VYPR

CVEs

31,781 total · page 412 of 636

  • CVE-2020-25782CriJan 28, 2021
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered on Accfly Wireless Security IR Camera 720P System with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function CNetClientManage::ServerIP_Proto_Set during incoming message handling.

  • CVE-2021-3331CriJan 27, 2021
    risk 0.01cvss 9.8epss 0.07

    WinSCP before 5.17.10 allows remote attackers to execute arbitrary programs when the URL handler encounters a crafted URL that loads session settings. (For example, this is exploitable in a default installation in which WinSCP is the handler for sftp:// URLs.)

  • CVE-2021-3325CriJan 27, 2021
    risk 0.00cvss 9.8epss 0.02

    Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation (i.e., an installation without a hosts_deny option). This issue occurred because a new access-control feature was introduced without considering that some exiting installations…

  • CVE-2021-25311CriJan 27, 2021
    risk 0.65cvss 9.9epss 0.03

    condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the SEC_CREDENTIAL_DIRECTORY_OAUTH directory, as demonstrated by creating a file under /etc that will later be executed by root.

  • CVE-2020-23361CriJan 27, 2021
    risk 0.64cvss 9.8epss 0.01

    phpList 3.5.3 allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.

  • CVE-2020-23360CriJan 27, 2021
    risk 0.64cvss 9.8epss 0.01

    oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where a non-identical password can bypass the checks in /catalog/admin/administrators.php and /catalog/password_reset.php

  • CVE-2020-23359CriJan 27, 2021
    risk 0.64cvss 9.8epss 0.01

    WeBid 1.2.2 admin/newuser.php has an issue with password rechecking during registration because it uses a loose comparison to check the identicalness of two passwords. Two non-identical passwords can still bypass the check.

  • CVE-2013-2512CriJan 26, 2021
    risk 0.57cvss 9.8epss 0.04

    The ftpd gem 0.2.1 for Ruby allows remote attackers to execute arbitrary OS commands via shell metacharacters in a LIST or NLST command argument within FTP protocol traffic.

  • CVE-2020-27299CriJan 26, 2021
    risk 0.59cvss 9.1epss 0.02

    The affected product is vulnerable to an out-of-bounds read, which may allow an attacker to obtain and disclose sensitive data information or cause the device to crash on the OPC UA Tunneller (versions prior to 6.3.0.8233).

  • CVE-2020-27297CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.02

    The affected product is vulnerable to a heap-based buffer overflow, which may allow an attacker to manipulate memory with controlled values and remotely execute code on the OPC UA Tunneller (versions prior to 6.3.0.8233).

  • CVE-2021-3304CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.01

    Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow via a long sessionKey to the goform/login URI.

  • CVE-2021-3286CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.01

    SQL injection exists in Spotweb 1.4.9 because the notAllowedCommands protection mechanism is inadequate, e.g., a variation of the payload may be used. NOTE: this issue exists because of an incomplete fix for CVE-2020-35545.

  • CVE-2021-3278CriJan 26, 2021
    risk 0.69cvss 9.8epss 0.25

    Local Service Search Engine Management System 1.0 has a vulnerability through authentication bypass using SQL injection . Using this vulnerability, an attacker can bypass the login page.

  • CVE-2021-3199CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.08

    Directory traversal with remote code execution can occur in /upload in ONLYOFFICE Document Server before 5.6.3, when JWT is used, via a /.. sequence in an image upload parameter.

  • CVE-2021-3193CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.10

    Improper access and command validation in the Nagios Docker Config Wizard before 1.1.2, as used in Nagios XI through 5.7, allows an unauthenticated attacker to execute remote code as the apache user.

  • CVE-2021-3190CriJan 26, 2021
    risk 0.00cvss 9.8epss 0.05

    The async-git package before 1.13.2 for Node.js allows OS Command Injection via shell metacharacters, as demonstrated by git.reset and git.tag.

  • CVE-2021-3188CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.02

    phpList 3.6.0 allows CSV injection, related to the email parameter, and /lists/admin/ exports.

  • CVE-2021-3185CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.02

    A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution.

  • CVE-2021-25907CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in the containers crate before 0.9.11 for Rust. When a panic occurs, a util::{mutate,mutate2} double drop can be performed.

  • CVE-2021-25905CriJan 26, 2021
    risk 0.52cvss 9.1epss 0.02

    An issue was discovered in the bra crate before 0.1.1 for Rust. It lacks soundness because it can read uninitialized memory.

  • CVE-2021-25900CriJan 26, 2021
    risk 0.57cvss 9.8epss 0.02

    An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. There is a heap-based buffer overflow in SmallVec::insert_many.

  • CVE-2020-6779CriJan 26, 2021
    risk 0.65cvss 10.0epss 0.04

    Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromise of the…

  • CVE-2020-36199CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.02

    TinyCheck before commits 9fd360d and ea53de8 was vulnerable to command injection due to insufficient checks of input parameters in several places.

  • CVE-2020-35270CriJan 26, 2021
    risk 0.59cvss 9.1epss 0.02

    Student Result Management System In PHP With Source Code is affected by SQL injection. An attacker can able to access of Admin Panel and manage every account of Result.

  • CVE-2020-35263CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.02

    EgavilanMedia User Registration & Login System 1.0 is affected by SQL injection to the admin panel, which may allow arbitrary code execution.

  • CVE-2020-28998CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. A vulnerability exists in the Telnet service that allows a remote attacker to take full control of the device with a high-privileged account. The vulnerability exists because a system account has a default and…

  • CVE-2020-28221CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.02

    A CWE-20: Improper Input Validation vulnerability exists in EcoStruxure™ Operator Terminal Expert and Pro-face BLUE (version details in the notification) that could cause arbitrary code execution when the Ethernet Download feature is enable on the HMI.

  • CVE-2020-27583CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.04

    IBM InfoSphere Information Server 8.5.0.0 is affected by deserialization of untrusted data which could allow remote unauthenticated attackers to execute arbitrary code. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

  • CVE-2020-27540CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.01

    Bash injection vulnerability and bypass of signature verification in Rostelecom CS-C2SHW 5.0.082.1. The camera reads firmware update configuration from SD card file vc\version.json. fw-sign parameter and from this configuration is directly inserted into a bash command. Firmware…

  • CVE-2020-27539CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.01

    Heap overflow with full parsing of HTTP respose in Rostelecom CS-C2SHW 5.0.082.1. AgentUpdater service has a self-written HTTP parser and builder. HTTP parser has a heap buffer overflow (OOB write). In default configuration camera parses responses only from HTTPS URLs from…

  • CVE-2020-23448CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.02

    newbee-mall all versions are affected by incorrect access control to remotely gain privileges through AdminLoginInterceptor.java. The authentication logic of the system's background /admin is in code AdminLoginInterceptor, which can be bypassed.

  • CVE-2020-23262CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in ming-soft MCMS v5.0, where a malicious user can exploit SQL injection without logging in through /mcms/view.do.

  • CVE-2020-20269CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.05

    A specially crafted Markdown document could cause the execution of malicious JavaScript code in Caret Editor before 4.0.0-rc22.

  • CVE-2021-23901CriJan 25, 2021
    risk 0.00cvss 9.1epss 0.04

    An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's…

  • CVE-2020-8570CriJan 21, 2021
    risk 0.52cvss 9.1epss 0.04

    Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. This can potentially overwrite any files on the system…

  • CVE-2020-4958CriJan 21, 2021
    risk 0.64cvss 9.8epss 0.02

    IBM Security Identity Governance and Intelligence 5.2.6 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. IBM X-Force ID: 192209.

  • CVE-2020-3691CriJan 21, 2021
    risk 0.64cvss 9.8epss 0.01

    Possible out of bound memory access in audio due to integer underflow while processing modified contents in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &…

  • CVE-2020-3686CriJan 21, 2021
    risk 0.64cvss 9.8epss 0.01

    Possible memory out of bound issue during music playback when an incorrect bit stream content is copied into array without checking the length of array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…

  • CVE-2020-11225CriJan 21, 2021
    risk 0.64cvss 9.8epss 0.01

    Out of bound access in WLAN driver due to lack of validation of array length before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…

  • CVE-2020-11216CriJan 21, 2021
    risk 0.64cvss 9.8epss 0.01

    Buffer over read can happen in video driver when playing clip with atomsize having value UINT32_MAX in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon…

  • CVE-2020-11215CriJan 21, 2021
    risk 0.59cvss 9.1epss 0.01

    An out of bounds read can happen when processing VSA attribute due to improper minimum required length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…

  • CVE-2020-11213CriJan 21, 2021
    risk 0.64cvss 9.8epss 0.01

    Out of bound reads might occur in while processing Service descriptor due to improper validation of length of fields in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…

  • CVE-2020-11212CriJan 21, 2021
    risk 0.64cvss 9.8epss 0.01

    Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of field check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…

  • CVE-2020-11197CriJan 21, 2021
    risk 0.64cvss 9.8epss 0.01

    Possible integer overflow can occur when stream info update is called when total number of streams detected are zero while parsing TS clip with invalid data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…

  • CVE-2020-11167CriJan 21, 2021
    risk 0.64cvss 9.8epss 0.01

    Memory corruption while calculating L2CAP packet length in reassembly logic when remote sends more data than expected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,…

  • CVE-2020-11144CriJan 21, 2021
    risk 0.59cvss 9.1epss 0.01

    Buffer over-read while UE process invalid DL ROHC packet for decompression due to lack of check of size of compresses packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,…

  • CVE-2020-11143CriJan 21, 2021
    risk 0.64cvss 9.8epss 0.01

    Out of bound memory access during music playback with modified content due to copying data without checking destination buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon…

  • CVE-2020-11140CriJan 21, 2021
    risk 0.64cvss 9.8epss 0.01

    Out of bound memory access during music playback with ALAC modified content due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &…

  • CVE-2020-11138CriJan 21, 2021
    risk 0.64cvss 9.8epss 0.01

    Uninitialized pointers accessed during music play back with incorrect bit stream due to an uninitialized heap memory result in instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,…

  • CVE-2020-11137CriJan 21, 2021
    risk 0.64cvss 9.8epss 0.01

    Integer multiplication overflow resulting in lower buffer size allocation than expected causes memory access out of bounds resulting in possible device instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial…