VYPR

CVEs

31,782 total · page 372 of 636

  • CVE-2021-44143CriNov 22, 2021
    risk 0.64cvss 9.8epss 0.04

    A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers (i.e., one that starts with an empty line) to provoke a heap overflow, which could conceivably be…

  • CVE-2021-23732CriNov 22, 2021
    risk 0.59cvss 9.0epss 0.02

    This affects all versions of package docker-cli-js. If the command parameter of the Docker.command method can at least be partially controlled by a user, they will be in a position to execute any arbitrary OS commands on the host system.

  • CVE-2021-3943CriNov 22, 2021
    risk 0.57cvss 9.8epss 0.02

    A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A remote code execution risk when restoring backup files was identified.

  • CVE-2021-44079CriNov 22, 2021
    risk 0.00cvss 9.8epss 0.03

    In the wazuh-slack active response script in Wazuh 4.2.x before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution.

  • CVE-2021-41280CriNov 19, 2021
    risk 0.00cvss 9.8epss 0.03

    Sharetribe Go is a source available marketplace software. In affected versions operating system command injection is possible on installations of Sharetribe Go, that do not have a secret AWS Simple Notification Service (SNS) notification token configured via the…

  • CVE-2021-40391CriNov 19, 2021
    risk 0.64cvss 9.8epss 0.03

    An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev (commit b5f1eacd), and the forked version of Gerbv (commit 71493260). A specially-crafted drill file can lead to code execution. An attacker can provide a…

  • CVE-2021-22028CriNov 19, 2021
    risk 0.59cvss 9.1epss 0.02

    In versions of Greenplum database prior to 5.28.6 and 6.14.0, greenplum database contains a file path traversal vulnerability leading to information disclosure from the file system. A malicious user can read/write information from the file system using this vulnerability.

  • CVE-2021-43409CriNov 19, 2021
    risk 0.61cvss 9.3epss 0.01

    The “WPO365 | LOGIN” WordPress plugin (up to and including version 15.3) by wpo365.com is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS). Persistent XSS vulnerabilities occur when the application stores and…

  • CVE-2021-37592CriNov 19, 2021
    risk 0.64cvss 9.8epss 0.02

    Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certain sequence of segments.

  • CVE-2021-41435CriNov 19, 2021
    risk 0.64cvss 9.8epss 0.06

    A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF…

  • CVE-2021-39233CriNov 19, 2021
    risk 0.59cvss 9.1epss 0.02

    In Apache Ozone versions prior to 1.2.0, Container related Datanode requests of Ozone Datanode were not properly authorized and can be called by any client.

  • CVE-2021-39231CriNov 19, 2021
    risk 0.59cvss 9.1epss 0.02

    In Apache Ozone versions prior to 1.2.0, Various internal server-to-server RPC endpoints are available for connections, making it possible for an attacker to download raw data from Datanode and Ozone manager and modify Ratis replication configuration.

  • CVE-2021-36372CriNov 19, 2021
    risk 0.64cvss 9.8epss 0.02

    In Apache Ozone versions prior to 1.2.0, Initially generated block tokens are persisted to the metadata database and can be retrieved with authenticated users with permission to the key. Authenticated users may use them even after access is revoked.

  • CVE-2021-42338CriNov 19, 2021
    risk 0.64cvss 9.8epss 0.06

    4MOSAn GCB Doctor’s login page has improper validation of Cookie, which allows an unauthenticated remote attacker to bypass authentication by code injection in cookie, and arbitrarily manipulate the system or interrupt services by upload and execution of arbitrary files.

  • CVE-2021-44026CriKEVNov 19, 2021
    risk 0.15cvss 9.8epss 0.43

    Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params.

  • CVE-2021-23155CriNov 18, 2021
    risk 0.59cvss 9.0epss 0.00

    Improper validation of the cloud certificate chain in Mobile Client allows man-in-the-middle attack to impersonate the legitimate Command Centre Server. This issue affects: Gallagher Command Centre Mobile Client for Android 8.60 versions prior to 8.60.065; version 8.50 and prior…

  • CVE-2021-27023CriNov 18, 2021
    risk 0.64cvss 9.8epss 0.01

    A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007

  • CVE-2021-43996CriNov 17, 2021
    risk 0.00cvss 9.8epss 0.02

    The Ignition component before 1.16.15, and 2.0.x before 2.0.6, for Laravel has a "fix variable names" feature that can lead to incorrect access control.

  • CVE-2021-41277CriKEVNov 17, 2021
    risk 0.20cvss 10.0epss 0.97

    Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map (`admin->settings->maps->custom maps->add a map`) support and potential local file inclusion (including environment variables). URLs were not…

  • CVE-2021-41275CriNov 17, 2021
    risk 0.53cvss 9.3epss 0.01

    spree_auth_devise is an open source library which provides authentication and authorization services for use with the Spree storefront framework by using an underlying Devise authentication framework. In affected versions spree_auth_devise is subject to a CSRF vulnerability that…

  • CVE-2021-41274CriNov 17, 2021
    risk 0.53cvss 9.3epss 0.01

    solidus_auth_devise provides authentication services for the Solidus webstore framework, using the Devise gem. In affected versions solidus_auth_devise is subject to a CSRF vulnerability that allows user account takeover. All applications using any version of the frontend…

  • CVE-2021-32234CriNov 17, 2021
    risk 0.64cvss 9.8epss 0.02

    SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution.

  • CVE-2021-41931CriNov 17, 2021
    risk 0.64cvss 9.8epss 0.01

    The Company's Recruitment Management System in id=2 of the parameter from view_vacancy app on-page appears to be vulnerable to SQL injection. The payloads 19424269' or '1309'='1309 and 39476597' or '2917'='2923 were each submitted in the id parameter. These two requests resulted…

  • CVE-2021-43048CriNov 16, 2021
    risk 0.64cvss 9.8epss 0.01

    The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain a vulnerability that theoretically allows an unauthenticated attacker with network access to execute a clickjacking attack on the affected system. A successful attack using…

  • CVE-2021-43047CriNov 16, 2021
    risk 0.59cvss 9.0epss 0.01

    The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain easily exploitable Stored and Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker to social engineer a legitimate user with network…

  • CVE-2021-43362CriNov 16, 2021
    risk 0.64cvss 9.9epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MedData HBYS allows SQL Injection.This issue affects HBYS: from unspecified before 1.1.

  • CVE-2021-43361CriNov 16, 2021
    risk 0.64cvss 9.9epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MedData HBYS allows SQL Injection.This issue affects HBYS: from unspecified before 1.1.

  • CVE-2021-3958CriNov 16, 2021
    risk 0.65cvss 9.8epss 0.14

    Improper Handling of Parameters vulnerability in Ipack Automation Systems Ipack SCADA Software allows : Blind SQL Injection.This issue affects Ipack SCADA Software: from unspecified before 1.1.0.

  • CVE-2021-42114CriNov 16, 2021
    risk 0.59cvss 9.0epss 0.03

    Modern DRAM devices (PC-DDR4, LPDDR4X) are affected by a vulnerability in their internal Target Row Refresh (TRR) mitigation against Rowhammer attacks. Novel non-uniform Rowhammer access patterns, consisting of aggressors with different frequencies, phases, and amplitudes allow…

  • CVE-2021-37580CriNov 16, 2021
    risk 0.60cvss 9.8epss 0.40

    A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. This issue affected Apache ShenYu 2.3.0 and 2.4.0

  • CVE-2021-42377CriNov 15, 2021
    risk 0.64cvss 9.8epss 0.03

    An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. This may be used for remote code execution under rare conditions of filtered…

  • CVE-2021-41269CriNov 15, 2021
    risk 0.58cvss 10.0epss 0.04

    cron-utils is a Java library to define, parse, validate, migrate crons as well as get human readable descriptions for them. In affected versions A template Injection was identified in cron-utils enabling attackers to inject arbitrary Java EL expressions, leading to…

  • CVE-2021-41244CriNov 15, 2021
    risk 0.59cvss 9.1epss 0.03

    Grafana is an open-source platform for monitoring and observability. In affected versions when the fine-grained access control beta feature is enabled and there is more than one organization in the Grafana instance admins are able to access users from other organizations.…

  • CVE-2021-42580CriNov 15, 2021
    risk 0.67cvss 9.8epss 0.10

    Sourcecodester Online Learning System 2.0 is vunlerable to sql injection authentication bypass in admin login file (/admin/login.php) and authenticated file upload in (Master.php) file , we can craft these two vunlerablities to get unauthenticated remote command execution.

  • CVE-2021-41950CriNov 15, 2021
    risk 0.65cvss 9.1epss 0.75

    A directory traversal issue in ResourceSpace 9.6 before 9.6 rev 18277 allows remote unauthenticated attackers to delete arbitrary files on the ResourceSpace server via the provider and variant parameters in pages/ajax/tiles.php. Attackers can delete configuration or source code…

  • CVE-2021-41765CriNov 15, 2021
    risk 0.69cvss 9.8epss 0.68

    A SQL injection issue in pages/edit_fields/9_ajax/add_keyword.php of ResourceSpace 9.5 and 9.6 < rev 18274 allows remote unauthenticated attackers to execute arbitrary SQL commands via the k parameter. This allows attackers to uncover the full contents of the ResourceSpace…

  • CVE-2021-43272CriNov 14, 2021
    risk 0.64cvss 9.8epss 0.04

    An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA Viewer sample before 2022.11. ODA Viewer continues to process invalid or malicious DWF files instead of stopping upon an exception. An attacker can leverage this vulnerability to…

  • CVE-2020-16152CriNov 14, 2021
    risk 0.70cvss 9.8epss 0.35

    The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS and IQ Engine through 10.0r8a allows attackers to execute PHP code as the root user via remote HTTP requests that insert this code into a log file and then traverse to that file.

  • CVE-2021-43617CriNov 14, 2021
    risk 0.68cvss 9.8epss 0.20

    Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which are handled as application/x-httpd-php on systems based on Debian. NOTE: this CVE…

  • CVE-2021-43616CriNov 13, 2021
    risk 0.00cvss 9.0epss 0.03

    The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. This behavior is inconsistent with the documentation, and makes it easier for attackers to install malware that was…

  • CVE-2021-41653CriNov 13, 2021
    risk 0.70cvss 9.8epss 0.76

    The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field.

  • CVE-2021-3918CriNov 13, 2021
    risk 0.57cvss 9.8epss 0.04

    json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

  • CVE-2021-39303CriNov 12, 2021
    risk 0.64cvss 9.8epss 0.02

    The server in Jamf Pro before 10.32.0 has an SSRF vulnerability, aka PI-006352. NOTE: Jamf Nation will also publish an article about this vulnerability.

  • CVE-2021-41264CriNov 12, 2021
    risk 0.57cvss 9.8epss 0.01

    OpenZeppelin Contracts is a library for smart contract development. In affected versions upgradeable contracts using `UUPSUpgradeable` may be vulnerable to an attack affecting uninitialized implementation contracts. A fix is included in version 4.3.2 of `@openzeppelin/contracts`…

  • CVE-2021-30321CriNov 12, 2021
    risk 0.64cvss 9.8epss 0.01

    Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity

  • CVE-2021-1975CriNov 12, 2021
    risk 0.64cvss 9.8epss 0.01

    Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

  • CVE-2021-1924CriNov 12, 2021
    risk 0.59cvss 9.0epss 0.00

    Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,…

  • CVE-2021-42775CriNov 12, 2021
    risk 0.59cvss 9.1epss 0.01

    Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a vulnerability in the remote firmware download feature that could allow a user to place or replace an arbitrary file on the…

  • CVE-2021-42774CriNov 12, 2021
    risk 0.64cvss 9.8epss 0.02

    Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote firmware download feature that could allow remote unauthenticated users to perform…

  • CVE-2021-43350CriNov 11, 2021
    risk 0.57cvss 9.8epss 0.04

    An unauthenticated Apache Traffic Control Traffic Ops user can send a request with a specially-crafted username to the POST /login endpoint of any API version to inject unsanitized content into the LDAP filter.