VYPR

CVEs

31,781 total · page 408 of 636

  • CVE-2020-11283CriFeb 22, 2021
    risk 0.64cvss 9.8epss 0.01

    A buffer overflow can occur when playing an MKV clip due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

  • CVE-2020-11276CriFeb 22, 2021
    risk 0.59cvss 9.1epss 0.01

    Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P IE and NOA attribute lengths in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,…

  • CVE-2020-11275CriFeb 22, 2021
    risk 0.59cvss 9.1epss 0.01

    Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial…

  • CVE-2020-11272CriFeb 22, 2021
    risk 0.64cvss 9.8epss 0.01

    Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be deleted and using a stale version later can lead to use after free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics…

  • CVE-2020-11170CriFeb 22, 2021
    risk 0.64cvss 9.8epss 0.01

    Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon…

  • CVE-2020-11163CriFeb 22, 2021
    risk 0.64cvss 9.8epss 0.01

    Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…

  • CVE-2021-26120CriFeb 22, 2021
    risk 0.63cvss 9.8epss 0.82

    Smarty before 3.1.39 allows code injection via an unexpected function name after a {function name= substring.

  • CVE-2021-24115CriFeb 22, 2021
    risk 0.00cvss 9.8epss 0.02

    In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex).

  • CVE-2021-27514CriFeb 22, 2021
    risk 0.64cvss 9.8epss 0.04

    EyesOfNetwork 5.3-10 uses an integer of between 8 and 10 digits for the session ID, which might be leveraged for brute-force authentication bypass (such as in CVE-2021-27513 exploitation).

  • CVE-2021-3210CriFeb 19, 2021
    risk 0.63cvss 9.6epss 0.03

    components/Modals/HelpTexts/GenericAll/GenericAll.jsx in Bloodhound <= 4.0.1 allows remote attackers to execute arbitrary system commands when the victim imports a malicious data file containing JavaScript in the objectId parameter.

  • CVE-2019-25024CriFeb 19, 2021
    risk 0.69cvss 9.8epss 0.28

    OpenRepeater (ORP) before 2.2 allows unauthenticated command injection via shell metacharacters in the functions/ajax_system.php post_service parameter.

  • CVE-2021-26747CriFeb 18, 2021
    risk 0.68cvss 9.8epss 0.54

    Netis WF2780 2.3.40404 and WF2411 1.1.29629 devices allow Shell Metacharacter Injection into the ping command, leading to remote code execution.

  • CVE-2021-27335CriFeb 18, 2021
    risk 0.64cvss 9.8epss 0.03

    KollectApps before 4.8.16c is affected by insecure Java deserialization, leading to Remote Code Execution via a ysoserial.payloads.CommonsCollections parameter.

  • CVE-2021-27329CriFeb 18, 2021
    risk 0.65cvss 10.0epss 0.02

    Friendica 2021.01 allows SSRF via parse_url?binurl= for DNS lookups or HTTP requests to arbitrary domain names.

  • CVE-2020-28490CriFeb 18, 2021
    risk 0.52cvss 9.1epss 0.03

    The package async-git before 1.13.2 are vulnerable to Command Injection via shell meta-characters (back-ticks). For example: git.reset('atouch HACKEDb')

  • CVE-2021-27378CriFeb 18, 2021
    risk 0.00cvss 9.8epss 0.01

    An issue was discovered in the rand_core crate before 0.6.2 for Rust. Because read_u32_into and read_u64_into mishandle certain buffer-length checks, a random number generator may be seeded with too little data.

  • CVE-2021-27377CriFeb 18, 2021
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in the yottadb crate before 1.2.0 for Rust. For some memory-allocation patterns, ydb_subscript_next_st and ydb_subscript_prev_st have a use-after-free.

  • CVE-2021-27376CriFeb 18, 2021
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures.

  • CVE-2021-27362CriFeb 17, 2021
    risk 0.64cvss 9.8epss 0.04

    The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a Read Access Violation on Control Flow starting at WPG!ReadWPG_W+0x0000000000000133, which might allow remote attackers to execute arbitrary code.

  • CVE-2021-26809CriFeb 17, 2021
    risk 0.64cvss 9.8epss 0.02

    PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php.

  • CVE-2021-25779CriFeb 17, 2021
    risk 0.64cvss 9.8epss 0.01

    Baby Care System v1.0 is vulnerable to SQL injection via the 'id' parameter on the contentsectionpage.php page.

  • CVE-2020-35339CriFeb 17, 2021
    risk 0.64cvss 9.8epss 0.04

    In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php where attackers can obtain server permissions and control the server.

  • CVE-2021-22855CriFeb 17, 2021
    risk 0.64cvss 9.8epss 0.02

    The specific function of HR Portal of Soar Cloud System accepts any type of object to be deserialized. Attackers can send malicious serialized objects to execute arbitrary commands.

  • CVE-2021-22856CriFeb 17, 2021
    risk 0.64cvss 9.8epss 0.01

    The CGE property management system contains SQL Injection vulnerabilities. Remote attackers can inject SQL commands into the parameters in Cookie and obtain data in the database without privilege.

  • CVE-2021-23885CriFeb 17, 2021
    risk 0.59cvss 9.0epss 0.01

    Privilege escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.8 allows an authenticated user to gain elevated privileges through the User Interface and execute commands on the appliance via incorrect improper neutralization of user input in the troubleshooting page.

  • CVE-2020-2501CriFeb 17, 2021
    risk 0.64cvss 9.8epss 0.03

    A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance…

  • CVE-2021-27104CriKEVFeb 16, 2021
    risk 0.86cvss 9.8epss 0.56

    Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. The fixed version is FTA_9_12_380 and later.

  • CVE-2021-27103CriKEVFeb 16, 2021
    risk 0.83cvss 9.8epss 0.11

    Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. The fixed version is FTA_9_12_416 and later.

  • CVE-2021-27101CriKEVFeb 16, 2021
    risk 0.82cvss 9.8epss 0.06

    Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. The fixed version is FTA_9_12_380 and later.

  • CVE-2020-35565CriFeb 16, 2021
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The login pages bruteforce detection is disabled by default.

  • CVE-2021-25648CriFeb 16, 2021
    risk 0.64cvss 9.8epss 0.01

    Mobile application "Testes de Codigo" 11.4 and prior allows an attacker to gain access to the administrative interface and premium features by tampering the boolean value of parameters "isAdmin" and "isPremium" located on device storage.

  • CVE-2020-24841CriFeb 16, 2021
    risk 0.64cvss 9.8epss 0.02

    PNPSCADA 2.200816204020 allows SQL injection via parameter 'interf' in /browse.jsp. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

  • CVE-2021-27236CriFeb 16, 2021
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. getfile.asp allows Unauthenticated Local File Inclusion, which can be leveraged to achieve Remote Code Execution.

  • CVE-2021-27234CriFeb 16, 2021
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. The web application suffers from SQL injection on Adminlog.asp, Archivemsgs.asp, Deletelog.asp, Eventlog.asp, and Evmlog.asp.

  • CVE-2021-3239CriFeb 15, 2021
    risk 0.65cvss 9.8epss 0.18

    E-Learning System 1.0 suffers from an unauthenticated SQL injection vulnerability, which allows remote attackers to execute arbitrary code on the hosting web server and gain a reverse shell.

  • CVE-2021-26822CriFeb 15, 2021
    risk 0.64cvss 9.8epss 0.05

    Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. This vulnerability can be exploited by a remote unauthenticated attacker to leak sensitive information and perform code execution attacks.

  • CVE-2021-26201CriFeb 15, 2021
    risk 0.64cvss 9.8epss 0.02

    The Login Panel of CASAP Automated Enrollment System 1.0 is vulnerable to SQL injection authentication bypass. An attacker can obtain access to the admin panel by injecting a SQL query in the username field of the login page.

  • CVE-2021-26200CriFeb 15, 2021
    risk 0.64cvss 9.8epss 0.02

    The user area for Library System 1.0 is vulnerable to SQL injection where a user can bypass the authentication and login as the admin user.

  • CVE-2021-3375CriFeb 15, 2021
    risk 0.64cvss 9.8epss 0.04

    ActivePresenter 6.1.6 is affected by a memory corruption vulnerability that may result in a denial of service (DoS) or arbitrary code execution.

  • CVE-2020-29026CriFeb 15, 2021
    risk 0.59cvss 9.0epss 0.01

    A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker with administrative permissions to read and write arbitrary files in the Linux file system. This issue affects: GateManager all versions prior to 9.2c.

  • CVE-2020-35775CriFeb 15, 2021
    risk 0.68cvss 9.8epss 0.13

    CITSmart before 9.1.2.23 allows LDAP Injection.

  • CVE-2021-27213CriFeb 14, 2021
    risk 0.00cvss 9.8epss 0.03

    config.py in pystemon before 2021-02-13 allows code execution via YAML deserialization because SafeLoader and safe_load are not used.

  • CVE-2019-25019CriFeb 14, 2021
    risk 0.57cvss 9.8epss 0.01

    LimeSurvey before 4.0.0-RC4 allows SQL injection via the participant model.

  • CVE-2021-26753CriFeb 12, 2021
    risk 0.64cvss 9.9epss 0.01

    NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter. This allows an attacker to obtain access to the operating system where NeDi is installed and to all application data.

  • CVE-2021-22504CriFeb 12, 2021
    risk 0.64cvss 9.8epss 0.03

    Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. The vulnerability could allow remote attackers to execute arbitrary code on an OBM server.

  • CVE-2021-20651CriFeb 12, 2021
    risk 0.59cvss 9.1epss 0.02

    Directory traversal vulnerability in ELECOM File Manager all versions allows remote attackers to create an arbitrary file or overwrite an existing file in a directory which can be accessed with the application privileges via unspecified vectors.

  • CVE-2020-27868CriFeb 12, 2021
    risk 0.70cvss 9.8epss 0.81

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Qognify Ocularis 5.9.0.395. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of serialized objects provided to the…

  • CVE-2021-21014CriFeb 11, 2021
    risk 0.52cvss 9.1epss 0.04

    Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a file upload restriction bypass. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for…

  • CVE-2021-21025CriFeb 11, 2021
    risk 0.59cvss 9.1epss 0.03

    Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to XML injection in the product layout updates. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is…

  • CVE-2021-21024CriFeb 11, 2021
    risk 0.59cvss 9.1epss 0.03

    Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a blind SQL injection vulnerability in the Search module. Successful exploitation could lead to unauthorized access to restricted resources by an unauthenticated attacker. Access…