VYPR

CVEs

31,781 total · page 420 of 636

  • CVE-2020-29591CriDec 11, 2020
    risk 0.64cvss 9.8epss 0.03

    Versions of the Official registry Docker images through 2.7.0 contain a blank password for the root user. Systems deployed using affected versions of the registry container may allow a remote attacker to achieve root access with a blank password.

  • CVE-2020-13556CriDec 11, 2020
    risk 0.64cvss 9.8epss 0.05

    An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to…

  • CVE-2020-24634CriDec 11, 2020
    risk 0.64cvss 9.8epss 0.02

    An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200…

  • CVE-2020-24633CriDec 11, 2020
    risk 0.64cvss 9.8epss 0.05

    There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway;…

  • CVE-2020-17530CriKEVDec 11, 2020
    risk 0.86cvss 9.8epss 0.96

    Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.

  • CVE-2020-7540CriDec 11, 2020
    risk 0.64cvss 9.8epss 0.02

    A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause…

  • CVE-2020-28215CriDec 11, 2020
    risk 0.64cvss 9.8epss 0.02

    A CWE-862: Missing Authorization vulnerability exists in Easergy T300 (firmware 2.7 and older), that could cause a wide range of problems, including information exposures, denial of service, and arbitrary code execution when access control checks are not applied consistently.

  • CVE-2020-29311CriDec 10, 2020
    risk 0.64cvss 9.8epss 0.06

    Ubilling v1.0.9 allows Remote Command Execution as Root user by executing a malicious command that is injected inside the config file and being triggered by another part of the software.

  • CVE-2020-26201CriDec 10, 2020
    risk 0.64cvss 9.8epss 0.02

    Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating System (rlx-linux) level. This allows an attacker to gain unauthorized access as an admin or root user to the device Operating System via Telnet or SSH.

  • CVE-2020-19527CriDec 10, 2020
    risk 0.64cvss 9.8epss 0.02

    iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metacharacters in the DB_NAME parameter to install/install.php.

  • CVE-2020-19142CriDec 10, 2020
    risk 0.64cvss 9.8epss 0.02

    iCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php.

  • CVE-2020-16608CriDec 10, 2020
    risk 0.63cvss 9.6epss 0.04

    Notable 1.8.4 allows XSS via crafted Markdown text, with resultant remote code execution (because nodeIntegration in webPreferences is true).

  • CVE-2020-29667CriDec 10, 2020
    risk 0.64cvss 9.8epss 0.03

    In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote attacker able to use a default cookie value, such as PHPSESSID=LANIT-IMANAGER, can achieve control over the system because of Insufficient Session Expiration.

  • CVE-2020-24445CriDec 10, 2020
    risk 0.59cvss 9.0epss 0.03

    AEM's Cloud Service offering, as well as version 6.5.6.0 (and below), are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a…

  • CVE-2019-7198CriDec 10, 2020
    risk 0.64cvss 9.8epss 0.03

    This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build…

  • CVE-2020-17142CriDec 10, 2020
    risk 0.59cvss 9.1epss 0.03

    Microsoft Exchange Remote Code Execution Vulnerability

  • CVE-2020-17132CriDec 10, 2020
    risk 0.69cvss 9.1epss 0.90

    Microsoft Exchange Remote Code Execution Vulnerability

  • CVE-2020-29659CriDec 9, 2020
    risk 0.64cvss 9.8epss 0.05

    A buffer overflow in the web server of Flexense DupScout Enterprise 10.0.18 allows a remote anonymous attacker to execute code as SYSTEM by overflowing the sid parameter via a GET /settings&sid= attack.

  • CVE-2020-26838CriDec 9, 2020
    risk 0.59cvss 9.1epss 0.02

    SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any…

  • CVE-2020-26837CriDec 9, 2020
    risk 0.59cvss 9.1epss 0.02

    SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, allows an authenticated user to upload a malicious script that can exploit an existing path traversal vulnerability to compromise confidentiality exposing elements of the file system, partially compromise…

  • CVE-2020-26831CriDec 9, 2020
    risk 0.62cvss 9.6epss 0.01

    SAP BusinessObjects BI Platform (Crystal Report), versions - 4.1, 4.2, 4.3, does not sufficiently validate uploaded XML entities during crystal report generation due to missing XML validation, An attacker with basic privileges can inject some arbitrary XML entities leading to…

  • CVE-2020-26829CriDec 9, 2020
    risk 0.65cvss 10.0epss 0.05

    SAP NetWeaver AS JAVA (P2P Cluster Communication), versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows arbitrary connections from processes because of missing authentication check, that are outside the cluster and even outside the network segment dedicated for the internal…

  • CVE-2020-17529CriDec 9, 2020
    risk 0.64cvss 9.8epss 0.03

    Out-of-bounds Write vulnerability in TCP Stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying and invalid fragmentation offset value specified in the IP header. This is only impacts builds with both…

  • CVE-2020-17528CriDec 9, 2020
    risk 0.59cvss 9.1epss 0.03

    Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying arbitrary urgent data pointer offsets within TCP packets including beyond the length of the packet.

  • CVE-2020-29657CriDec 9, 2020
    risk 0.59cvss 9.1epss 0.01

    In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unhandled_exception in the main-utils.c file.

  • CVE-2020-28274CriDec 8, 2020
    risk 0.57cvss 9.8epss 0.02

    Prototype pollution vulnerability in 'deepref' versions 1.1.1 through 1.2.1 allows attacker to cause a denial of service and may lead to remote code execution.

  • CVE-2020-29602CriDec 8, 2020
    risk 0.64cvss 9.8epss 0.02

    The official irssi docker images before 1.1-alpine (Alpine specific) contain a blank password for a root user. System using the irssi docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password.

  • CVE-2020-29601CriDec 8, 2020
    risk 0.64cvss 9.8epss 0.02

    The official notary docker images before signer-0.6.1-1 contain a blank password for a root user. System using the notary docker container deployed by affected versions of the docker image may allow an remote attacker to achieve root access with a blank password.

  • CVE-2020-29581CriDec 8, 2020
    risk 0.64cvss 9.8epss 0.02

    The official spiped docker images before 1.5-alpine contain a blank password for a root user. Systems using the spiped docker container deployed by affected versions of the docker image may allow an remote attacker to achieve root access with a blank password.

  • CVE-2020-29580CriDec 8, 2020
    risk 0.64cvss 9.8epss 0.02

    The official storm Docker images before 1.2.1 contain a blank password for a root user. Systems using the Storm Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password.

  • CVE-2020-29579CriDec 8, 2020
    risk 0.64cvss 9.8epss 0.02

    The official Express Gateway Docker images before 1.14.0 contain a blank password for a root user. Systems using the Express Gateway Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access.

  • CVE-2020-29577CriDec 8, 2020
    risk 0.64cvss 9.8epss 0.02

    The official znc docker images before 1.7.1-slim contain a blank password for a root user. Systems using the znc docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password.

  • CVE-2020-29576CriDec 8, 2020
    risk 0.64cvss 9.8epss 0.03

    The official eggdrop Docker images before 1.8.4rc2 contain a blank password for a root user. Systems using the Eggdrop Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password.

  • CVE-2020-29575CriDec 8, 2020
    risk 0.64cvss 9.8epss 0.03

    The official elixir Docker images before 1.8.0-alpine (Alpine specific) contain a blank password for a root user. Systems using the elixir Linux Docker container deployed by affected versions of the Docker image may allow a remote attacker to achieve root access with a blank…

  • CVE-2020-29564CriDec 8, 2020
    risk 0.64cvss 9.8epss 0.06

    The official Consul Docker images 0.7.1 through 1.4.2 contain a blank password for a root user. System using the Consul Docker container deployed by affected versions of the Docker image may allow a remote attacker to achieve root access with a blank password.

  • CVE-2020-29578CriDec 8, 2020
    risk 0.64cvss 9.8epss 0.02

    The official piwik Docker images before fpm-alpine (Alpine specific) contain a blank password for a root user. Systems using the Piwik Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access.

  • CVE-2020-25889CriDec 8, 2020
    risk 0.64cvss 9.8epss 0.03

    Online Bus Booking System Project Using PHP/MySQL version 1.0 has SQL injection via the login page. By placing SQL injection payload on the login page attackers can bypass the authentication and can gain the admin privilege.

  • CVE-2020-17531CriDec 8, 2020
    risk 0.64cvss 9.8epss 0.10

    A Java Serialization vulnerability was found in Apache Tapestry 4. Apache Tapestry 4 will attempt to deserialize the "sp" parameter even before invoking the page's validate method, leading to deserialization without authentication. Apache Tapestry 4 reached end of life in 2008…

  • CVE-2020-29600CriDec 7, 2020
    risk 0.64cvss 9.8epss 0.03

    In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501.

  • CVE-2020-29597CriDec 7, 2020
    risk 0.72cvss 9.8epss 0.71

    IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability. This vulnerability allows unauthenticated attackers to upload files into the server.

  • CVE-2020-29595CriDec 7, 2020
    risk 0.64cvss 9.8epss 0.01

    PlugIns\IDE_ACDStd.apl in ACDSee Photo Studio Studio Professional 2021 14.0 Build 1705 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x00000000000031aa.

  • CVE-2020-5800CriDec 7, 2020
    risk 0.64cvss 9.8epss 0.02

    The Eat Spray Love mobile app for both iOS and Android contains logic that allows users to bypass authentication and retrieve or modify information that they would not normally have access to.

  • CVE-2020-5799CriDec 7, 2020
    risk 0.64cvss 9.8epss 0.01

    The Eat Spray Love mobile app for both iOS and Android contains a backdoor account that, when modified, allowed privileged access to restricted functionality and to other users' data.

  • CVE-2020-25462CriDec 4, 2020
    risk 0.64cvss 9.8epss 0.02

    Heap buffer overflow in the fxCheckArrowFunction function at moddable/xs/sources/xsSyntaxical.c:3562 in Moddable SDK before OS200903.

  • CVE-2020-2320CriDec 3, 2020
    risk 0.57cvss 9.8epss 0.01

    Jenkins Plugin Installation Manager Tool 2.1.3 and earlier does not verify plugin downloads.

  • CVE-2020-6017CriDec 3, 2020
    risk 0.00cvss 9.8epss 0.03

    Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long unreliable segments in function SNP_ReceiveUnreliableSegment() when configured to support plain-text messages, leading to a Heap-Based Buffer Overflow and resulting in a memory corruption and…

  • CVE-2020-29288CriDec 2, 2020
    risk 0.64cvss 9.8epss 0.03

    An SQL injection vulnerability was discovered in Gym Management System In manage_user.php file, GET parameter 'id' is vulnerable.

  • CVE-2020-29287CriDec 2, 2020
    risk 0.64cvss 9.8epss 0.03

    An SQL injection vulnerability was discovered in Car Rental Management System v1.0 can be exploited via the id parameter in view_car.php or the car_id parameter in booking.php.

  • CVE-2020-29285CriDec 2, 2020
    risk 0.64cvss 9.8epss 0.01

    SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to edit_category.php.

  • CVE-2020-29284CriDec 2, 2020
    risk 0.64cvss 9.8epss 0.06

    The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the table_id parameter which allows unauthenticated SQL Injection. An attacker can send malicious input in the GET request to /dashboard/view-chair-list.php?table_id…