VYPR

CVEs

31,781 total · page 396 of 636

  • CVE-2018-10867CriMay 26, 2021
    risk 0.59cvss 9.1epss 0.01

    Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by the apached user.

  • CVE-2018-10866CriMay 26, 2021
    risk 0.59cvss 9.1epss 0.01

    It was discovered that the /configuration view of redhat-certification 7 does not perform an authorization check and it allows an unauthenticated user to remove a "system" file, that is an xml file with host related information, not belonging to him.

  • CVE-2021-33470CriMay 26, 2021
    risk 0.64cvss 9.8epss 0.02

    COVID19 Testing Management System 1.0 is vulnerable to SQL Injection via the admin panel.

  • CVE-2021-20487CriMay 26, 2021
    risk 0.59cvss 9.1epss 0.01

    IBM Power9 Self Boot Engine(SBE) could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process.

  • CVE-2021-25945CriMay 26, 2021
    risk 0.64cvss 9.8epss 0.03

    Prototype pollution vulnerability in 'js-extend' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution.

  • CVE-2021-21986CriMay 26, 2021
    risk 0.65cvss 9.8epss 0.13

    The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network access to port 443 on vCenter…

  • CVE-2021-21985CriKEVMay 26, 2021
    risk 0.93cvss 9.8epss 1.00

    The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute…

  • CVE-2021-22160CriMay 26, 2021
    risk 0.68cvss 9.8epss 0.53

    If Apache Pulsar is configured to authenticate clients using tokens based on JSON Web Tokens (JWT), the signature of the token is not validated if the algorithm of the presented token is set to "none". This allows an attacker to connect to Pulsar instances as any user (incl.…

  • CVE-2021-33575CriMay 25, 2021
    risk 0.64cvss 9.8epss 0.03

    The Pixar ruby-jss gem before 1.6.0 allows remote attackers to execute arbitrary code because of the Plist gem's documented behavior of using Marshal.load during XML document processing.

  • CVE-2021-33574CriMay 25, 2021
    risk 0.64cvss 9.8epss 0.03

    The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service…

  • CVE-2021-25946CriMay 25, 2021
    risk 0.64cvss 9.8epss 0.03

    Prototype pollution vulnerability in `nconf-toml` versions 0.0.1 through 0.0.2 allows an attacker to cause a denial of service and may lead to remote code execution.

  • CVE-2021-25944CriMay 25, 2021
    risk 0.64cvss 9.8epss 0.03

    Prototype pollution vulnerability in 'deep-defaults' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution.

  • CVE-2021-21658CriMay 25, 2021
    risk 0.52cvss 9.1epss 0.02

    Jenkins Nuget Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

  • CVE-2020-13601CriMay 25, 2021
    risk 0.59cvss 9.0epss 0.01

    Possible read out of bounds in dns read. Zephyr versions >= 1.14.2, >= 2.3.0 contain Out-of-bounds Read (CWE-125). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-mm57-9hqw-qh44

  • CVE-2021-30194CriMay 25, 2021
    risk 0.59cvss 9.1epss 0.01

    CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read.

  • CVE-2021-30193CriMay 25, 2021
    risk 0.64cvss 9.8epss 0.01

    CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Write.

  • CVE-2021-30192CriMay 25, 2021
    risk 0.64cvss 9.8epss 0.01

    CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check.

  • CVE-2021-30190CriMay 25, 2021
    risk 0.64cvss 9.8epss 0.01

    CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control.

  • CVE-2021-30189CriMay 25, 2021
    risk 0.64cvss 9.8epss 0.01

    CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer Overflow.

  • CVE-2021-30188CriMay 25, 2021
    risk 0.64cvss 9.8epss 0.01

    CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow.

  • CVE-2021-30108CriMay 24, 2021
    risk 0.52cvss 9.1epss 0.01

    Feehi CMS 2.1.1 is affected by a Server-side request forgery (SSRF) vulnerability. When the user modifies the HTTP Referer header to any url, the server can make a request to it.

  • CVE-2020-20907CriMay 24, 2021
    risk 0.59cvss 9.1epss 0.02

    MetInfo 7.0 beta is affected by a file modification vulnerability. Attackers can delete and modify ini files in app/system/language/admin/language_general.class.php and app/system/include/function/file.func.php.

  • CVE-2021-29300CriMay 24, 2021
    risk 0.57cvss 9.8epss 0.05

    The @ronomon/opened library before 1.5.2 is vulnerable to a command injection vulnerability which would allow a remote attacker to execute commands on the system if the library was used with untrusted input.

  • CVE-2019-12348CriMay 24, 2021
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in zzcms 2019. SQL Injection exists in user/ztconfig.php via the daohang or img POST parameter.

  • CVE-2021-20426CriMay 24, 2021
    risk 0.64cvss 9.8epss 0.01

    IBM Security Guardium 11.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 196313.

  • CVE-2021-32075CriMay 24, 2021
    risk 0.64cvss 9.8epss 0.02

    Re-Logic Terraria before 1.4.2.3 performs Insecure Deserialization.

  • CVE-2020-28910CriMay 24, 2021
    risk 0.64cvss 9.8epss 0.04

    Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and earlier allows for Privilege Escalation via creation of symlinks, which are mishandled in getprofile.sh.

  • CVE-2020-28908CriMay 24, 2021
    risk 0.64cvss 9.8epss 0.06

    Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to nagios.

  • CVE-2020-28907CriMay 24, 2021
    risk 0.64cvss 9.8epss 0.03

    Incorrect SSL certificate validation in Nagios Fusion 4.1.8 and earlier allows for Escalation of Privileges or Code Execution as root via vectors related to download of an untrusted update package in upgrade_to_latest.sh.

  • CVE-2020-28904CriMay 24, 2021
    risk 0.64cvss 9.8epss 0.04

    Execution with Unnecessary Privileges in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation as nagios via installation of a malicious component containing PHP code.

  • CVE-2020-28902CriMay 24, 2021
    risk 0.64cvss 9.8epss 0.06

    Command Injection in Nagios Fusion 4.1.8 and earlier allows Privilege Escalation from apache to root in cmd_subsys.php.

  • CVE-2020-28901CriMay 24, 2021
    risk 0.64cvss 9.8epss 0.09

    Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation or Code Execution as root via vectors related to corrupt component installation in cmd_subsys.php.

  • CVE-2020-28900CriMay 24, 2021
    risk 0.64cvss 9.8epss 0.02

    Insufficient Verification of Data Authenticity in Nagios Fusion 4.1.8 and earlier and Nagios XI 5.7.5 and earlier allows for Escalation of Privileges or Code Execution as root via vectors related to an untrusted update package to upgrade_to_latest.sh.

  • CVE-2020-25409CriMay 24, 2021
    risk 0.64cvss 9.8epss 0.02

    Projectsworlds College Management System Php 1.0 is vulnerable to SQL injection issues over multiple parameters.

  • CVE-2021-21001CriMay 24, 2021
    risk 0.59cvss 9.1epss 0.01

    On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges.

  • CVE-2021-33497CriMay 24, 2021
    risk 0.00cvss 9.1epss 0.02

    Dutchcoders transfer.sh before 1.2.4 allows Directory Traversal for deleting files.

  • CVE-2021-33509CriMay 21, 2021
    risk 0.65cvss 9.9epss 0.02

    Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script.

  • CVE-2020-36331CriMay 21, 2021
    risk 0.52cvss 9.1epss 0.02

    A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability.

  • CVE-2020-36330CriMay 21, 2021
    risk 0.52cvss 9.1epss 0.02

    A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability.

  • CVE-2020-36329CriMay 21, 2021
    risk 0.57cvss 9.8epss 0.02

    A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

  • CVE-2020-36328CriMay 21, 2021
    risk 0.57cvss 9.8epss 0.03

    A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system…

  • CVE-2018-25014CriMay 21, 2021
    risk 0.64cvss 9.8epss 0.02

    A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().

  • CVE-2018-25013CriMay 21, 2021
    risk 0.59cvss 9.1epss 0.02

    A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes().

  • CVE-2018-25012CriMay 21, 2021
    risk 0.59cvss 9.1epss 0.02

    A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE24().

  • CVE-2018-25011CriMay 21, 2021
    risk 0.64cvss 9.8epss 0.03

    A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16().

  • CVE-2018-25010CriMay 21, 2021
    risk 0.59cvss 9.1epss 0.02

    A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter().

  • CVE-2018-25009CriMay 21, 2021
    risk 0.59cvss 9.1epss 0.02

    A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16().

  • CVE-2021-31474CriMay 21, 2021
    risk 0.71cvss 9.8epss 0.94

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor 2020.2.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SolarWinds.Serialization library.…

  • CVE-2020-12061CriMay 21, 2021
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Nitrokey FIDO U2F firmware through 1.1. Communication between the microcontroller and the secure element transmits credentials in plain. This allows an adversary to eavesdrop the communication and derive the secrets stored in the microcontroller. As a…

  • CVE-2021-32630CriMay 20, 2021
    risk 0.63cvss 9.6epss 0.02

    Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.0.4, there is an authenticated RCE via .phar file upload. A php web shell can be uploaded via the Documents & Files upload feature. Someone with upload…