VYPR

CVEs

31,781 total · page 399 of 636

  • CVE-2020-36333CriMay 5, 2021
    risk 0.59cvss 9.1epss 0.03

    themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database, because of a reset_wizard_actions hook.

  • CVE-2021-32020CriMay 3, 2021
    risk 0.00cvss 9.8epss 0.01

    The kernel in Amazon Web Services FreeRTOS before 10.4.3 has insufficient bounds checking during management of heap memory.

  • CVE-2020-23083CriMay 3, 2021
    risk 0.64cvss 9.8epss 0.04

    Unrestricted File Upload in JEECG v4.0 and earlier allows remote attackers to execute arbitrary code or gain privileges by uploading a crafted file to the component "jeecgFormDemoController.do?commonUpload".

  • CVE-2020-35758CriMay 3, 2021
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a Authentication Bypass in the Web Interface. This interface does not properly restrict access to internal functionality. Despite presenting a password login page on first access, authentication is not…

  • CVE-2020-35757CriMay 3, 2021
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is Unauthenticated Root ADB Access Over TCP. The LS9 web interface provides functionality to access ADB over TCP. This is not enabled by default, but can be enabled by sending a crafted request to a web…

  • CVE-2021-29369CriMay 3, 2021
    risk 0.57cvss 9.8epss 0.02

    The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands.

  • CVE-2021-28860CriMay 3, 2021
    risk 0.52cvss 9.1epss 0.02

    In Node.js mixme, prior to v0.5.1, an attacker can add or alter properties of an object via '__proto__' through the mutate() and merge() functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at…

  • CVE-2021-28959CriApr 30, 2021
    risk 0.65cvss 9.8epss 0.17

    Zoho ManageEngine Eventlog Analyzer through 12147 is vulnerable to unauthenticated directory traversal via an entry in a ZIP archive. This leads to remote code execution.

  • CVE-2020-24918CriApr 30, 2021
    risk 0.64cvss 9.8epss 0.04

    A buffer overflow in the RTSP service of the Ambarella Oryx RTSP Server 2020-01-07 allows an unauthenticated attacker to send a crafted RTSP request, with a long digest authentication header, to execute arbitrary code in parse_authentication_header() in libamprotocol-rtsp.so.1…

  • CVE-2021-31873CriApr 30, 2021
    risk 0.00cvss 9.8epss 0.02

    An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer overflow.

  • CVE-2021-31872CriApr 30, 2021
    risk 0.00cvss 9.8epss 0.02

    An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may result in a buffer overflow or other security impact.

  • CVE-2021-31870CriApr 30, 2021
    risk 0.00cvss 9.8epss 0.02

    An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow.

  • CVE-2020-18070CriApr 30, 2021
    risk 0.59cvss 9.1epss 0.02

    Path Traversal in iCMS v7.0.13 allows remote attackers to delete folders by injecting commands into a crafted HTTP request to the "do_del()" method of the component "database.admincp.php".

  • CVE-2021-30492criApr 29, 2021
    risk 0.52cvss epss 0.00

    ### Impact Lack of input validation of the Zendesk subdomain could expose users of the library to Server Side Request Forgery (SSRF). ### Resolution Validate the provided Zendesk subdomain to be a valid subdomain in: * getAuthUrl * getAccessToken

  • CVE-2020-22807CriApr 29, 2021
    risk 0.64cvss 9.8epss 0.01

    An issue was dicovered in vtiger crm 7.2. Union sql injection in the calendar exportdata feature.

  • CVE-2020-35430CriApr 29, 2021
    risk 0.64cvss 9.8epss 0.01

    SQL Injection in com/inxedu/OS/edu/controller/letter/AdminMsgSystemController in Inxedu v2.0.6 via the ids parameter to admin/letter/delsystem.

  • CVE-2020-21452CriApr 29, 2021
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in uniview ISC2500-S. This is an upload vulnerability where an attacker can upload malicious code via /Interface/DevManage/EC.php?cmd=upload

  • CVE-2021-30234CriApr 29, 2021
    risk 0.64cvss 9.8epss 0.03

    The api/ZRIGMP/set_MLD_PROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the MLD_PROXY_WAN_CONNECT parameter.

  • CVE-2021-30233CriApr 29, 2021
    risk 0.64cvss 9.8epss 0.03

    The api/ZRIptv/setIptvInfo interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the iptv_vlan parameter.

  • CVE-2021-30232CriApr 29, 2021
    risk 0.64cvss 9.8epss 0.03

    The api/ZRIGMP/set_IGMP_PROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the IGMP_PROXY_WAN_CONNECT parameter.

  • CVE-2021-30231CriApr 29, 2021
    risk 0.64cvss 9.8epss 0.03

    The api/zrDm/set_ZRElink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the bssaddr, abiaddr, devtoken, devid, elinksync, or elink_proc_enable parameter.

  • CVE-2021-30230CriApr 29, 2021
    risk 0.64cvss 9.8epss 0.03

    The api/ZRFirmware/set_time_zone interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the zonename parameter.

  • CVE-2021-30228CriApr 29, 2021
    risk 0.64cvss 9.8epss 0.03

    The api/ZRAndlink/set_ZRAndlink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the iandlink_proc_enable parameter.

  • CVE-2021-25812CriApr 29, 2021
    risk 0.64cvss 9.8epss 0.03

    Command injection vulnerability in China Mobile An Lianbao WF-1 1.01 via the 'ip' parameter with a POST request to /api/ZRQos/set_online_client.

  • CVE-2021-27651CriApr 29, 2021
    risk 0.68cvss 9.8epss 0.54

    In versions 8.2.1 through 8.5.2 of Pega Infinity, the password reset functionality for local accounts can be used to bypass local authentication checks.

  • CVE-2021-20090CriKEVApr 29, 2021
    risk 0.84cvss 9.8epss 1.00

    A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication.

  • CVE-2020-21995CriApr 29, 2021
    risk 0.64cvss 9.8epss 0.02

    Inim Electronics Smartliving SmartLAN/G/SI <=6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system.

  • CVE-2021-29145CriApr 29, 2021
    risk 0.64cvss 9.8epss 0.02

    A remote server side request forgery (SSRF) remote code execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability.

  • CVE-2021-31875CriApr 29, 2021
    risk 0.00cvss 9.8epss 0.02

    In mjs_json.c in Cesanta MongooseOS mJS 1.26, a maliciously formed JSON string can trigger an off-by-one heap-based buffer overflow in mjs_json_parse, which can potentially lead to redirection of control flow. NOTE: the original reporter disputes the significance of this finding…

  • CVE-2021-29483CriApr 28, 2021
    risk 0.00cvss 9.4epss 0.01

    ManageWiki is an extension to the MediaWiki project. The 'wikiconfig' API leaked the value of private configuration variables set through the ManageWiki variable to all users. This has been patched by https://github.com/miraheze/ManageWiki/compare/99f3b2c8af18...befb83c66f5b.patc…

  • CVE-2020-21994CriApr 28, 2021
    risk 0.64cvss 9.8epss 0.04

    AVE DOMINAplus <=1.10.x suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file '/xml/authClients.xml' and obtain administrative login information that allows for a…

  • CVE-2020-21991CriApr 28, 2021
    risk 0.64cvss 9.8epss 0.03

    AVE DOMINAplus <=1.10.x suffers from an authentication bypass vulnerability due to missing control check when directly calling the autologin GET parameter in changeparams.php script. Setting the autologin value to 1 allows an unauthenticated attacker to permanently disable the…

  • CVE-2020-18020CriApr 28, 2021
    risk 0.64cvss 9.8epss 0.04

    SQL Injection in PHPSHE Mall System v1.7 allows remote attackers to execute arbitrary code by injecting SQL commands into the "user_phone" parameter of a crafted HTTP request to the "admin.php" component.

  • CVE-2021-22514CriApr 28, 2021
    risk 0.64cvss 9.8epss 0.02

    An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of APM.

  • CVE-2021-30168CriApr 28, 2021
    risk 0.64cvss 9.8epss 0.02

    The sensitive information of webcam device is not properly protected. Remote attackers can unauthentically grant administrator’s credential and further control the devices.

  • CVE-2021-30167CriApr 28, 2021
    risk 0.64cvss 9.8epss 0.02

    The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user’s information and escalate privileges to control the devices.

  • CVE-2021-27648CriApr 28, 2021
    risk 0.59cvss 9.0epss 0.03

    Externally controlled reference to a resource in another sphere in quarantine functionality in Synology Antivirus Essential before 1.4.8-2801 allows remote authenticated users to obtain privilege via unspecified vectors.

  • CVE-2021-31856CriApr 28, 2021
    risk 0.06cvss 9.8epss 0.75

    A SQL Injection vulnerability in the REST API in Layer5 Meshery 0.5.2 allows an attacker to execute arbitrary SQL commands via the /experimental/patternfiles endpoint (order parameter in GetMesheryPatterns in models/meshery_pattern_persister.go).

  • CVE-2020-36326CriApr 28, 2021
    risk 0.57cvss 9.8epss 0.03

    PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by…

  • CVE-2021-20716CriApr 28, 2021
    risk 0.64cvss 9.8epss 0.03

    Hidden functionality in multiple Buffalo network devices (BHR-4RV firmware Ver.2.55 and prior, FS-G54 firmware Ver.2.04 and prior, WBR2-B11 firmware Ver.2.32 and prior, WBR2-G54 firmware Ver.2.32 and prior, WBR2-G54-KD firmware Ver.2.32 and prior, WBR-B11 firmware Ver.2.23 and…

  • CVE-2021-29476CriApr 27, 2021
    risk 0.57cvss 9.8epss 0.02

    Requests is a HTTP library written in PHP. Requests mishandles deserialization in FilteredIterator. The issue has been patched and users of `Requests` 1.6.0, 1.6.1 and 1.7.0 should update to version 1.8.0.

  • CVE-2021-30128CriApr 27, 2021
    risk 0.70cvss 9.8epss 0.81

    Apache OFBiz has unsafe deserialization prior to 17.12.07 version

  • CVE-2021-29200CriApr 27, 2021
    risk 0.68cvss 9.8epss 0.55

    Apache OFBiz has unsafe deserialization prior to 17.12.07 version An unauthenticated user can perform an RCE attack

  • CVE-2020-22001CriApr 27, 2021
    risk 0.64cvss 9.8epss 0.03

    HomeAutomation 3.3.2 suffers from an authentication bypass vulnerability when spoofing client IP address using the X-Forwarded-For header with the local (loopback) IP address value allowing remote control of the smart home solution.

  • CVE-2021-30642CriApr 27, 2021
    risk 0.64cvss 9.8epss 0.03

    An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges.

  • CVE-2021-27480CriApr 27, 2021
    risk 0.64cvss 9.8epss 0.01

    Delta Industrial Automation COMMGR Versions 1.12 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute remote code.

  • CVE-2019-25042CriApr 27, 2021
    risk 0.64cvss 9.8epss 0.02

    Unbound before 1.9.5 allows an out-of-bounds write via a compressed name in rdata_copy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited

  • CVE-2019-25039CriApr 27, 2021
    risk 0.57cvss 9.8epss 0.02

    Unbound before 1.9.5 allows an integer overflow in a size calculation in respip/respip.c. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited

  • CVE-2019-25038CriApr 27, 2021
    risk 0.57cvss 9.8epss 0.02

    Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited

  • CVE-2019-25035CriApr 27, 2021
    risk 0.57cvss 9.8epss 0.02

    Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token_par. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited