VYPR

CVEs

31,782 total · page 364 of 636

  • CVE-2021-23543CriJan 10, 2022
    risk 0.64cvss 9.8epss 0.02

    All versions of package realms-shim are vulnerable to Sandbox Bypass via a Prototype Pollution attack vector.

  • CVE-2021-46067CriJan 6, 2022
    risk 0.64cvss 9.8epss 0.05

    In Vehicle Service Management System 1.0 an attacker can steal the cookies leading to Full Account Takeover.

  • CVE-2021-45456CriJan 6, 2022
    risk 0.00cvss 9.8epss 0.89

    Apache kylin checks the legitimacy of the project before executing some commands with the project name passed in by the user. There is a mismatch between what is being checked and what is being used as the shell command argument in DiagnosisService. This may cause an illegal…

  • CVE-2021-31522CriJan 6, 2022
    risk 0.00cvss 9.8epss 0.03

    Kylin can receive user input and load any class through Class.forName(...). This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and prior versions; Apache Kylin 4 version 4.0.0 and prior versions.

  • CVE-2022-22704CriJan 6, 2022
    risk 0.64cvss 9.8epss 0.01

    The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to root because the design incorrectly expected that systemd would (in effect) determine part of the configuration.

  • CVE-2021-41842CriJan 6, 2022
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in AtaLegacySmm in the kernel 5.0 before 05.08.46, 5.1 before 05.16.46, 5.2 before 05.26.46, 5.3 before 05.35.46, 5.4 before 05.43.46, and 5.5 before 05.51.45 in Insyde InsydeH2O. Code execution can occur because the SMI handler lacks a CommBuffer check.

  • CVE-2021-43779CriJan 5, 2022
    risk 0.01cvss 9.9epss 0.09

    GLPI is an open source IT Asset Management, issue tracking system and service desk system. The GLPI addressing plugin in versions < 2.9.1 suffers from authenticated Remote Code Execution vulnerability, allowing access to the server's underlying operating system using command…

  • CVE-2022-21644CriJan 4, 2022
    risk 0.00cvss 9.1epss 0.01

    USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via usersearch.php. In search terms provided by the user were not sanitized and were used directly to construct a sql statement. The only users permitted to search are site…

  • CVE-2022-21643CriJan 4, 2022
    risk 0.00cvss 10.0epss 0.01

    USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via register.php. In particular usernames, email addresses, and passwords provided by the user were not sanitized and were used directly to construct a sql statement. Users…

  • CVE-2021-43832CriJan 4, 2022
    risk 0.65cvss 10.0epss 0.03

    Spinnaker is an open source, multi-cloud continuous delivery platform. Spinnaker has improper permissions allowing pipeline creation & execution. This lets an arbitrary user with access to the gate endpoint to create a pipeline and execute it without authentication. If users…

  • CVE-2021-24042CriJan 4, 2022
    risk 0.64cvss 9.8epss 0.01

    The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS prior to v2.21.230, WhatsApp Business for iOS prior to v2.21.230, WhatsApp for KaiOS prior to v2.2143, WhatsApp Desktop prior to v2.2146 could have…

  • CVE-2022-0086CriJan 4, 2022
    risk 0.57cvss 9.8epss 0.01

    uppy is vulnerable to Server-Side Request Forgery (SSRF)

  • CVE-2021-45389CriJan 4, 2022
    risk 0.64cvss 9.8epss 0.01

    A flaw was found with the JWT token. A self-signed JWT token could be injected into the update manager and bypass the authentication process, thus could escalate privileges. This affects StarWind SAN and NAS build 1578 and StarWind Command Center build 6864.

  • CVE-2021-43711CriJan 4, 2022
    risk 0.67cvss 9.8epss 0.38

    The downloadFlile.cgi binary file in TOTOLINK EX200 V4.0.3c.7646_B20201211 has a command injection vulnerability when receiving GET parameters. The parameter name can be constructed for unauthenticated command execution.

  • CVE-2021-40525CriJan 4, 2022
    risk 0.59cvss 9.1epss 0.04

    Apache James ManagedSieve implementation alongside with the file storage for sieve scripts is vulnerable to path traversal, allowing reading and writing any file. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade. Distributed and…

  • CVE-2021-39990CriJan 3, 2022
    risk 0.64cvss 9.8epss 0.01

    The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience.

  • CVE-2021-39982CriJan 3, 2022
    risk 0.59cvss 9.1epss 0.01

    Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications.

  • CVE-2021-39979CriJan 3, 2022
    risk 0.64cvss 9.8epss 0.01

    HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may affect HHEE system integrity.

  • CVE-2021-37128CriJan 3, 2022
    risk 0.64cvss 9.8epss 0.01

    HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability may write any file.

  • CVE-2021-37121CriJan 3, 2022
    risk 0.64cvss 9.8epss 0.01

    There is a Configuration defects in Smartphone.Successful exploitation of this vulnerability may elevate the MEID (IMEI) permission.

  • CVE-2021-37120CriJan 3, 2022
    risk 0.64cvss 9.8epss 0.01

    There is a Double free vulnerability in Smartphone.Successful exploitation of this vulnerability may cause a kernel crash or privilege escalation.

  • CVE-2021-37116CriJan 3, 2022
    risk 0.59cvss 9.1epss 0.01

    PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed.

  • CVE-2021-45428CriJan 3, 2022
    risk 0.71cvss 9.8epss 0.57

    TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats.

  • CVE-2021-30351CriJan 3, 2022
    risk 0.64cvss 9.8epss 0.04

    An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &…

  • CVE-2021-30276CriJan 3, 2022
    risk 0.60cvss 9.3epss 0.00

    Improper access control while doing XPU re-configuration dynamically can lead to unauthorized access to a secure resource in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wired Infrastructure and Networking

  • CVE-2021-30275CriJan 3, 2022
    risk 0.60cvss 9.3epss 0.00

    Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired…

  • CVE-2021-25981CriJan 3, 2022
    risk 0.00cvss 9.8epss 0.02

    In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. This may allow an attacker to reuse the admin’s still-valid session token even when logged-out, to gain admin…

  • CVE-2022-0080CriJan 2, 2022
    risk 0.00cvss 9.8epss 0.01

    mruby is vulnerable to Heap-based Buffer Overflow

  • CVE-2021-45957CriJan 1, 2022
    risk 0.64cvss 9.8epss 0.02

    Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (called from FuzzAnswerTheRequest and fuzz_rfc1035.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.

  • CVE-2021-45956CriJan 1, 2022
    risk 0.64cvss 9.8epss 0.03

    Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.

  • CVE-2021-45955CriJan 1, 2022
    risk 0.64cvss 9.8epss 0.03

    Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuzz_rfc1035.c) because of the lack of a proper bounds check upon pseudo header re-insertion. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not…

  • CVE-2021-45954CriJan 1, 2022
    risk 0.64cvss 9.8epss 0.03

    Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from answer_auth and FuzzAuth). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.

  • CVE-2021-45953CriJan 1, 2022
    risk 0.64cvss 9.8epss 0.03

    Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_util.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.

  • CVE-2021-45952CriJan 1, 2022
    risk 0.64cvss 9.8epss 0.03

    Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called from dhcp_packet and FuzzDhcp). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.

  • CVE-2021-45951CriJan 1, 2022
    risk 0.64cvss 9.8epss 0.03

    Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (called from check_for_bogus_wildcard and FuzzCheckForBogusWildcard). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.

  • CVE-2021-20158CriDec 30, 2021
    risk 0.65cvss 9.8epss 0.11

    Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. It is possible for an unauthenticated, malicous actor to force the change of the admin password due to a hidden administrative command.

  • CVE-2021-20155CriDec 30, 2021
    risk 0.64cvss 9.8epss 0.02

    Trendnet AC2600 TEW-827DRU version 2.08B01 makes use of hardcoded credentials. It is possible to backup and restore device configurations via the management web interface. These devices are encrypted using a hardcoded password of "12345678".

  • CVE-2021-20151CriDec 30, 2021
    risk 0.65cvss 10.0epss 0.02

    Trendnet AC2600 TEW-827DRU version 2.08B01 contains a flaw in the session management for the device. The router's management software manages web sessions based on IP address rather than verifying client cookies/session tokens/etc. This allows an attacker (whether from a…

  • CVE-2021-20149CriDec 30, 2021
    risk 0.64cvss 9.8epss 0.01

    Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient access controls for the WAN interface. The default iptables ruleset for governing access to services on the device only apply to IPv4. All services running on the devices are accessible via the WAN interface via…

  • CVE-2021-45427CriDec 30, 2021
    risk 0.65cvss 9.8epss 0.19

    Emerson XWEB 300D EVO 3.0.7--3ee403 is affected by: unauthenticated arbitrary file deletion due to path traversal. An attacker can browse and delete files without any authentication due to incorrect access control and directory traversal.

  • CVE-2020-7883CriDec 28, 2021
    risk 0.64cvss 9.8epss 0.01

    Printchaser v2.2021.804.1 and earlier versions contain a vulnerability, which could allow remote attacker to download and execute remote file by setting the argument, variable in the activeX module. This can be leveraged for code execution.

  • CVE-2020-7878CriDec 28, 2021
    risk 0.64cvss 9.8epss 0.01

    An arbitrary file download and execution vulnerability was found in the VideoOffice X2.9 and earlier versions (CVE-2020-7878). This issue is due to missing support for integrity check.

  • CVE-2020-22057CriDec 28, 2021
    risk 0.59cvss 9.1epss 0.01

    The WinRin0x64.sys and WinRing0.sys low-level drivers in EVGA Precision XOC version v6.2.7 were discovered to be configured with the default security descriptor which allows attackers to access sensitive components and data.

  • CVE-2021-45814CriDec 28, 2021
    risk 0.67cvss 9.8epss 0.06

    Nettmp NNT 5.1 is affected by a SQL injection vulnerability. An attacker can bypass authentication and access the panel with an administrative account.

  • CVE-2021-37401CriDec 28, 2021
    risk 0.64cvss 9.8epss 0.01

    An attacker may obtain the user credentials from file servers, backup repositories, or ZLD files saved in SD cards. As a result, the PLC user program may be uploaded, altered, and/or downloaded.

  • CVE-2021-37400CriDec 28, 2021
    risk 0.64cvss 9.8epss 0.01

    An attacker may obtain the user credentials from the communication between the PLC and the software. As a result, the PLC user program may be uploaded, altered, and/or downloaded.

  • CVE-2019-20082CriDec 28, 2021
    risk 0.64cvss 9.8epss 0.02

    ASUS RT-N53 3.0.0.4.376.3754 devices have a buffer overflow via a long lan_dns1_x or lan_dns2_x parameter to Advanced_LAN_Content.asp.

  • CVE-2020-21238CriDec 27, 2021
    risk 0.64cvss 9.8epss 0.01

    An issue in the user login box of CSCMS v4.0 allows attackers to hijack user accounts via brute force attacks.

  • CVE-2020-21237CriDec 27, 2021
    risk 0.64cvss 9.8epss 0.01

    An issue in the user login box of LJCMS v1.11 allows attackers to hijack user accounts via brute force attacks.

  • CVE-2020-20944CriDec 27, 2021
    risk 0.59cvss 9.1epss 0.02

    An issue in /admin/index.php?lfj=mysql&action=del of Qibosoft v7 allows attackers to arbitrarily delete files.