VYPR

CVEs

31,781 total · page 397 of 636

  • CVE-2021-27459CriMay 20, 2021
    risk 0.64cvss 9.8epss 0.02

    A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The webserver of the affected products allows unvalidated files to be uploaded, which an attacker could utilize to execute arbitrary code.

  • CVE-2021-20721CriMay 20, 2021
    risk 0.64cvss 9.8epss 0.02

    KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors. If the file contains PHP scripts, arbitrary code may be executed.

  • CVE-2021-20720CriMay 20, 2021
    risk 0.64cvss 9.8epss 0.01

    SQL injection vulnerability in the KonaWiki2 versions prior to 2.2.4 allows remote attackers to execute arbitrary SQL commands and to obtain/alter the information stored in the database via unspecified vectors.

  • CVE-2020-36364CriMay 19, 2021
    risk 0.52cvss 9.1epss 0.02

    An issue was discovered in Smartstore (aka SmartStoreNET) before 4.1.0. Administration/Controllers/ImportController.cs allows path traversal (for copy and delete actions) in the ImportController.Create method via a TempFileName field.

  • CVE-2021-33204CriMay 19, 2021
    risk 0.00cvss 9.8epss 0.02

    In the pg_partman (aka PG Partition Manager) extension before 4.5.1 for PostgreSQL, arbitrary code execution can be achieved via SECURITY DEFINER functions because an explicit search_path is not set.

  • CVE-2017-17674CriMay 19, 2021
    risk 0.64cvss 9.8epss 0.02

    BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. Due to the lack of restrictions on what can be targeted, the system can be vulnerable to attacks such as system fingerprinting, internal port scanning, Server Side Request Forgery (SSRF), or remote code…

  • CVE-2021-31324CriMay 18, 2021
    risk 0.66cvss 9.8epss 0.34

    The unprivileged user portal part of CentOS Web Panel is affected by a Command Injection vulnerability leading to root Remote Code Execution.

  • CVE-2021-31316CriMay 18, 2021
    risk 0.65cvss 9.8epss 0.13

    The unprivileged user portal part of CentOS Web Panel is affected by a SQL Injection via the 'idsession' HTTP POST parameter.

  • CVE-2020-18178CriMay 18, 2021
    risk 0.64cvss 9.8epss 0.02

    Path Traversal in HongCMS v4.0.0 allows remote attackers to view, edit, and delete arbitrary files via a crafted POST request to the component "/hcms/admin/index.php/language/ajax."

  • CVE-2021-32305CriMay 18, 2021
    risk 0.10cvss 9.8epss 0.87

    WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter.

  • CVE-2020-20951CriMay 18, 2021
    risk 0.64cvss 9.8epss 0.04

    In Pluck-4.7.10-dev2 admin background, a remote command execution vulnerability exists when uploading files.

  • CVE-2021-32454CriMay 17, 2021
    risk 0.62cvss 9.6epss 0.00

    SITEL CAP/PRX firmware version 5.2.01 makes use of a hardcoded password. An attacker with access to the device could modify these credentials, leaving the administrators of the device without access.

  • CVE-2021-24314CriMay 17, 2021
    risk 0.64cvss 9.8epss 0.02

    The Goto WordPress theme before 2.1 did not sanitise, validate of escape the keywords GET parameter from its listing page before using it in a SQL statement, leading to an Unauthenticated SQL injection issue

  • CVE-2020-4670CriMay 17, 2021
    risk 0.59cvss 9.1epss 0.02

    IBM Planning Analytics Local 2.0 connects to a Redis server. The Redis server, an in-memory data structure store, running on the remote host is not protected by password authentication. A remote attacker can exploit this to gain unauthorized access to the server. IBM X-Force ID:…

  • CVE-2020-4669CriMay 17, 2021
    risk 0.59cvss 9.1epss 0.02

    IBM Planning Analytics Local 2.0 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the remote port, and it is configured to allow connections without password authentication. A remote attacker can gain unauthorized access to the…

  • CVE-2021-27734CriMay 17, 2021
    risk 0.64cvss 9.8epss 0.01

    Hirschmann HiOS 07.1.01, 07.1.02, and 08.1.00 through 08.5.xx and HiSecOS 03.3.00 through 03.5.01 allow remote attackers to change the credentials of existing users.

  • CVE-2021-22668CriMay 16, 2021
    risk 0.64cvss 9.8epss 0.02

    Delta Industrial Automation CNCSoft ScreenEditor Versions 1.01.28 (with ScreenEditor Version 1.01.2) and prior are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code.

  • CVE-2021-3402CriMay 14, 2021
    risk 0.59cvss 9.1epss 0.02

    An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file. Affects all versions before libyara 4.0.4

  • CVE-2020-23691CriMay 14, 2021
    risk 0.64cvss 9.8epss 0.03

    YFCMF v2.3.1 has a Remote Command Execution (RCE) vulnerability in the index.php.

  • CVE-2021-25943CriMay 14, 2021
    risk 0.64cvss 9.8epss 0.03

    Prototype pollution vulnerability in '101' versions 1.0.0 through 1.6.3 allows an attacker to cause a denial of service and may lead to remote code execution.

  • CVE-2021-25941CriMay 14, 2021
    risk 0.57cvss 9.8epss 0.03

    Prototype pollution vulnerability in 'deep-override' versions 1.0.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution.

  • CVE-2020-18166CriMay 14, 2021
    risk 0.64cvss 9.8epss 0.02

    Unrestricted File Upload in LAOBANCMS v2.0 allows remote attackers to upload arbitrary files by attaching a file with a ".jpg.php" extension to the component "admin/wenjian.php?wj=../templets/pc".

  • CVE-2021-24285CriMay 14, 2021
    risk 0.65cvss 9.8epss 0.15

    The request_list_request AJAX call of the Car Seller - Auto Classifieds Script WordPress plugin through 2.1.0, available to both authenticated and unauthenticated users, does not sanitise, validate or escape the order_id POST parameter before using it in a SQL statement, leading…

  • CVE-2021-24284CriMay 14, 2021
    risk 0.67cvss 9.8epss 0.42

    The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the 'uploadFontIcon' AJAX action. The supplied zipfile being unzipped in the wp-content/uploads/kaswara/fonts_icon directory with no checks for malicious files such as…

  • CVE-2021-33026CriMay 13, 2021
    risk 0.64cvss 9.8epss 0.07

    The Flask-Caching extension through 1.10.1 for Flask relies on Pickle for serialization, which may lead to remote code execution or local privilege escalation. If an attacker gains access to cache storage (e.g., filesystem, Memcached, Redis, etc.), they can construct a crafted…

  • CVE-2021-32615CriMay 13, 2021
    risk 0.00cvss 9.8epss 0.02

    Piwigo 11.4.0 allows admin/user_list_backend.php order[0][dir] SQL Injection.

  • CVE-2020-28063CriMay 13, 2021
    risk 0.64cvss 9.8epss 0.01

    A file upload issue exists in all versions of ArticleCMS which allows malicious users to getshell.

  • CVE-2020-20092CriMay 13, 2021
    risk 0.64cvss 9.8epss 0.01

    File Upload vulnerability exists in ArticleCMS 1.0 via the image upload feature at /admin by changing the Content-Type to image/jpeg and placing PHP code after the JPEG data, which could let a remote malicious user execute arbitrary PHP code.

  • CVE-2021-20999CriMay 13, 2021
    risk 0.61cvss 9.4epss 0.01

    In Weidmüller u-controls and IoT-Gateways in versions up to 1.12.1 a network port intended only for device-internal usage is accidentally accessible via external network interfaces. By exploiting this vulnerability the device may be manipulated or the operation may be stopped.

  • CVE-2021-20998CriMay 13, 2021
    risk 0.65cvss 10.0epss 0.01

    In multiple managed switches by WAGO in different versions without authorization and with specially crafted packets it is possible to create users.

  • CVE-2021-28799CriKEVMay 13, 2021
    risk 0.89cvss 10.0epss 0.78

    An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. ) If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2;…

  • CVE-2020-23790CriMay 12, 2021
    risk 0.64cvss 9.8epss 0.02

    An Arbitrary File Upload vulnerability was discovered in the Golo Laravel theme v 1.1.5.

  • CVE-2021-32608CriMay 12, 2021
    risk 0.03cvss 9.8epss 0.33

    An issue was discovered in Smartstore (aka SmartStoreNET) through 4.1.1. Views/Boards/Partials/_ForumPost.cshtml does not call HtmlUtils.SanitizeHtml on certain text for a forum post.

  • CVE-2021-32607CriMay 12, 2021
    risk 0.03cvss 9.8epss 0.33

    An issue was discovered in Smartstore (aka SmartStoreNET) through 4.1.1. Views/PrivateMessages/View.cshtml does not call HtmlUtils.SanitizeHtml on a private message.

  • CVE-2021-27384CriMay 12, 2021
    risk 0.64cvss 9.8epss 0.03

    A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels…

  • CVE-2020-13873CriMay 12, 2021
    risk 0.64cvss 9.8epss 0.05

    A SQL Injection vulnerability in get_topic_info() in sys/CODOF/Forum/Topic.php in Codoforum before 4.9 allows remote attackers (pre-authentication) to bypass the admin page via a leaked password-reset token of the admin. (As an admin, an attacker can upload a PHP shell and…

  • CVE-2020-35198CriMay 12, 2021
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to…

  • CVE-2021-32605CriMay 11, 2021
    risk 0.64cvss 9.8epss 0.04

    zzzcms zzzphp before 2.0.4 allows remote attackers to execute arbitrary OS commands by placing them in the keys parameter of a ?location=search URI, as demonstrated by an OS command within an "if" "end if" block.

  • CVE-2021-32089CriMay 11, 2021
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on Zebra (formerly Motorola Solutions) Fixed RFID Reader FX9500 devices. An unauthenticated attacker can upload arbitrary files to the filesystem that can then be accessed through the web interface. This can lead to information disclosure and code…

  • CVE-2021-31166CriKEVMay 11, 2021
    risk 0.87cvss 9.8epss 1.00

    HTTP Protocol Stack Remote Code Execution Vulnerability

  • CVE-2021-28476CriMay 11, 2021
    risk 0.67cvss 9.9epss 0.39

    Windows Hyper-V Remote Code Execution Vulnerability

  • CVE-2021-29508CriMay 11, 2021
    risk 0.59cvss 9.1epss 0.02

    Due to how Wire handles type information in its serialization format, malicious payloads can be passed to a deserializer. e.g. using a surrogate on the sender end, an attacker can pass information about a different type for the receiving end. And by doing so allowing the…

  • CVE-2021-31915CriMay 11, 2021
    risk 0.64cvss 9.8epss 0.03

    In JetBrains TeamCity before 2020.2.4, OS command injection leading to remote code execution was possible.

  • CVE-2021-31914CriMay 11, 2021
    risk 0.64cvss 9.8epss 0.02

    In JetBrains TeamCity before 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible.

  • CVE-2021-31897CriMay 11, 2021
    risk 0.64cvss 9.8epss 0.02

    In JetBrains WebStorm before 2021.1, code execution without user confirmation was possible for untrusted projects.

  • CVE-2021-31909CriMay 11, 2021
    risk 0.64cvss 9.8epss 0.03

    In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible.

  • CVE-2021-32563CriMay 11, 2021
    risk 0.00cvss 9.8epss 0.03

    An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2. When called with a regular file as a command-line argument, it delegates to a different program (based on the file type) without user confirmation. This could be used to achieve code execution.

  • CVE-2021-21428CriMay 10, 2021
    risk 0.00cvss 9.3epss 0.00

    Openapi generator is a java tool which allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. openapi-generator-online creates insecure temporary folders with File.createTempFile during the…

  • CVE-2021-20538CriMay 10, 2021
    risk 0.59cvss 9.1epss 0.01

    IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 could allow a user to obtain sensitive information or perform actions they should not have access to due to incorrect authorization mechanisms. IBM X-Force ID: 198919.

  • CVE-2021-23008CriMay 10, 2021
    risk 0.64cvss 9.8epss 0.01

    On version 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, 12.1.x before 12.1.6, and all versions of 16.0.x and 11.6.x., BIG-IP APM AD (Active Directory) authentication can be bypassed via a spoofed AS-REP (Kerberos Authentication Service Response) response…