VYPR

CVEs

31,781 total · page 419 of 636

  • CVE-2020-35464CriDec 15, 2020
    risk 0.64cvss 9.8epss 0.02

    Version 1.3.0 of the Weave Cloud Agent Docker image contains a blank password for the root user. Systems deployed using affected versions of the Weave Cloud Agent container may allow a remote attacker to achieve root access with a blank password.

  • CVE-2020-35463CriDec 15, 2020
    risk 0.64cvss 9.8epss 0.02

    Version 1.0.0 of the Instana Dynamic APM Docker image contains a blank password for the root user. Systems deployed using affected versions of the Instana Dynamic APM container may allow a remote attacker to achieve root access with a blank password.

  • CVE-2020-35462CriDec 15, 2020
    risk 0.64cvss 9.8epss 0.02

    Version 3.16.0 of the CoScale agent Docker image contains a blank password for the root user. Systems deployed using affected versions of the CoScale agent container may allow a remote attacker to achieve root access with a blank password.

  • CVE-2020-29663CriDec 15, 2020
    risk 0.59cvss 9.1epss 0.02

    Icinga 2 v2.8.0 through v2.11.7 and v2.12.2 has an issue where revoked certificates due for renewal will automatically be renewed, ignoring the CRL. This issue is fixed in Icinga 2 v2.11.8 and v2.12.3.

  • CVE-2020-27068CriDec 15, 2020
    risk 0.64cvss 9.8epss 0.01

    Product: AndroidVersions: Android kernelAndroid ID: A-127973231References: Upstream kernel

  • CVE-2020-4747CriDec 15, 2020
    risk 0.64cvss 9.8epss 0.02

    IBM Connect:Direct for UNIX 6.1.0, 6.0.0, 4.3.0, and 4.2.0 can allow a local or remote user to obtain an authenticated CLI session due to improper authentication methods. IBM X-Force ID: 188516.

  • CVE-2020-0456CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.01

    There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170378843

  • CVE-2020-0457CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.01

    There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170367562

  • CVE-2020-0455CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.01

    There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170372514

  • CVE-2020-25228CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.01

    A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected…

  • CVE-2020-20189CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.01

    SQL Injection vulnerability in NewPK 1.1 via the title parameter to admin\newpost.php.

  • CVE-2020-8257CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.02

    Improper privilege management on services run by Citrix Gateway Plug-in for Windows, versions before and including 13.0-61.48 and 12.1-58.15, lead to privilege escalation attacks

  • CVE-2020-29511CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.02

    The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected…

  • CVE-2020-29510CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.02

    The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream…

  • CVE-2020-29509CriDec 14, 2020
    risk 0.57cvss 9.8epss 0.02

    The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected…

  • CVE-2020-20184CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.03

    GateOne allows remote attackers to execute arbitrary commands via shell metacharacters in the port field when attempting an SSH connection.

  • CVE-2020-20136CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.02

    QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are affected by an insecure deserialization vulnerability due to insecure configuration of TypeNameHandling property in Json.NET library.

  • CVE-2020-35338CriDec 14, 2020
    risk 0.65cvss 9.8epss 0.12

    The Web Administrative Interface in Mobile Viewpoint Wireless Multiplex Terminal (WMT) Playout Server 20.2.8 and earlier has a default account with a password of "pokon."

  • CVE-2020-25179CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.01

    GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network.

  • CVE-2020-25175CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.01

    GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network.

  • CVE-2020-35378CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.02

    SQL Injection in the login page in Online Bus Ticket Reservation 1.0 allows attackers to execute arbitrary SQL commands and bypass authentication via the username and password fields.

  • CVE-2020-14268CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.02

    A vulnerability in the MIME message handling of the Notes client (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote attacker to crash the client or inject code into the system which…

  • CVE-2020-14244CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.03

    A vulnerability in the MIME message handling of the Domino server (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote attacker to crash the server or inject code into the system which…

  • CVE-2020-29227CriDec 14, 2020
    risk 0.65cvss 9.8epss 0.17

    An issue was discovered in Car Rental Management System 1.0. An unauthenticated user can perform a file inclusion attack against the /index.php file with a partial filename in the "page" parameter, to cause local file inclusion resulting in code execution.

  • CVE-2020-5639CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.05

    Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitrary OS command may be executed.

  • CVE-2020-29563CriDec 12, 2020
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to gain access to the device.

  • CVE-2020-25112CriDec 11, 2020
    risk 0.66cvss 9.8epss 0.27

    An issue was discovered in the IPv6 stack in Contiki through 3.0. There are inconsistent checks for IPv6 header extension lengths. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet.

  • CVE-2020-25111CriDec 11, 2020
    risk 0.65cvss 9.8epss 0.20

    An issue was discovered in the IPv6 stack in Contiki through 3.0. There is an insufficient check for the IPv6 header length. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet.

  • CVE-2020-25110CriDec 11, 2020
    risk 0.68cvss 9.8epss 0.52

    An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The length byte of a domain name in a DNS query/response is not checked, and is used for internal memory operations. This may lead to successful Denial-of-Service, and possibly Remote Code Execution.

  • CVE-2020-25109CriDec 11, 2020
    risk 0.68cvss 9.8epss 0.52

    An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The number of DNS queries/responses (set in a DNS header) is not checked against the data present. This may lead to successful Denial-of-Service, and possibly Remote Code Execution.

  • CVE-2020-25108CriDec 11, 2020
    risk 0.68cvss 9.8epss 0.52

    An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The DNS response data length is not checked (it can be set to an arbitrary value from a packet). This may lead to successful Denial-of-Service, and possibly Remote Code Execution.

  • CVE-2020-25107CriDec 11, 2020
    risk 0.68cvss 9.8epss 0.52

    An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. There is no check on whether a domain name has '\0' termination. This may lead to successful Denial-of-Service, and possibly Remote Code Execution.

  • CVE-2020-24383CriDec 11, 2020
    risk 0.60cvss 9.1epss 0.05

    An issue was discovered in FNET through 4.6.4. The code for processing resource records in mDNS queries doesn't check for proper '\0' termination of the resource record name string, leading to an out-of-bounds read, and potentially causing information leak or Denial-or-Service.

  • CVE-2020-24341CriDec 11, 2020
    risk 0.60cvss 9.1epss 0.05

    An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually…

  • CVE-2020-24338CriDec 11, 2020
    risk 0.67cvss 9.8epss 0.36

    An issue was discovered in picoTCP through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with respect to the actual data present in a DNS response packet,…

  • CVE-2020-24336CriDec 11, 2020
    risk 0.68cvss 9.8epss 0.59

    An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is sane. Therefore, when copying an address of an arbitrary length, a buffer…

  • CVE-2020-17467CriDec 11, 2020
    risk 0.59cvss 9.1epss 0.03

    An issue was discovered in FNET through 4.6.4. The code for processing the hostname from an LLMNR request doesn't check for '\0' termination. Therefore, the deduced length of the hostname doesn't reflect the correct length of the actual data. This may lead to Information…

  • CVE-2020-17441CriDec 11, 2020
    risk 0.60cvss 9.1epss 0.07

    An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 headers does not validate whether the IPv6 payload length field is equal to the actual size of the payload, which leads to an Out-of-Bounds read during the ICMPv6 checksum calculation, resulting in either…

  • CVE-2020-17438CriDec 11, 2020
    risk 0.65cvss 9.8epss 0.19

    An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that reassembles fragmented packets fails to properly validate the total length of an incoming packet specified in its IP header, as well as the fragmentation offset value specified in the IP…

  • CVE-2020-27730CriDec 11, 2020
    risk 0.64cvss 9.8epss 0.02

    In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities.

  • CVE-2020-5948CriDec 11, 2020
    risk 0.62cvss 9.6epss 0.01

    On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user…

  • CVE-2020-19165CriDec 11, 2020
    risk 0.64cvss 9.8epss 0.02

    PHPSHE 1.7 has SQL injection via the admin.php?mod=user&userlevel_id=1 userlevel_id[] parameter.

  • CVE-2020-29574CriKEVDec 11, 2020
    risk 0.76cvss 9.8epss 0.05

    An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely.

  • CVE-2020-28440CriDec 11, 2020
    risk 0.64cvss 9.8epss 0.02

    All versions of package corenlp-js-interface are vulnerable to Command Injection via the main function.

  • CVE-2020-28439CriDec 11, 2020
    risk 0.64cvss 9.8epss 0.02

    This affects all versions of package corenlp-js-prefab. The injection point is located in line 10 in 'index.js.' It depends on a vulnerable package 'corenlp-js-interface.' Vulnerability can be exploited with the following PoC:

  • CVE-2020-27134CriDec 11, 2020
    risk 0.64cvss 9.9epss 0.02

    Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more…

  • CVE-2020-27133CriDec 11, 2020
    risk 0.64cvss 9.9epss 0.01

    Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more…

  • CVE-2020-27132CriDec 11, 2020
    risk 0.64cvss 9.9epss 0.01

    Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more…

  • CVE-2020-27127CriDec 11, 2020
    risk 0.64cvss 9.9epss 0.01

    Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more…

  • CVE-2020-15357CriDec 11, 2020
    risk 0.64cvss 9.8epss 0.04

    Network Analysis functionality in Askey AP5100W_Dual_SIG_1.01.097 and all prior versions allows remote attackers to execute arbitrary commands via a shell metacharacter in the ping, traceroute, or route options.