VYPR

CVEs

31,781 total · page 394 of 636

  • CVE-2021-21833CriJun 11, 2021
    risk 0.64cvss 9.8epss 0.01

    An improper array index validation vulnerability exists in the TIF IP_planar_raster_unpack functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2021-21824CriJun 11, 2021
    risk 0.64cvss 9.8epss 0.01

    An out-of-bounds write vulnerability exists in the JPG Handle_JPEG420 functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2021-21795CriJun 11, 2021
    risk 0.64cvss 9.8epss 0.01

    A heap-based buffer overflow vulnerability exists in the PSD read_icc_icCurve_data functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to an integer overflow that, in turn, leads to a heap buffer overflow. An attacker can provide a malicious…

  • CVE-2021-0474CriJun 11, 2021
    risk 0.64cvss 9.8epss 0.03

    In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11…

  • CVE-2021-23230CriJun 11, 2021
    risk 0.64cvss 9.9epss 0.01

    A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modify Command Centre databases undetected. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions…

  • CVE-2021-23140CriJun 11, 2021
    risk 0.64cvss 9.9epss 0.01

    Improper Authorization vulnerability in Gallagher Command Centre Server allows command line macros to be modified by an unauthorised Command Centre Operator. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1359…

  • CVE-2021-22915CriJun 11, 2021
    risk 0.64cvss 9.8epss 0.02

    Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. This could potentially result in an attacker bypassing rate-limit controls such as the Nextcloud brute-force protection.

  • CVE-2021-22768CriJun 11, 2021
    risk 0.64cvss 9.8epss 0.03

    A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code execution via a specially crafted HTTP packet.This CVE ID is unique from CVE-2021-22767

  • CVE-2021-22767CriJun 11, 2021
    risk 0.64cvss 9.8epss 0.03

    A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code execution via a specially crafted HTTP packet.This CVE ID is unique from CVE-2021-2276

  • CVE-2021-22765CriJun 11, 2021
    risk 0.64cvss 9.8epss 0.03

    A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code execution via a specially crafted HTTP packet

  • CVE-2021-22763CriJun 11, 2021
    risk 0.64cvss 9.8epss 0.02

    A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (see security notification for version infromation) that could allow an attacker administrator level access to…

  • CVE-2021-25387CriJun 11, 2021
    risk 0.59cvss 9.0epss 0.01

    An improper input validation vulnerability in sflacfd_get_frm() in libsflacextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

  • CVE-2021-25386CriJun 11, 2021
    risk 0.59cvss 9.0epss 0.01

    An improper input validation vulnerability in sdfffd_parse_chunk_FVER() in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

  • CVE-2021-25385CriJun 11, 2021
    risk 0.59cvss 9.0epss 0.01

    An improper input validation vulnerability in sdfffd_parse_chunk_PROP() in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

  • CVE-2021-25384CriJun 11, 2021
    risk 0.59cvss 9.0epss 0.01

    An improper input validation vulnerability in sdfffd_parse_chunk_PROP() with Sample Rate Chunk in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

  • CVE-2021-25383CriJun 11, 2021
    risk 0.59cvss 9.0epss 0.01

    An improper input validation vulnerability in scmn_mfal_read() in libsapeextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

  • CVE-2020-5003CriJun 11, 2021
    risk 0.59cvss 9.1epss 0.02

    IBM Financial Transaction Manager 3.2.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192956.

  • CVE-2021-3013CriJun 11, 2021
    risk 0.64cvss 9.8epss 0.02

    ripgrep before 13 on Windows allows attackers to trigger execution of arbitrary programs from the current working directory via the -z/--search-zip or --pre flag.

  • CVE-2021-24035CriJun 11, 2021
    risk 0.59cvss 9.1epss 0.01

    A lack of filename validation when unzipping archives prior to WhatsApp for Android v2.21.8.13 and WhatsApp Business for Android v2.21.8.13 could have allowed path traversal attacks that overwrite WhatsApp files.

  • CVE-2020-23323CriJun 10, 2021
    risk 0.64cvss 9.8epss 0.01

    There is a heap-buffer-overflow at re-parser.c in re_parse_char_escape in JerryScript 2.2.0.

  • CVE-2020-23321CriJun 10, 2021
    risk 0.64cvss 9.8epss 0.01

    There is a heap-buffer-overflow at lit-strings.c:431 in lit_read_code_unit_from_utf8 in JerryScript 2.2.0.

  • CVE-2020-23306CriJun 10, 2021
    risk 0.64cvss 9.8epss 0.01

    There is a stack-overflow at ecma-regexp-object.c:535 in ecma_regexp_match in JerryScript 2.2.0.

  • CVE-2020-23303CriJun 10, 2021
    risk 0.64cvss 9.8epss 0.01

    There is a heap-buffer-overflow at jmem-poolman.c:165 in jmem_pools_collect_empty in JerryScript 2.2.0.

  • CVE-2020-23302CriJun 10, 2021
    risk 0.64cvss 9.8epss 0.01

    There is a heap-use-after-free at ecma-helpers-string.c:772 in ecma_ref_ecma_string in JerryScript 2.2.0

  • CVE-2021-25949CriJun 10, 2021
    risk 0.57cvss 9.8epss 0.03

    Prototype pollution vulnerability in 'set-getter' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution.

  • CVE-2021-25948CriJun 10, 2021
    risk 0.64cvss 9.8epss 0.03

    Prototype pollution vulnerability in 'expand-hash' versions 0.1.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution.

  • CVE-2021-34363CriJun 10, 2021
    risk 0.52cvss 9.1epss 0.02

    The thefuck (aka The Fuck) package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature.

  • CVE-2021-26691CriJun 10, 2021
    risk 0.69cvss 9.8epss 0.68

    In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow

  • CVE-2021-33833CriJun 9, 2021
    risk 0.64cvss 9.8epss 0.03

    ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH (for A or AAAA).

  • CVE-2021-33357CriJun 9, 2021
    risk 0.65cvss 9.8epss 0.18

    A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface" GET parameter in /ajax/networking/get_netcfg.php, when the "iface" parameter value contains special characters such as ";" which enables an unauthenticated attacker to execute arbitrary OS commands.

  • CVE-2020-15377CriJun 9, 2021
    risk 0.64cvss 9.8epss 0.01

    Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make requests to arbitrary hosts due to a misconfiguration; this is commonly referred to as Server-Side Request Forgery (SSRF).

  • CVE-2021-23847CriJun 9, 2021
    risk 0.64cvss 9.8epss 0.01

    A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to extract sensitive information or change settings of the camera by sending crafted requests to the device. Only devices of the CPP6, CPP7 and CPP7.3 family with firmware…

  • CVE-2021-33841CriJun 9, 2021
    risk 0.65cvss 10.0epss 0.02

    SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges.

  • CVE-2020-11291CriJun 9, 2021
    risk 0.64cvss 9.8epss 0.01

    Possible buffer overflow while updating ikev2 parameters for delete payloads received during informational exchange due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,…

  • CVE-2020-11176CriJun 9, 2021
    risk 0.64cvss 9.8epss 0.01

    While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow which can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon…

  • CVE-2020-11182CriJun 9, 2021
    risk 0.64cvss 9.8epss 0.01

    Possible heap overflow while parsing NAL header due to lack of check of length of data received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2020-11159CriJun 9, 2021
    risk 0.59cvss 9.1epss 0.01

    Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer being accessed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon…

  • CVE-2020-11134CriJun 9, 2021
    risk 0.64cvss 9.8epss 0.01

    Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NAN management frame are not Properly validated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,…

  • CVE-2020-11126CriJun 9, 2021
    risk 0.59cvss 9.1epss 0.01

    Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…

  • CVE-2021-31962CriJun 8, 2021
    risk 0.61cvss 9.4epss 0.04

    Kerberos AppContainer Security Feature Bypass Vulnerability

  • CVE-2021-26473CriJun 8, 2021
    risk 0.64cvss 9.8epss 0.02

    In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 the http API located at /sgwebservice_o.php action logFilePath allows an attacker to write arbitrary files in the context of the web server process. These files can then be executed remotely by calling the file via the…

  • CVE-2021-26472CriJun 8, 2021
    risk 0.65cvss 10.0epss 0.02

    In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges.

  • CVE-2021-26471CriJun 8, 2021
    risk 0.64cvss 9.8epss 0.02

    In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1, the http API located at /sgwebservice_o.php accepts a command argument. Using this command argument an unauthenticated attacker can execute arbitrary shell commands.

  • CVE-2021-28293CriJun 8, 2021
    risk 0.64cvss 9.8epss 0.02

    Seceon aiSIEM before 6.3.2 (build 585) is prone to an unauthenticated account takeover vulnerability in the Forgot Password feature. The lack of correct configuration leads to recovery of the password reset link generated via the password reset functionality, and thus an…

  • CVE-2021-32671CriJun 7, 2021
    risk 0.61cvss 10.0epss 0.40

    Flarum is a forum software for building communities. Flarum's translation system allowed for string inputs to be converted into HTML DOM nodes when rendered. This change was made after v0.1.0-beta.16 (our last beta before v1.0.0) and was not noticed or documented. This allowed…

  • CVE-2021-29504CriJun 7, 2021
    risk 0.00cvss 9.1epss 0.01

    WP-CLI is the command-line interface for WordPress. An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining…

  • CVE-2021-20699CriJun 7, 2021
    risk 0.64cvss 9.8epss 0.02

    Sharp NEC Displays ((UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300 and prior to it, UN492VS R1.300 and prior to it, UN552A R1.300 and prior to it, UN552S R1.300 and prior to it, UN552VS R1.300 and prior to it, UN552 R1.300 and prior to it, UN552V…

  • CVE-2021-20698CriJun 7, 2021
    risk 0.64cvss 9.8epss 0.01

    Sharp NEC Displays (UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300 and prior to it, UN492VS R1.300 and prior to it, UN552A R1.300 and prior to it, UN552S R1.300 and prior to it, UN552VS R1.300 and prior to it, UN552 R1.300 and prior to it, UN552V…

  • CVE-2017-20005CriJun 6, 2021
    risk 0.00cvss 9.8epss 0.03

    NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow (or a false modification date far in the future), when encountered by the autoindex module.

  • CVE-2021-32198CriJun 6, 2021
    risk 0.64cvss 9.8epss 0.01

    EmTec ZOC through 8.02.4 allows remote servers to cause a denial of service (Windows GUI hang) by telling the ZOC window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. In other words, it does not implement a usleep or…