An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services provide logins to admin with the password admin and root with the password 1234.

  • CVE-2016-10176CriJan 30, 2017
    risk 0.73cvss 9.8epss 0.77

    The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the apply.cgi URL on the web server of the device. This special URL is handled by the embedded web server (uhttpd) and processed accordingly. The web server also contains another URL,…

  • CVE-2016-10175CriJan 30, 2017
    risk 0.72cvss 9.8epss 0.65

    The NETGEAR WNR2000v5 router leaks its serial number when performing a request to the /BRS_netgear_success.html URI. This serial number allows a user to obtain the administrator username and password, when used in combination with the CVE-2016-10176 vulnerability that allows…

  • CVE-2016-10174CriKEVJan 30, 2017
    risk 0.85cvss 9.8epss 0.83

    The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This buffer overflow can be exploited by an unauthenticated attacker to achieve remote code execution.

  • CVE-2017-5486CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().

  • CVE-2017-5485CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().

  • CVE-2017-5484CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.06

    The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print().

  • CVE-2017-5483CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().

  • CVE-2017-5482CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.06

    The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575.

  • CVE-2017-5342CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.06

    In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print().

  • CVE-2017-5341CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.05

    The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().

  • CVE-2017-5205CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.04

    The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().

  • CVE-2017-5204CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.06

    The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().

  • CVE-2017-5203CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.04

    The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().

  • CVE-2017-5202CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.04

    The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().

  • CVE-2016-8575CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.06

    The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482.

  • CVE-2016-8574CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().

  • CVE-2016-7993CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).

  • CVE-2016-7992CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().

  • CVE-2016-7986CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions.

  • CVE-2016-7985CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print().

  • CVE-2016-7984CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().

  • CVE-2016-7983CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.04

    The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().

  • CVE-2016-7975CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print().

  • CVE-2016-7974CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.

  • CVE-2016-7973CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions.

  • CVE-2016-7940CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions.

  • CVE-2016-7939CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions.

  • CVE-2016-7938CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame().

  • CVE-2016-7937CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print().

  • CVE-2016-7936CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print().

  • CVE-2016-7935CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print().

  • CVE-2016-7934CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print().

  • CVE-2016-7933CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print().

  • CVE-2016-7932CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().

  • CVE-2016-7931CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().

  • CVE-2016-7930CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print().

  • CVE-2016-7929CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header().

  • CVE-2016-7928CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print().

  • CVE-2016-7927CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print().

  • CVE-2016-7926CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print().

  • CVE-2016-7925CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().

  • CVE-2016-7924CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print().