VYPR

CVEs

31,782 total · page 376 of 636

  • CVE-2021-20837CriOct 26, 2021
    risk 0.74cvss 9.8epss 0.88

    Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Type 6.8.2 and earlier (Movable Type 6 Series), Movable Type Advanced 7 r.5002 and earlier (Movable Type Advanced 7 Series), Movable Type Advanced 6.8.2 and earlier (Movable Type Advanced 6 Series), Movable Type…

  • CVE-2021-41035CriOct 25, 2021
    risk 0.00cvss 9.8epss 0.02

    In Eclipse Openj9 before version 0.29.0, the JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods.

  • CVE-2021-24884CriOct 25, 2021
    risk 0.00cvss 9.6epss 0.03

    The Formidable Form Builder WordPress plugin before 4.09.05 allows to inject certain HTML Tags like ,,, and.This could allow an unauthenticated, remote attacker to exploit a HTML-injection byinjecting a malicous link. The HTML-injection may trick…

  • CVE-2021-40865CriOct 25, 2021
    risk 0.69cvss 9.8epss 0.66

    An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to version 2.1.1.…

  • CVE-2021-38294CriOct 25, 2021
    risk 0.73cvss 9.8epss 0.84

    A Command Injection vulnerability exists in the getTopologyHistory service of the Apache Storm 2.x prior to 2.2.1 and Apache Storm 1.x prior to 1.2.4. A specially crafted thrift request to the Nimbus server allows Remote Code Execution (RCE) prior to authentication.

  • CVE-2021-40371CriOct 25, 2021
    risk 0.64cvss 9.8epss 0.07

    Gridpro Request Management for Windows Azure Pack before 2.0.7912 allows Directory Traversal for remote code execution, as demonstrated by ..\\ in a scriptName JSON value to ServiceManagerTenant/GetVisibilityMap.

  • CVE-2021-42258CriKEVOct 22, 2021
    risk 0.91cvss 9.8epss 0.73

    BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution, as exploited in the wild in October 2021 for ransomware installation. SQL injection can, for example, use the txtID (aka username) parameter. Successful…

  • CVE-2020-28960CriOct 22, 2021
    risk 0.64cvss 9.8epss 0.02

    Chichen Tech CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the file product_list.php via the id and cid parameters.

  • CVE-2020-23037CriOct 22, 2021
    risk 0.64cvss 9.8epss 0.01

    Portable Ltd Playable v9.18 contains a code injection vulnerability in the filename parameter, which allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.

  • CVE-2021-42169CriOct 22, 2021
    risk 0.64cvss 9.8epss 0.03

    The Simple Payroll System with Dynamic Tax Bracket in PHP using SQLite Free Source Code (by: oretnom23 ) is vulnerable from remote SQL-Injection-Bypass-Authentication for the admin account. The parameter (username) from the login form is not protected correctly and there is no…

  • CVE-2021-41745CriOct 22, 2021
    risk 0.57cvss 9.8epss 0.01

    ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers can use the vulnerability to obtain server permissions.

  • CVE-2021-41744CriOct 22, 2021
    risk 0.64cvss 9.8epss 0.02

    All versions of yongyou PLM are affected by a command injection issue. UFIDA PLM (Product Life Cycle Management) is a strategic management method. It applies a series of enterprise application systems to support the entire process from conceptual design to the end of product…

  • CVE-2021-38477CriOct 22, 2021
    risk 0.64cvss 9.8epss 0.01

    There are multiple API function codes that permit reading and writing data to or from files and directories, which could lead to the manipulation and/or the deletion of files.

  • CVE-2021-38471CriOct 22, 2021
    risk 0.59cvss 9.1epss 0.01

    There are multiple API function codes that permit data writing to any file, which may allow an attacker to modify existing files or create new files.

  • CVE-2021-38469CriOct 22, 2021
    risk 0.59cvss 9.1epss 0.01

    Many of the services used by the affected product do not specify full paths for the DLLs they are loading. An attacker can exploit the uncontrolled search path by implanting their own DLL near the affected product’s binaries, thus hijacking the loaded DLL.

  • CVE-2021-38457CriOct 22, 2021
    risk 0.64cvss 9.8epss 0.01

    The server permits communication without any authentication procedure, allowing the attacker to initiate a session with the server without providing any form of authentication.

  • CVE-2021-38453CriOct 22, 2021
    risk 0.59cvss 9.1epss 0.01

    Some API functions allow interaction with the registry, which includes reading values as well as data modification.

  • CVE-2021-38449CriOct 22, 2021
    risk 0.64cvss 9.8epss 0.01

    Some API functions permit by-design writing or copying data into a given buffer. Since the client controls these parameters, an attacker could rewrite the memory in any location of the affected product.

  • CVE-2021-36357CriOct 22, 2021
    risk 0.00cvss 9.8epss 0.01

    An issue was discovered in OpenPOWER 2.6 firmware. unpack_timestamp() calls le32_to_cpu() for endian conversion of a uint16_t "year" value, resulting in a type mismatch that can truncate a higher integer value to a smaller one, and bypass a timestamp check. The fix is to use the…

  • CVE-2021-40719CriOct 21, 2021
    risk 0.64cvss 9.8epss 0.03

    Adobe Connect version 11.2.3 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary method invocation when AMF messages are deserialized on an Adobe Connect server. An attacker can leverage this to execute remote code execution on the…

  • CVE-2020-27304CriOct 21, 2021
    risk 0.64cvss 9.8epss 0.03

    The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mg_handle_form_request API. Web applications that use the file upload form handler, and use parts of the…

  • CVE-2021-42740CriOct 21, 2021
    risk 0.57cvss 9.8epss 0.04

    The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command…

  • CVE-2021-41163CriOct 20, 2021
    risk 0.02cvss 10.0epss 0.20

    Discourse is an open source platform for community discussion. In affected versions maliciously crafted requests could lead to remote code execution. This resulted from a lack of validation in subscribe_url values. This issue is patched in the latest stable, beta and…

  • CVE-2021-42766CriOct 20, 2021
    risk 0.59cvss 9.1epss 0.01

    The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to cause a denial of service (long-range consensus chain reorganizations), even when this adversary has little stake and cannot influence network message propagation. This can cause a…

  • CVE-2021-42764CriOct 20, 2021
    risk 0.59cvss 9.1epss 0.01

    The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to cause a denial of service (delayed consensus decisions), and also increase the profits of individual validators, via short-range reorganizations of the underlying consensus chain.

  • CVE-2021-21749CriOct 20, 2021
    risk 0.64cvss 9.8epss 0.02

    ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code.

  • CVE-2021-21748CriOct 20, 2021
    risk 0.64cvss 9.8epss 0.02

    ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code.

  • CVE-2021-35652CriOct 20, 2021
    risk 0.65cvss 10.0epss 0.02

    Vulnerability in the Essbase Administration Services product of Oracle Essbase (component: EAS Console). The supported versions that are affected are Prior to 11.1.2.4.046 and Prior to 21.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via…

  • CVE-2021-35617CriOct 20, 2021
    risk 0.64cvss 9.8epss 0.02

    Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Coherence Container). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with…

  • CVE-2021-31349CriOct 19, 2021
    risk 0.64cvss 9.8epss 0.02

    The usage of an internal HTTP header created an authentication bypass vulnerability (CWE-287), allowing an attacker to view internal files, change settings, manipulate services and execute arbitrary code. This issue affects all Juniper Networks 128 Technology Session Smart…

  • CVE-2020-12141CriOct 19, 2021
    risk 0.00cvss 9.1epss 0.02

    An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier allows an attacker to cause a denial of service and potentially disclose information via crafted SNMP packets to snmp_ber_decode_string_len_buffer in os/net/app-layer/snmp/snmp-ber.c.

  • CVE-2021-30820CriOct 19, 2021
    risk 0.64cvss 9.8epss 0.02

    A logic issue was addressed with improved state management. This issue is fixed in iOS 14.8 and iPadOS 14.8. A remote attacker may be able to cause arbitrary code execution.

  • CVE-2021-38484CriOct 19, 2021
    risk 0.59cvss 9.1epss 0.03

    InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 do not have a filter or signature check to detect or prevent an upload of malicious files to the server, which may allow an attacker, acting as an administrator, to upload malicious files. This could result in…

  • CVE-2021-38480CriOct 19, 2021
    risk 0.62cvss 9.6epss 0.01

    InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to cross-site request forgery when unauthorized commands are submitted from a user the web application trusts. This may allow an attacker to remotely perform actions on the router’s management…

  • CVE-2021-38478CriOct 19, 2021
    risk 0.59cvss 9.1epss 0.01

    InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to an attacker using a traceroute tool to inject commands into the device. This may allow the attacker to remotely run commands on behalf of the device.

  • CVE-2021-38470CriOct 19, 2021
    risk 0.59cvss 9.1epss 0.01

    InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to an attacker using a ping tool to inject commands into the device. This may allow the attacker to remotely run commands on behalf of the device.

  • CVE-2021-38462CriOct 19, 2021
    risk 0.64cvss 9.8epss 0.01

    InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 does not enforce an efficient password policy. This may allow an attacker with obtained user credentials to enumerate passwords and impersonate other application users and perform operations on their behalf.

  • CVE-2021-23449CriOct 18, 2021
    risk 0.57cvss 9.8epss 0.03

    This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitrary code on the host machine.

  • CVE-2021-42576CriOct 18, 2021
    risk 0.57cvss 9.8epss 0.02

    The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python (in pybluemonday), does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements.

  • CVE-2021-42575CriOct 18, 2021
    risk 0.64cvss 9.8epss 0.03

    The OWASP Java HTML Sanitizer before 20211018.1 does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements.

  • CVE-2021-38389CriOct 18, 2021
    risk 0.65cvss 9.8epss 0.10

    Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code.

  • CVE-2021-33023CriOct 18, 2021
    risk 0.64cvss 9.8epss 0.02

    Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code.

  • CVE-2021-22961CriOct 18, 2021
    risk 0.64cvss 9.8epss 0.02

    A code injection vulnerability exists within the firewall software of GlassWire v2.1.167 that could lead to arbitrary code execution from a file in the user path on first execution.

  • CVE-2021-38297CriOct 18, 2021
    risk 0.65cvss 9.8epss 0.10

    Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.

  • CVE-2021-27561CriKEVOct 15, 2021
    risk 0.82cvss 9.8epss 0.83

    Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication.

  • CVE-2021-40997CriOct 15, 2021
    risk 0.64cvss 9.8epss 0.02

    A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has…

  • CVE-2021-40996CriOct 15, 2021
    risk 0.64cvss 9.8epss 0.02

    A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has…

  • CVE-2021-40720CriOct 15, 2021
    risk 0.64cvss 9.8epss 0.09

    Ops CLI version 2.0.4 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary code execution when the checkout_repo function is called on a maliciously crafted file. An attacker can leverage this to execute arbitrary code on the victim…

  • CVE-2021-38432CriOct 15, 2021
    risk 0.64cvss 9.8epss 0.02

    FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code.

  • CVE-2021-3881CriOct 15, 2021
    risk 0.00cvss 9.8epss 0.01

    libmobi is vulnerable to Out-of-bounds Read