VYPR

CVEs

31,781 total · page 385 of 636

  • CVE-2021-3616CriAug 17, 2021
    risk 0.61cvss 9.4epss 0.01

    A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow an unauthorized user to view device information, alter firmware content and device configuration. This vulnerability is the same as CNVD-2020-68651.

  • CVE-2021-32829CriAug 17, 2021
    risk 0.63cvss 9.6epss 0.03

    ZStack is open source IaaS(infrastructure as a service) software aiming to automate datacenters, managing resources of compute, storage, and networking all by APIs. Affected versions of ZStack REST API are vulnerable to post-authentication Remote Code Execution (RCE) via bypass…

  • CVE-2021-22931CriAug 16, 2021
    risk 0.65cvss 9.8epss 0.22

    Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain…

  • CVE-2020-18705CriAug 16, 2021
    risk 0.64cvss 9.8epss 0.03

    XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the component 'quokka/core/content/views.py'.

  • CVE-2020-18704CriAug 16, 2021
    risk 0.64cvss 9.8epss 0.03

    Unrestricted Upload of File with Dangerous Type in Django-Widgy v0.8.4 allows remote attackers to execute arbitrary code via the 'image' widget in the component 'Change Widgy Page'.

  • CVE-2020-18703CriAug 16, 2021
    risk 0.64cvss 9.8epss 0.03

    XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the component 'quokka/utils/atom.py'.

  • CVE-2020-18701CriAug 16, 2021
    risk 0.64cvss 9.8epss 0.02

    Incorrect Access Control in Lin-CMS-Flask v0.1.1 allows remote attackers to obtain sensitive information and/or gain privileges due to the application not invalidating a user's authentication token upon logout, which allows for replaying packets.

  • CVE-2020-18698CriAug 16, 2021
    risk 0.64cvss 9.8epss 0.02

    Improper Authentication in Lin-CMS-Flask v0.1.1 allows remote attackers to launch brute force login attempts without restriction via the 'login' function in the component 'app/api/cms/user.py'.

  • CVE-2021-38754CriAug 16, 2021
    risk 0.64cvss 9.8epss 0.02

    SQL Injection vulnerability in Hospital Management System due to lack of input validation in messearch.php.

  • CVE-2021-38753CriAug 16, 2021
    risk 0.64cvss 9.8epss 0.01

    An unrestricted file upload on Simple Image Gallery Web App can be exploited to upload a web shell and executed to gain unauthorized access to the server hosting the web app.

  • CVE-2021-35395CriKEVAug 16, 2021
    risk 0.84cvss 9.8epss 0.98

    Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. Two versions of this management interface exists: one based on Go-Ahead named webs and another based on Boa named boa. Both…

  • CVE-2021-35394CriKEVAug 16, 2021
    risk 0.84cvss 9.8epss 1.00

    Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability that can be…

  • CVE-2021-35393CriAug 16, 2021
    risk 0.69cvss 9.8epss 0.70

    Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or mini_upnpd and is the successor to miniigd. The server is vulnerable to a stack buffer overflow vulnerability…

  • CVE-2021-24527CriAug 16, 2021
    risk 0.64cvss 9.8epss 0.08

    The User Registration & User Profile – Profile Builder WordPress plugin before 3.4.9 has a bug allowing any user to reset the password of the admin of the blog, and gain unauthorised access, due to a bypass in the way the reset key is checked. Furthermore, the admin will not…

  • CVE-2021-25955CriAug 15, 2021
    risk 0.52cvss 9.0epss 0.01

    In “Dolibarr ERP CRM”, WYSIWYG Editor module, v2.8.1 to v13.0.2 are affected by a stored XSS vulnerability that allows low privileged application users to store malicious scripts in the “Private Note” field at “/adherents/note.php?id=1” endpoint. These scripts are…

  • CVE-2021-37705CriAug 13, 2021
    risk 0.58cvss 10.0epss 0.02

    OneFuzz is an open source self-hosted Fuzzing-As-A-Service platform. Starting with OneFuzz 2.12.0 or greater, an incomplete authorization check allows an authenticated user from any Azure Active Directory tenant to make authorized API calls to a vulnerable OneFuzz instance. To…

  • CVE-2021-21830CriAug 13, 2021
    risk 0.64cvss 9.8epss 0.02

    A heap-based buffer overflow vulnerability exists in the XML Decompression LabelDict::Load functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2021-21829CriAug 13, 2021
    risk 0.64cvss 9.8epss 0.03

    A heap-based buffer overflow vulnerability exists in the XML Decompression EnumerationUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this…

  • CVE-2021-38302CriAug 13, 2021
    risk 0.64cvss 9.8epss 0.01

    The Newsletter extension through 4.0.0 for TYPO3 allows SQL Injection.

  • CVE-2021-36789CriAug 13, 2021
    risk 0.64cvss 9.8epss 0.01

    The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows SQL Injection.

  • CVE-2021-34823CriAug 13, 2021
    risk 0.59cvss 9.1epss 0.02

    The ON24 ScreenShare (aka DesktopScreenShare.app) plugin before 2.0 for macOS allows remote file access via its built-in HTTP server. This allows unauthenticated remote users to retrieve files accessible to the logged-on macOS user. When a remote user sends a crafted HTTP…

  • CVE-2020-18758CriAug 13, 2021
    risk 0.64cvss 9.8epss 0.03

    An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to execute arbitrary code.

  • CVE-2020-18753CriAug 13, 2021
    risk 0.64cvss 9.8epss 0.01

    An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to gain access to the system and escalate privileges via a crafted packet.

  • CVE-2021-3352CriAug 13, 2021
    risk 0.59cvss 9.1epss 0.01

    The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 could allow an unauthenticated attacker to access (view and modify) user data without authorization due to improper handling of tokens.

  • CVE-2021-36380CriKEVAug 13, 2021
    risk 0.84cvss 9.8epss 0.98

    Sunhillo SureLine before 8.7.0.1.1 allows Unauthenticated OS Command Injection via shell metacharacters in ipAddr or dnsAddr /cgi/networkDiag.cgi.

  • CVE-2021-32071CriAug 13, 2021
    risk 0.64cvss 9.8epss 0.01

    The MiCollab Client service in Mitel MiCollab before 9.3 could allow an unauthenticated user to gain system access due to improper access control. A successful exploit could allow an attacker to view and modify application data, and cause a denial of service for users.

  • CVE-2021-1104CriAug 13, 2021
    risk 0.64cvss 9.8epss 0.02

    The RISC-V Instruction Set Manual contains a documented ambiguity for the Machine Trap Vector Base Address (MTVEC) register that may lead to a vulnerability due to the initial state of the register not being defined, potentially leading to information disclosure, data tampering…

  • CVE-2021-38621CriAug 13, 2021
    risk 0.00cvss 9.1epss 0.01

    The remove API in v1/controller/cloudStorage/alibabaCloud/remove/index.ts in netless Agora Flat Server before 2021-07-30 mishandles file ownership.

  • CVE-2021-27741CriAug 13, 2021
    risk 0.59cvss 9.1epss 0.01

    " Security vulnerability in HCL Commerce Management Center allowing XML external entity (XXE) injection"

  • CVE-2021-37353CriAug 13, 2021
    risk 0.64cvss 9.8epss 0.03

    Nagios XI Docker Wizard before version 1.1.3 is vulnerable to SSRF due to improper sanitation in table_population.php.

  • CVE-2021-37350CriAug 13, 2021
    risk 0.70cvss 9.8epss 0.79

    Nagios XI before version 5.8.5 is vulnerable to SQL injection vulnerability in Bulk Modifications Tool due to improper input sanitisation.

  • CVE-2021-37346CriAug 13, 2021
    risk 0.70cvss 9.8epss 0.74

    Nagios XI WatchGuard Wizard before version 1.4.8 is vulnerable to remote code execution through Improper neutralisation of special elements used in an OS Command (OS Command injection).

  • CVE-2021-37344CriAug 13, 2021
    risk 0.71cvss 9.8epss 0.97

    Nagios XI Switch Wizard before version 2.5.7 is vulnerable to remote code execution through improper neutralisation of special elements used in an OS Command (OS Command injection).

  • CVE-2021-37678CriAug 12, 2021
    risk 0.53cvss 9.3epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions TensorFlow and Keras can be tricked to perform arbitrary code execution when deserializing a Keras model from YAML format. The [implementation](https://github.com/tensorflow/tensorflow/blo…

  • CVE-2021-31698CriAug 12, 2021
    risk 0.64cvss 9.8epss 0.02

    Quectel EG25-G devices through 202006130814 allow executing arbitrary code remotely by using an AT command to place shell metacharacters in quectel_handle_fumo_cfg input in atfwd_daemon.

  • CVE-2021-31556CriAug 12, 2021
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. MWOAuthConsumerSubmitControl.php does not ensure that the length of an RSA key will fit in a MySQL blob.

  • CVE-2021-29377CriAug 12, 2021
    risk 0.64cvss 9.8epss 0.02

    Pear Admin Think through 2.1.2 has an arbitrary file upload vulnerability that allows attackers to execute arbitrary code remotely. A .php file can be uploaded via admin.php/index/upload because app/common/service/UploadService.php mishandles fileExt.

  • CVE-2021-28890CriAug 12, 2021
    risk 0.64cvss 9.8epss 0.01

    J2eeFAST 2.2.1 allows remote attackers to perform SQL injection via the (1) compId parameter to fast/sys/user/list, (2) deptId parameter to fast/sys/role/list, or (3) roleId parameter to fast/sys/role/authUser/list, related to the use of ${} to join SQL statements.

  • CVE-2021-28121CriAug 12, 2021
    risk 0.64cvss 9.8epss 0.02

    Virtual Robots.txt before 1.10 does not block HTML tags in the robots.txt field.

  • CVE-2020-36363CriAug 12, 2021
    risk 0.64cvss 9.8epss 0.01

    Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, which some entities consider to be weak ciphers.

  • CVE-2021-37599CriAug 12, 2021
    risk 0.64cvss 9.8epss 0.03

    The exporter/Login.aspx login form in the Exporter in Nuance Winscribe Dictation 4.1.0.99 is vulnerable to SQL injection that allows a remote, unauthenticated attacker to read the database (and execute code in some situations) via the txtPassword parameter.

  • CVE-2021-33199CriAug 12, 2021
    risk 0.64cvss 9.8epss 0.01

    In Expression Engine before 6.0.3, addonIcon in Addons/file/mod.file.php relies on the untrusted input value of input->get('file') instead of the fixed file names of icon.png and icon.svg.

  • CVE-2021-26432CriAug 12, 2021
    risk 0.65cvss 9.8epss 0.10

    Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability

  • CVE-2021-26424CriAug 12, 2021
    risk 0.69cvss 9.9epss 0.59

    Windows TCP/IP Remote Code Execution Vulnerability

  • CVE-2021-38606CriAug 12, 2021
    risk 0.00cvss 9.8epss 0.01

    reNgine through 0.5 relies on a predictable directory name.

  • CVE-2021-20509CriAug 12, 2021
    risk 0.64cvss 9.8epss 0.02

    IBM Maximo Asset Management 7.6.0 and 7.6.1 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 198243.

  • CVE-2021-20314CriAug 12, 2021
    risk 0.64cvss 9.8epss 0.03

    Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages.

  • CVE-2020-20979CriAug 12, 2021
    risk 0.64cvss 9.8epss 0.02

    An arbitrary file upload vulnerability in the move_uploaded_file() function of LJCMS v4.3 allows attackers to execute arbitrary code.

  • CVE-2020-20975CriAug 12, 2021
    risk 0.64cvss 9.8epss 0.01

    In \lib\admin\action\dataaction.class.php in Gxlcms v1.1, SQL Injection exists via the $filename parameter.

  • CVE-2020-28165CriAug 12, 2021
    risk 0.64cvss 9.8epss 0.01

    The EasyCorp ZenTao PMS 12.4.2 application suffers from an arbitrary file upload vulnerability. An attacker can upload arbitrary webshell to the server by using the downloadZipPackage() function.