VYPR

CVEs

31,781 total · page 395 of 636

  • CVE-2021-31251CriJun 4, 2021
    risk 0.70cvss 9.8epss 0.36

    An authentication bypass in telnet server in BF-430 and BF431 232/422 TCP/IP Converter, BF-450M and SEMAC from CHIYU Technology Inc allows obtaining a privileged connection with the target device by supplying a specially malformed request and an attacker may force the remote…

  • CVE-2021-30475CriJun 4, 2021
    risk 0.64cvss 9.8epss 0.02

    aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow.

  • CVE-2021-25947CriJun 3, 2021
    risk 0.57cvss 9.8epss 0.03

    Prototype pollution vulnerability in 'nestie' versions 0.0.0 through 1.0.0 allows an attacker to cause a denial of service and may lead to remote code execution.

  • CVE-2021-22333CriJun 3, 2021
    risk 0.64cvss 9.8epss 0.01

    There is an Improper Validation of Array Index vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute, thus obtaining system permissions.

  • CVE-2021-33806CriJun 3, 2021
    risk 0.00cvss 9.8epss 0.03

    The BDew BdLib library before 1.16.1.7 for Minecraft allows remote code execution because it deserializes untrusted data in ObjectInputStream.readObject as part of its use of Java serialization.

  • CVE-2020-35442CriJun 2, 2021
    risk 0.64cvss 9.8epss 0.02

    FDCMS (also known as Fangfa Content Management System) 4.0 allows remote attackers to get a webshell in the background via Front/lib/Action/FindexAction.class.php.

  • CVE-2020-35441CriJun 2, 2021
    risk 0.64cvss 9.8epss 0.01

    FDCMS (aka Fangfa Content Management System) 4.0 contains a front-end SQL injection via Admin/Lib/Action/FloginAction.class.php.

  • CVE-2021-30474CriJun 2, 2021
    risk 0.64cvss 9.8epss 0.02

    aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use-after-free.

  • CVE-2021-31921CriJun 2, 2021
    risk 0.64cvss 9.8epss 0.01

    Istio before 1.8.6 and 1.9.x before 1.9.5 contains a remotely exploitable vulnerability where an external client can access unexpected services in the cluster, bypassing authorization checks, when a gateway is configured with AUTO_PASSTHROUGH routing configuration.

  • CVE-2021-25288CriJun 2, 2021
    risk 0.52cvss 9.1epss 0.02

    An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_gray_i.

  • CVE-2021-25287CriJun 2, 2021
    risk 0.52cvss 9.1epss 0.03

    An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_graya_la.

  • CVE-2009-0948CriJun 2, 2021
    risk 0.64cvss 9.8epss 0.01

    Multiple buffer overflows in the (1) cdf_read_sat, (2) cdf_read_long_sector_chain, and (3) cdf_read_ssat function in file before 5.02.

  • CVE-2009-0947CriJun 2, 2021
    risk 0.64cvss 9.8epss 0.01

    Multiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in file before 5.02.

  • CVE-2021-26707CriJun 2, 2021
    risk 0.57cvss 9.8epss 0.02

    The merge-deep library before 3.0.3 for Node.js can be tricked into overwriting properties of Object.prototype or adding new properties to it. These properties are then inherited by every object in the program, thus facilitating prototype-pollution attacks against applications…

  • CVE-2021-3538CriJun 2, 2021
    risk 0.57cvss 9.8epss 0.02

    A flaw was found in github.com/satori/go.uuid in versions from commit 0ef6afb2f6cdd6cdaeee3885a95099c63f18fc8c to d91630c8510268e75203009fe7daf2b8e1d60c45. Due to insecure randomness in the g.rand.Read function the generated UUIDs are predictable for an attacker.

  • CVE-2021-3520CriJun 2, 2021
    risk 0.64cvss 9.8epss 0.03

    There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this…

  • CVE-2021-23895CriJun 2, 2021
    risk 0.59cvss 9.0epss 0.02

    Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the…

  • CVE-2021-23894CriJun 2, 2021
    risk 0.63cvss 9.6epss 0.02

    Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote unauthenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the…

  • CVE-2021-29089CriJun 2, 2021
    risk 0.64cvss 9.8epss 0.02

    Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in thumbnail component in Synology Photo Station before 6.8.14-3500 allows remote attackers users to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2021-30181CriJun 1, 2021
    risk 0.69cvss 9.8epss 0.61

    Apache Dubbo prior to 2.6.9 and 2.7.9 supports Script routing which will enable a customer to route the request to the right server. These rules are used by the customers when making a request in order to find the right endpoint. When parsing these rules, Dubbo customers use…

  • CVE-2021-30180CriJun 1, 2021
    risk 0.69cvss 9.8epss 0.60

    Apache Dubbo prior to 2.7.9 support Tag routing which will enable a customer to route the request to the right server. These rules are used by the customers when making a request in order to find the right endpoint. When parsing these YAML rules, Dubbo customers may enable…

  • CVE-2021-30179CriJun 1, 2021
    risk 0.64cvss 9.8epss 0.04

    Apache Dubbo prior to 2.6.9 and 2.7.9 by default supports generic calls to arbitrary methods exposed by provider interfaces. These invocations are handled by the GenericFilter which will find the service and method specified in the first arguments of the invocation and use the…

  • CVE-2021-25641CriJun 1, 2021
    risk 0.65cvss 9.8epss 0.18

    Each Apache Dubbo server will set a serialization id to tell the clients which serialization protocol it is working on. But for Dubbo versions before 2.7.8 or 2.6.9, an attacker can choose which serialization id the Provider will use by tampering with the byte preamble flags,…

  • CVE-2021-24321CriJun 1, 2021
    risk 0.69cvss 9.8epss 0.67

    The Bello - Directory & Listing WordPress theme before 1.6.0 did not sanitise the bt_bb_listing_field_price_range_to, bt_bb_listing_field_now_open, bt_bb_listing_field_my_lng, listing_list_view and bt_bb_listing_field_my_lat parameters before using them in a SQL statement,…

  • CVE-2020-4561CriJun 1, 2021
    risk 0.65cvss 10.0epss 0.03

    IBM Cognos Analytics 11.0 and 11.1 DQM API allows submitting of all control requests in unauthenticated sessions. This allows a remote attacker who can access a valid CA endpoint to read and write files to the Cognos Analytics system. IBM X-Force ID: 183903.

  • CVE-2021-27828CriJun 1, 2021
    risk 0.64cvss 9.1epss 0.20

    SQL injection in In4Suite ERP 3.2.74.1370 allows attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries.

  • CVE-2020-10666CriMay 31, 2021
    risk 0.64cvss 9.8epss 0.02

    The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXact 13, 14, and 15 through 15.0.19.2 allows remote code execution via a URL variable to an AMI command.

  • CVE-2021-33790CriMay 31, 2021
    risk 0.64cvss 9.8epss 0.03

    The RebornCore library before 4.7.3 allows remote code execution because it deserializes untrusted data in ObjectInputStream.readObject as part of reborncore.common.network.ExtendedPacketBuffer. An attacker can instantiate any class on the classpath with any data. A class usable…

  • CVE-2021-33564CriMay 29, 2021
    risk 0.62cvss 9.8epss 0.72

    An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitrary files via a crafted URL when the verify_url option is disabled. This may lead to code execution. The problem occurs because the generate and…

  • CVE-2021-31703CriMay 29, 2021
    risk 0.64cvss 9.8epss 0.01

    Frontier ichris through 5.18 allows users to upload malicious executable files that might later be downloaded and run by any client user.

  • CVE-2021-30461CriMay 29, 2021
    risk 0.67cvss 9.8epss 0.37

    A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value (which might contain PHP code) is injected into config/configuration.php.

  • CVE-2021-32619CriMay 28, 2021
    risk 0.64cvss 9.8epss 0.01

    Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. In Deno versions 1.5.0 to 1.10.1, modules that are dynamically imported through `import()` or `new Worker` might have been able to bypass network and file system permission checks when statically…

  • CVE-2021-22519CriMay 28, 2021
    risk 0.64cvss 9.8epss 0.02

    Execute arbitrary code vulnerability in Micro Focus SiteScope product, affecting versions 11.40,11.41 , 2018.05(11.50), 2018.08(11.51), 2018.11(11.60), 2019.02(11.70), 2019.05(11.80), 2019.08(11.90), 2019.11(11.91), 2020.05(11.92), 2020.10(11.93). The vulnerability could allow…

  • CVE-2021-32637CriMay 28, 2021
    risk 0.58cvss 10.0epss 0.02

    Authelia is a a single sign-on multi-factor portal for web apps. This affects uses who are using nginx ngx_http_auth_request_module with Authelia, it allows a malicious individual who crafts a malformed HTTP request to bypass the authentication mechanism. It additionally could…

  • CVE-2020-15782CriMay 28, 2021
    risk 0.64cvss 9.8epss 0.05

    A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9),…

  • CVE-2021-20236CriMay 28, 2021
    risk 0.57cvss 9.8epss 0.02

    A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to…

  • CVE-2021-20195CriMay 28, 2021
    risk 0.55cvss 9.6epss 0.01

    A flaw was found in keycloak in versions before 13.0.0. A Self Stored XSS attack vector escalating to a complete account takeover is possible due to user-supplied data fields not being properly encoded and Javascript code being used to process the data. The highest threat from…

  • CVE-2020-27847CriMay 28, 2021
    risk 0.64cvss 9.8epss 0.02

    A vulnerability exists in the SAML connector of the github.com/dexidp/dex library used to process SAML Signature Validation. This flaw allows an attacker to bypass SAML authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system…

  • CVE-2021-27852CriKEVMay 27, 2021
    risk 0.78cvss 9.8epss 0.32

    Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code. This issue affects: Checkbox Survey versions prior to 7.

  • CVE-2020-15180CriMay 27, 2021
    risk 0.59cvss 9.0epss 0.06

    A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality,…

  • CVE-2020-12403CriMay 27, 2021
    risk 0.59cvss 9.1epss 0.02

    A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly…

  • CVE-2020-27832CriMay 27, 2021
    risk 0.59cvss 9.0epss 0.01

    A flaw was found in Red Hat Quay, where it has a persistent Cross-site Scripting (XSS) vulnerability when displaying a repository's notification. This flaw allows an attacker to trick a user into performing a malicious action to impersonate the target user. The highest threat…

  • CVE-2021-31535CriMay 27, 2021
    risk 0.01cvss 9.8epss 0.11

    LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than…

  • CVE-2021-22911CriMay 27, 2021
    risk 0.74cvss 9.8epss 0.95

    A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE.

  • CVE-2021-22891CriMay 27, 2021
    risk 0.64cvss 9.8epss 0.01

    A missing authorization vulnerability exists in Citrix ShareFile Storage Zones Controller before 5.7.3, 5.8.3, 5.9.3, 5.10.1 and 5.11.18 may allow unauthenticated remote compromise of the Storage Zones Controller.

  • CVE-2021-33590CriMay 27, 2021
    risk 0.64cvss 9.8epss 0.01

    GattLib 0.3-rc1 has a stack-based buffer over-read in get_device_path_from_mac in dbus/gattlib.c.

  • CVE-2021-22738CriMay 26, 2021
    risk 0.64cvss 9.8epss 0.01

    Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access when credentials are discovered after a brute force attack.

  • CVE-2021-22737CriMay 26, 2021
    risk 0.64cvss 9.8epss 0.01

    Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access of when credentials are discovered after a brute force attack.

  • CVE-2021-22731CriMay 26, 2021
    risk 0.64cvss 9.8epss 0.01

    Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker.

  • CVE-2019-25029CriMay 26, 2021
    risk 0.64cvss 9.8epss 0.03

    In Versa Director, the command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP…