VYPR

CVEs

31,781 total · page 423 of 636

  • CVE-2020-28642CriNov 16, 2020
    risk 0.64cvss 9.8epss 0.03

    In InfiniteWP Admin Panel before 3.1.12.3, resetPasswordSendMail generates a weak password-reset code, which makes it easier for remote attackers to conduct admin Account Takeover attacks.

  • CVE-2020-8271CriNov 16, 2020
    risk 0.65cvss 9.8epss 0.11

    Unauthenticated remote code execution with root privileges in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8

  • CVE-2020-28638CriNov 13, 2020
    risk 0.64cvss 9.8epss 0.01

    ask_password in Tomb 2.0 through 2.7 returns a warning when pinentry-curses is used and $DISPLAY is non-empty, causing affected users' files to be encrypted with "tomb {W] Detected DISPLAY, but only pinentry-curses is found." as the encryption key.

  • CVE-2020-13638CriNov 13, 2020
    risk 0.70cvss 9.8epss 0.77

    lib/crud/userprocess.php in rConfig 3.9.x before 3.9.7 has an authentication bypass, leading to administrator account creation. This issue has been fixed in 3.9.7.

  • CVE-2020-12338CriNov 13, 2020
    risk 0.64cvss 9.8epss 0.02

    Insufficient control flow management in the Open WebRTC Toolkit before version 4.3.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

  • CVE-2020-24719CriNov 12, 2020
    risk 0.69cvss 9.8epss 0.23

    Exposed Erlang Cookie could lead to Remote Command Execution (RCE) attack. Communication between Erlang nodes is done by exchanging a shared secret (aka "magic cookie"). There are cases where the magic cookie is included in the content of the logs. An attacker can use the cookie…

  • CVE-2020-13877CriNov 12, 2020
    risk 0.64cvss 9.8epss 0.02

    SQL Injection issues in various ASPX pages of ResourceXpress Meeting Monitor 4.9 could lead to remote code execution and information disclosure.

  • CVE-2020-13774CriNov 12, 2020
    risk 0.65cvss 9.9epss 0.05

    An unrestricted file-upload issue in EditLaunchPadDialog.aspx in Ivanti Endpoint Manager 2019.1 and 2020.1 allows an authenticated attacker to gain remote code execution by uploading a malicious aspx file. The issue is caused by insufficient file extension validation and…

  • CVE-2020-12315CriNov 12, 2020
    risk 0.64cvss 9.8epss 0.02

    Path traversal in the Intel(R) EMA before version 1.3.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

  • CVE-2020-8752CriNov 12, 2020
    risk 0.64cvss 9.8epss 0.02

    Out-of-bounds write in IPv6 subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow an unauthenticated user to potentially enable escalation of privileges via network access.

  • CVE-2020-8747CriNov 12, 2020
    risk 0.59cvss 9.1epss 0.02

    Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access.

  • CVE-2020-7472CriNov 12, 2020
    risk 0.64cvss 9.8epss 0.03

    An authorization bypass and PHP local-file-include vulnerability in the installation component of SugarCRM before 8.0, 8.0 before 8.0.7, 9.0 before 9.0.4, and 10.0 before 10.0.0 allows for unauthenticated remote code execution against a configured SugarCRM instance via crafted…

  • CVE-2020-28271CriNov 12, 2020
    risk 0.57cvss 9.8epss 0.03

    Prototype pollution vulnerability in 'deephas' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution.

  • CVE-2020-28270CriNov 12, 2020
    risk 0.57cvss 9.8epss 0.04

    Prototype pollution vulnerability in 'object-hierarchy-access' versions 0.2.0 through 0.32.0 allows attacker to cause a denial of service and may lead to remote code execution.

  • CVE-2020-28269CriNov 12, 2020
    risk 0.64cvss 9.8epss 0.04

    Prototype pollution vulnerability in 'field' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution.

  • CVE-2020-27481CriNov 12, 2020
    risk 0.65cvss 9.8epss 0.11

    An unauthenticated SQL Injection vulnerability in Good Layers LMS Plugin <= 2.1.4 exists due to the usage of "wp_ajax_nopriv" call in WordPress, which allows any unauthenticated user to get access to the function "gdlr_lms_cancel_booking" where POST Parameter "id" was sent…

  • CVE-2020-3639CriNov 12, 2020
    risk 0.64cvss 9.8epss 0.01

    u'When a non standard SIP sigcomp message is received from the network, then there may be chances of using more UDVM cycle or memory overflow' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in…

  • CVE-2020-11196CriNov 12, 2020
    risk 0.64cvss 9.8epss 0.01

    u'Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in…

  • CVE-2020-11193CriNov 12, 2020
    risk 0.64cvss 9.8epss 0.01

    u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in…

  • CVE-2020-11184CriNov 12, 2020
    risk 0.64cvss 9.8epss 0.01

    u'Possible buffer overflow will occur in video while parsing mp4 clip with crafted esds atom size.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDX55, SDX55M,…

  • CVE-2020-11168CriNov 12, 2020
    risk 0.64cvss 9.8epss 0.01

    u'Null-pointer dereference can occur while accessing data buffer beyond its size that leads to access the buffer beyond its range' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon…

  • CVE-2020-5426CriNov 11, 2020
    risk 0.64cvss 9.8epss 0.01

    Scheduler for TAS prior to version 1.4.0 was permitting plaintext transmission of UAA client token by sending it over a non-TLS connection. This also depended on the configuration of the MySQL server which is used to cache a UAA client token used by the service. If intercepted…

  • CVE-2020-17051CriNov 11, 2020
    risk 0.64cvss 9.8epss 0.10

    Windows Network File System Remote Code Execution Vulnerability

  • CVE-2020-26824CriNov 10, 2020
    risk 0.65cvss 10.0epss 0.01

    SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Upgrade Legacy Ports Service, this has an impact to the integrity and availability of the service.

  • CVE-2020-26823CriNov 10, 2020
    risk 0.65cvss 10.0epss 0.01

    SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Upgrade Diagnostics Agent Connection Service, this has an impact to the integrity and availability of the service.

  • CVE-2020-26822CriNov 10, 2020
    risk 0.65cvss 10.0epss 0.01

    SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Outside Discovery Configuration Service, this has an impact to the integrity and availability of the service.

  • CVE-2020-26821CriNov 10, 2020
    risk 0.65cvss 10.0epss 0.01

    SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the SVG Converter Service, this has an impact to the integrity and availability of the service.

  • CVE-2020-25074CriNov 10, 2020
    risk 0.57cvss 9.8epss 0.06

    The cache action in action/cache.py in MoinMoin through 1.9.10 allows directory traversal through a crafted HTTP request. An attacker who can upload attachments to the wiki can use this to achieve remote code execution.

  • CVE-2020-13927CriKEVNov 10, 2020
    risk 0.16cvss 9.8epss 1.00

    The previous default setting for Airflow's Experimental API was to allow all API requests without authentication, but this poses security risks to users who miss this fact. From Airflow 1.10.11 the default has been changed to deny all requests by default and is documented at…

  • CVE-2020-24384CriNov 10, 2020
    risk 0.64cvss 9.8epss 0.03

    A10 Networks ACOS and aGalaxy management Graphical User Interfaces (GUIs) have an unauthenticated Remote Code Execution (RCE) vulnerability that could be used to compromise affected ACOS systems. ACOS versions 3.2.x (including and after 3.2.2), 4.x, and 5.1.x are affected.…

  • CVE-2020-0452CriNov 10, 2020
    risk 0.64cvss 9.8epss 0.03

    In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User…

  • CVE-2020-0447CriNov 10, 2020
    risk 0.64cvss 9.8epss 0.01

    There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-168251617

  • CVE-2020-0446CriNov 10, 2020
    risk 0.64cvss 9.8epss 0.01

    There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-168264528

  • CVE-2020-0445CriNov 10, 2020
    risk 0.64cvss 9.8epss 0.01

    There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-168264527

  • CVE-2020-28371CriNov 9, 2020
    risk 0.57cvss 9.8epss 0.02

    An issue was discovered in ReadyTalk Avian 1.2.0 before 2020-10-27. The FileOutputStream.write() method in FileOutputStream.java has a boundary check to prevent out-of-bounds memory read/write operations. However, an integer overflow leads to bypassing this check and achieving…

  • CVE-2020-26168CriNov 9, 2020
    risk 0.64cvss 9.8epss 0.02

    The LDAP authentication method in LdapLoginModule in Hazelcast IMDG Enterprise 4.x before 4.0.3, and Jet Enterprise 4.x through 4.2, doesn't verify properly the password in some system-user-dn scenarios. As a result, users (clients/members) can be authenticated even if they…

  • CVE-2020-14189CriNov 9, 2020
    risk 0.64cvss 9.8epss 0.02

    The execute function in in the Atlassian gajira-comment GitHub Action before version 2.0.2 allows remote attackers to execute arbitrary code in the context of a GitHub runner by creating a specially crafted GitHub issue comment.

  • CVE-2020-14188CriNov 9, 2020
    risk 0.64cvss 9.8epss 0.03

    The preprocessArgs function in the Atlassian gajira-create GitHub Action before version 2.0.1 allows remote attackers to execute arbitrary code in the context of a GitHub runner by creating a specially crafted GitHub issue.

  • CVE-2020-26542CriNov 9, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in the MongoDB Simple LDAP plugin through 2020-10-02 for Percona Server when using the SimpleLDAP authentication in conjunction with Microsoft’s Active Directory, Percona has discovered a flaw that would allow authentication to complete when passing a…

  • CVE-2020-23138CriNov 9, 2020
    risk 0.64cvss 9.8epss 0.01

    An unrestricted file upload vulnerability was discovered in the Microweber 1.1.18 admin account page. An attacker can upload PHP code or any extension (eg- .exe) to the web server by providing image data and the image/jpeg content type with a .php extension.

  • CVE-2020-24407CriNov 9, 2020
    risk 0.60cvss 9.1epss 0.06

    Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by an unsafe file upload vulnerability that could result in arbitrary code execution. This vulnerability could be abused by authenticated users with administrative permissions to the System/Data and Transfer/Import…

  • CVE-2020-28347CriNov 8, 2020
    risk 0.66cvss 9.8epss 0.74

    tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows remote attackers to execute arbitrary code via the slave_mac parameter. NOTE: this issue exists because of an incomplete fix for CVE-2020-10882 in which shell quotes are mishandled.

  • CVE-2020-28340CriNov 8, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Attackers can bypass Factory Reset Protection (FRP) via Secure Folder. The Samsung ID is SVE-2020-18546 (November 2020).

  • CVE-2020-3284CriNov 6, 2020
    risk 0.64cvss 9.8epss 0.03

    A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS…

  • CVE-2020-26214CriNov 6, 2020
    risk 0.57cvss 9.1epss 0.66

    In Alerta before version 8.1.0, users may be able to bypass LDAP authentication if they provide an empty password when Alerta server is configure to use LDAP as the authorization provider. Only deployments where LDAP servers are configured to allow unauthenticated authentication…

  • CVE-2020-25172CriNov 6, 2020
    risk 0.64cvss 9.8epss 0.02

    A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows unauthenticated attackers to upload or download arbitrary files.

  • CVE-2020-26892CriNov 6, 2020
    risk 0.57cvss 9.8epss 0.02

    The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled.

  • CVE-2020-25592CriNov 6, 2020
    risk 0.71cvss 9.8epss 0.57

    In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.

  • CVE-2020-16846CriKEVNov 6, 2020
    risk 0.87cvss 9.8epss 1.00

    An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.

  • CVE-2020-28250CriNov 6, 2020
    risk 0.64cvss 9.8epss 0.03

    Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user to run commands as root via SetFileContent.cgi because authentication is on the client side.