VYPR

CVEs

31,781 total · page 407 of 636

  • CVE-2021-27804CriMar 2, 2021
    risk 0.64cvss 9.8epss 0.04

    JPEG XL (aka jpeg-xl) through 0.3.2 allows writable memory corruption.

  • CVE-2021-25309CriMar 2, 2021
    risk 0.64cvss 9.8epss 0.01

    The telnet administrator service running on port 650 on Gigaset DX600A v41.00-175 devices does not implement any lockout or throttling functionality. This situation (together with the weak password policy that forces a 4-digit password) allows remote attackers to easily obtain…

  • CVE-2021-27886CriMar 2, 2021
    risk 0.04cvss 9.8epss 0.46

    rakibtg Docker Dashboard before 2021-02-28 allows command injection in backend/utilities/terminal.js via shell metacharacters in the command parameter of an API request. NOTE: this is NOT a Docker, Inc. product.

  • CVE-2021-3342CriMar 1, 2021
    risk 0.64cvss 9.8epss 0.04

    EPrints 3.4.2 allows remote attackers to read arbitrary files and possibly execute commands via crafted LaTeX input to a cgi/latex2png?latex= URI.

  • CVE-2021-26703CriMar 1, 2021
    risk 0.64cvss 9.8epss 0.04

    EPrints 3.4.2 allows remote attackers to read arbitrary files and possibly execute commands via crafted JSON/XML input to a cgi/ajax/phrase URI.

  • CVE-2021-26476CriMar 1, 2021
    risk 0.64cvss 9.8epss 0.03

    EPrints 3.4.2 allows remote attackers to execute OS commands via crafted LaTeX input to a cgi/cal?year= URI.

  • CVE-2021-21515CriMar 1, 2021
    risk 0.59cvss 9.0epss 0.01

    Dell EMC SourceOne, versions 7.2SP10 and prior, contain a Stored Cross-Site Scripting vulnerability. A remote low privileged attacker may potentially exploit this vulnerability, to hijack user sessions or to trick a victim application user to unknowingly send arbitrary requests…

  • CVE-2021-25914CriMar 1, 2021
    risk 0.57cvss 9.8epss 0.04

    Prototype pollution vulnerability in 'object-collider' versions 1.0.0 through 1.0.3 allows attacker to cause a denial of service and may lead to remote code execution.

  • CVE-2021-25833CriMar 1, 2021
    risk 0.67cvss 9.8epss 0.44

    A file extension handling issue was found in [server] module of ONLYOFFICE DocumentServer v4.2.0.71-v5.6.0.21. The file extension is controlled by an attacker through the request data and leads to arbitrary file overwriting. Using this vulnerability, a remote attacker can obtain…

  • CVE-2021-25832CriMar 1, 2021
    risk 0.65cvss 9.8epss 0.13

    A heap buffer overflow vulnerability inside of BMP image processing was found at [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v6.0.0. Using this vulnerability, an attacker is able to gain remote code executions on DocumentServer.

  • CVE-2021-25831CriMar 1, 2021
    risk 0.65cvss 9.8epss 0.12

    A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. An attacker must request the conversion of the crafted file from PPTT into PPTX format. Using the chain of two other bugs related to improper string handling, a remote…

  • CVE-2021-25830CriMar 1, 2021
    risk 0.65cvss 9.8epss 0.12

    A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4.2.0.236-v5.6.4.13. An attacker must request the conversion of the crafted file from DOCT into DOCX format. Using the chain of two other bugs related to improper string handling, an…

  • CVE-2021-27132CriFeb 27, 2021
    risk 0.65cvss 9.8epss 0.16

    SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.

  • CVE-2021-3197CriFeb 27, 2021
    risk 0.69cvss 9.8epss 0.72

    An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.

  • CVE-2021-3148CriFeb 27, 2021
    risk 0.64cvss 9.8epss 0.08

    An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.

  • CVE-2021-3144CriFeb 27, 2021
    risk 0.60cvss 9.1epss 0.05

    In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)

  • CVE-2021-25283CriFeb 27, 2021
    risk 0.65cvss 9.8epss 0.10

    An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks.

  • CVE-2021-25282CriFeb 27, 2021
    risk 0.70cvss 9.1epss 0.92

    An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.

  • CVE-2021-25281CriFeb 27, 2021
    risk 0.73cvss 9.8epss 0.73

    An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master.

  • CVE-2019-25022CriFeb 27, 2021
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in Scytl sVote 2.1. An attacker can inject code that gets executed by creating an election-event and injecting a payload over an event alias, because the application calls Runtime.getRuntime().exec() without validation.

  • CVE-2021-27198CriFeb 26, 2021
    risk 0.65cvss 9.8epss 0.14

    An issue was discovered in Visualware MyConnection Server before v11.1a. Unauthenticated Remote Code Execution can occur via Arbitrary File Upload in the web service when using a myspeed/sf?filename= URI. This application is written in Java and is thus cross-platform. The…

  • CVE-2021-26562CriFeb 26, 2021
    risk 0.59cvss 9.0epss 0.02

    Out-of-bounds write vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary code via syno_finder_site HTTP header.

  • CVE-2021-26561CriFeb 26, 2021
    risk 0.59cvss 9.0epss 0.02

    Stack-based buffer overflow vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary code via syno_finder_site HTTP header.

  • CVE-2021-26560CriFeb 26, 2021
    risk 0.59cvss 9.0epss 0.01

    Cleartext transmission of sensitive information vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to spoof servers via an HTTP session.

  • CVE-2019-11684CriFeb 26, 2021
    risk 0.64cvss 9.9epss 0.01

    Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component allows arbitrary and unauthenticated access to a limited subset of certificates, stored in the underlying Microsoft Windows operating system. The fixed versions implement modified…

  • CVE-2021-26904CriFeb 26, 2021
    risk 0.64cvss 9.8epss 0.02

    LMA ISIDA Retriever 5.2 allows SQL Injection.

  • CVE-2020-28199CriFeb 26, 2021
    risk 0.59cvss 9.1epss 0.02

    best it Amazon Pay Plugin before 9.4.2 for Shopware exposes Sensitive Information to an Unauthorized Actor.

  • CVE-2021-24094CriFeb 25, 2021
    risk 0.65cvss 9.8epss 0.22

    Windows TCP/IP Remote Code Execution Vulnerability

  • CVE-2021-24078CriFeb 25, 2021
    risk 0.65cvss 9.8epss 0.11

    Windows DNS Server Remote Code Execution Vulnerability

  • CVE-2021-24077CriFeb 25, 2021
    risk 0.64cvss 9.8epss 0.03

    Windows Fax Service Remote Code Execution Vulnerability

  • CVE-2021-24074CriFeb 25, 2021
    risk 0.66cvss 9.8epss 0.26

    Windows TCP/IP Remote Code Execution Vulnerability

  • CVE-2021-3406CriFeb 25, 2021
    risk 0.64cvss 9.8epss 0.01

    A flaw was found in keylime 5.8.1 and older. The issue in the Keylime agent and registrar code invalidates the cryptographic chain of trust from the Endorsement Key certificate to agent attestations.

  • CVE-2020-23534CriFeb 25, 2021
    risk 0.64cvss 9.8epss 0.01

    A server-side request forgery (SSRF) vulnerability in Upgrade.php of gopeak masterlab 2.1.5, via the 'source' parameter.

  • CVE-2021-27670CriFeb 25, 2021
    risk 0.69cvss 9.8epss 0.61

    Appspace 6.2.4 allows SSRF via the api/v1/core/proxy/jsonprequest url parameter.

  • CVE-2021-1396CriFeb 24, 2021
    risk 0.64cvss 9.8epss 0.01

    Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configuration changes. For more…

  • CVE-2021-1393CriFeb 24, 2021
    risk 0.64cvss 9.8epss 0.02

    Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configuration changes. For more…

  • CVE-2021-1388CriFeb 24, 2021
    risk 0.66cvss 10.0epss 0.14

    A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to improper token validation on a…

  • CVE-2021-1361CriFeb 24, 2021
    risk 0.64cvss 9.8epss 0.02

    A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create,…

  • CVE-2021-22667CriFeb 24, 2021
    risk 0.64cvss 9.8epss 0.04

    BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable due to the use of hard-coded credentials, which may allow an attacker to gain unauthorized access and permit the execution of arbitrary code on the BB-ESWGP506-2SFP-T (versions 1.01.01 and prior).

  • CVE-2021-21972CriKEVFeb 24, 2021
    risk 0.93cvss 9.8epss 1.00

    The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter…

  • CVE-2020-27224CriFeb 24, 2021
    risk 0.00cvss 9.6epss 0.02

    In Eclipse Theia versions up to and including 1.2.0, the Markdown Preview (@theia/preview), can be exploited to execute arbitrary code.

  • CVE-2021-20658CriFeb 24, 2021
    risk 0.64cvss 9.8epss 0.04

    SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to execute arbitrary OS commands with the web server privilege via unspecified vectors.

  • CVE-2021-27582CriFeb 23, 2021
    risk 0.52cvss 9.1epss 0.02

    org/mitre/oauth2/web/OAuthConfirmationController.java in the OpenID Connect server implementation for MITREid Connect through 1.3.3 contains a Mass Assignment (aka Autobinding) vulnerability. This arises due to unsafe usage of the @ModelAttribute annotation during the OAuth…

  • CVE-2021-21155CriFeb 22, 2021
    risk 0.63cvss 9.6epss 0.01

    Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2021-21154CriFeb 22, 2021
    risk 0.63cvss 9.6epss 0.01

    Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2021-21151CriFeb 22, 2021
    risk 0.62cvss 9.6epss 0.01

    Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2021-21150CriFeb 22, 2021
    risk 0.62cvss 9.6epss 0.01

    Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2021-27228CriFeb 22, 2021
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Shinobi through ocean version 1. lib/auth.js has Incorrect Access Control. Valid API Keys are held in an internal JS Object. Therefore an attacker can use JS Proto Method names (such as constructor or hasOwnProperty) to convince the System that the…

  • CVE-2021-3120CriFeb 22, 2021
    risk 0.67cvss 9.8epss 0.37

    An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premium plugin before 3.3.1 for WordPress allows remote attackers to achieve remote code execution on the operating system in the security context of the web server. In order to exploit this vulnerability,…

  • CVE-2020-21224CriFeb 22, 2021
    risk 0.67cvss 9.8epss 0.39

    A Remote Code Execution vulnerability has been found in Inspur ClusterEngine V4.0. A remote attacker can send a malicious login packet to the control server