VYPR

CVEs

31,781 total · page 414 of 636

  • CVE-2020-9141CriJan 13, 2021
    risk 0.59cvss 9.1epss 0.00

    There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity.

  • CVE-2020-9140CriJan 13, 2021
    risk 0.64cvss 9.8epss 0.01

    There is a vulnerability with buffer access with incorrect length value in some Huawei Smartphone.Unauthorized users may trigger code execution when a buffer overflow occurs.

  • CVE-2020-9139CriJan 13, 2021
    risk 0.59cvss 9.1epss 0.01

    There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of this vulnerability can cause memory access errors and denial of service.

  • CVE-2020-9145CriJan 13, 2021
    risk 0.59cvss 9.1epss 0.01

    There is an Out-of-bounds Write vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability may cause out-of-bounds access to the physical memory.

  • CVE-2020-27488CriJan 13, 2021
    risk 0.64cvss 9.8epss 0.02

    Loxone Miniserver devices with firmware before 11.1 (aka 11.1.9.3) are unable to use an authentication method that is based on the "signature of the update package." Therefore, these devices (or attackers who are spoofing these devices) can continue to use an unauthenticated…

  • CVE-2020-9144CriJan 13, 2021
    risk 0.64cvss 9.8epss 0.01

    There is a heap overflow vulnerability in some Huawei smartphone, attackers can exploit this vulnerability to cause heap overflows due to improper restriction of operations within the bounds of a memory buffer.

  • CVE-2020-23653CriJan 13, 2021
    risk 0.57cvss 9.8epss 0.04

    An insecure unserialize vulnerability was discovered in ThinkAdmin versions 4.x through 6.x in app/admin/controller/api/Update.php and app/wechat/controller/api/Push.php, which may lead to arbitrary remote code execution.

  • CVE-2021-3028CriJan 13, 2021
    risk 0.00cvss 9.8epss 0.03

    git-big-picture before 1.0.0 mishandles ' characters in a branch name, leading to code execution.

  • CVE-2021-23899CriJan 13, 2021
    risk 0.57cvss 9.8epss 0.02

    OWASP json-sanitizer before 1.2.2 may emit closing SCRIPT tags and CDATA section delimiters for crafted input. This allows an attacker to inject arbitrary HTML or XML into embedding documents.

  • CVE-2020-5685CriJan 13, 2021
    risk 0.64cvss 9.8epss 0.02

    UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to execute arbitrary OS commands or cause a denial-of-service (DoS) condition by sending a specially crafted request to a specific URL.

  • CVE-2020-5633CriJan 13, 2021
    risk 0.64cvss 9.8epss 0.03

    Multiple NEC products (Express5800/T110j, Express5800/T110j-S, Express5800/T110j (2nd-Gen), Express5800/T110j-S (2nd-Gen), iStorage NS100Ti, and Express5800/GT110j) where Baseboard Management Controller (BMC) firmware Rev1.09 and earlier is applied allows remote attackers to…

  • CVE-2020-25226CriJan 12, 2021
    risk 0.64cvss 9.8epss 0.02

    A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The web server of the affected devices contains a vulnerability that may…

  • CVE-2020-15800CriJan 12, 2021
    risk 0.64cvss 9.8epss 0.02

    A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All…

  • CVE-2021-3129CriKEVJan 12, 2021
    risk 0.22cvss 9.8epss 1.00

    Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.

  • CVE-2021-21465CriJan 12, 2021
    risk 0.65cvss 9.9epss 0.04

    The BW Database Interface allows an attacker with low privileges to execute any crafted database queries, exposing the backend database. An attacker can include their own SQL commands which the database will execute without properly sanitizing the untrusted data leading to SQL…

  • CVE-2020-35458CriJan 12, 2021
    risk 0.64cvss 9.8epss 0.05

    An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawk_remember_me_id parameter in the login_from_cookie cookie. The user logout routine could be used by unauthenticated remote attackers to execute code as hauser.

  • CVE-2020-26712CriJan 12, 2021
    risk 0.64cvss 9.8epss 0.02

    REDCap 10.3.4 contains a SQL injection vulnerability in the ToDoList function via sort parameter. The application uses the addition of a string of information from the submitted user that is not validated well in the database query, resulting in an SQL injection vulnerability…

  • CVE-2020-14275CriJan 12, 2021
    risk 0.64cvss 9.8epss 0.01

    Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 through 9.1.4 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations.

  • CVE-2020-27637CriJan 12, 2021
    risk 0.64cvss 9.8epss 0.02

    The R programming language’s default package manager CRAN is affected by a path traversal vulnerability that can lead to server compromise. This vulnerability affects packages installed via the R CMD install cli command or the install.packages() function from the interpreter.…

  • CVE-2021-0316CriJan 11, 2021
    risk 0.64cvss 9.8epss 0.03

    In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2020-0471CriJan 11, 2021
    risk 0.64cvss 9.8epss 0.02

    In reassemble_and_dispatch of packet_fragmenter.cc, there is a possible way to inject packets into an encrypted Bluetooth connection due to improper input validation. This could lead to remote escalation of privilege between two Bluetooth devices by a proximal attacker, with no…

  • CVE-2020-24027CriJan 11, 2021
    risk 0.64cvss 9.8epss 0.02

    In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP "PLAY" command, when the command specifies seeking by absolute time.

  • CVE-2020-11995CriJan 11, 2021
    risk 0.57cvss 9.8epss 0.06

    A deserialization vulnerability existed in dubbo 2.7.5 and its earlier versions, which could lead to malicious code execution. Most Dubbo users use Hessian2 as the default serialization/deserialization protool, during Hessian2 deserializing the HashMap object, some functions in…

  • CVE-2021-3118CriJan 11, 2021
    risk 0.64cvss 9.8epss 0.02

    EVOLUCARE ECSIMAGING (aka ECS Imaging) through 6.21.5 has multiple SQL Injection issues in the login form and the password-forgotten form (such as /req_password_user.php?email=). This allows an attacker to steal data in the database and obtain access to the application. (The…

  • CVE-2020-35205CriJan 11, 2021
    risk 0.64cvss 9.8epss 0.02

    Server Side Request Forgery (SSRF) in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to scan internal ports and make outbound connections via the initFile.jsp file. NOTE: This vulnerability only affects products that are no longer supported…

  • CVE-2021-21115CriJan 8, 2021
    risk 0.63cvss 9.6epss 0.01

    User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2021-21111CriJan 8, 2021
    risk 0.62cvss 9.6epss 0.01

    Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.

  • CVE-2021-21110CriJan 8, 2021
    risk 0.63cvss 9.6epss 0.03

    Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2021-21109CriJan 8, 2021
    risk 0.63cvss 9.6epss 0.01

    Use after free in payments in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2021-21108CriJan 8, 2021
    risk 0.63cvss 9.6epss 0.01

    Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2021-21107CriJan 8, 2021
    risk 0.62cvss 9.6epss 0.01

    Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2021-21106CriJan 8, 2021
    risk 0.63cvss 9.6epss 0.02

    Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-16025CriJan 8, 2021
    risk 0.63cvss 9.6epss 0.02

    Heap buffer overflow in clipboard in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-16024CriJan 8, 2021
    risk 0.63cvss 9.6epss 0.02

    Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-16018CriJan 8, 2021
    risk 0.62cvss 9.6epss 0.01

    Use after free in payments in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-16017CriKEVJan 8, 2021
    risk 0.75cvss 9.6epss 0.03

    Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-16016CriJan 8, 2021
    risk 0.62cvss 9.6epss 0.01

    Inappropriate implementation in base in Google Chrome prior to 86.0.4240.193 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-16014CriJan 8, 2021
    risk 0.62cvss 9.6epss 0.01

    Use after free in PPAPI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-35131CriJan 8, 2021
    risk 0.68cvss 9.8epss 0.51

    Cockpit before 0.6.1 allows an attacker to inject custom PHP code and achieve Remote Command Execution via registerCriteriaFunction in lib/MongoLite/Database.php, as demonstrated by values in JSON data to the /auth/check or /auth/requestreset URI.

  • CVE-2020-8584CriJan 8, 2021
    risk 0.64cvss 9.8epss 0.04

    Element OS versions prior to 1.8P1 and 12.2 are susceptible to a vulnerability that could allow an unauthenticated remote attacker to perform arbitrary code execution.

  • CVE-2020-7794CriJan 8, 2021
    risk 0.64cvss 9.8epss 0.02

    This affects all versions of package buns. The injection point is located in line 678 in index file lib/index.js in the exported function install(requestedModule).

  • CVE-2020-7784CriJan 8, 2021
    risk 0.64cvss 9.8epss 0.01

    This affects all versions of package ts-process-promises. The injection point is located in line 45 in main entry of package in lib/process-promises.js. The vulnerability is demonstrated with the following PoC:

  • CVE-2020-13452CriJan 7, 2021
    risk 0.64cvss 9.8epss 0.03

    In Gotenberg through 6.2.1, insecure permissions for tini (writable by user gotenberg) potentially allow an attacker to overwrite the file, which can lead to denial of service or code execution.

  • CVE-2020-13451CriJan 7, 2021
    risk 0.64cvss 9.8epss 0.03

    An incomplete-cleanup vulnerability in the Office rendering engine of Gotenberg through 6.2.1 allows an attacker to overwrite LibreOffice configuration files and execute arbitrary code via macros.

  • CVE-2020-13450CriJan 7, 2021
    risk 0.64cvss 9.8epss 0.06

    A directory traversal vulnerability in file upload function of Gotenberg through 6.2.1 allows an attacker to upload and overwrite any writable files outside the intended folder. This can lead to DoS, a change to program behavior, or code execution.

  • CVE-2020-17500CriJan 7, 2021
    risk 0.64cvss 9.8epss 0.04

    Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro before 3.8 allows Command Injection (issue 1 of 4). The NDN-210 has a web administration panel which is made available over https. The logon method is basic authentication. There is a command injection…

  • CVE-2019-18643CriJan 7, 2021
    risk 0.64cvss 9.8epss 0.04

    Rock RMS versions before 8.10 and versions 9.0 through 9.3 fails to properly validate files uploaded in the application. The only protection mechanism is a file-extension blacklist that can be bypassed by adding multiple spaces and periods after the file name. This could allow…

  • CVE-2019-18642CriJan 7, 2021
    risk 0.64cvss 9.8epss 0.02

    Rock RMS version before 8.6 is vulnerable to account takeover by tampering with the user ID parameter in the profile update feature. The lack of validation and use of sequential user IDs allows any user to change account details of any other user. This vulnerability could be…

  • CVE-2021-3029CriJan 7, 2021
    risk 0.64cvss 9.8epss 0.03

    EVOLUCARE ECSIMAGING (aka ECS Imaging) through 6.21.5 has an OS Command Injection vulnerability via shell metacharacters and an IFS manipulation. The parameter "file" on the webpage /showfile.php can be exploited to gain root access. NOTE: This vulnerability only affects…

  • CVE-2020-26972CriJan 7, 2021
    risk 0.64cvss 9.8epss 0.01

    The lifecycle of IPC Actors allows managed actors to outlive their manager actors; and the former must ensure that they are not attempting to use a dead actor they have a reference to. Such a check was omitted in WebGL, resulting in a use-after-free and a potentially exploitable…