VYPR

CVEs

31,781 total · page 424 of 636

  • CVE-2020-5648CriNov 6, 2020
    risk 0.64cvss 9.8epss 0.03

    Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and…

  • CVE-2020-5647CriNov 6, 2020
    risk 0.64cvss 9.8epss 0.04

    Improper access control vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QMBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QLBDE CoreOS version ’05.65.00.BD’…

  • CVE-2020-5644CriNov 6, 2020
    risk 0.64cvss 9.8epss 0.04

    Buffer overflow vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier,…

  • CVE-2020-15708CriNov 6, 2020
    risk 0.60cvss 9.3epss 0.00

    Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code.

  • CVE-2020-17510CriNov 5, 2020
    risk 0.57cvss 9.8epss 0.09

    Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass.

  • CVE-2020-27955CriNov 5, 2020
    risk 0.73cvss 9.8epss 0.83

    Git LFS 2.12.0 allows Remote Code Execution.

  • CVE-2020-15952CriNov 5, 2020
    risk 0.59cvss 9.0epss 0.02

    Immuta v2.8.2 is affected by stored XSS that allows a low-privileged user to escalate privileges to administrative permissions. Additionally, unauthenticated attackers can phish unauthenticated Immuta users to steal credentials or force actions on authenticated users through…

  • CVE-2020-7128CriNov 4, 2020
    risk 0.64cvss 9.8epss 0.02

    A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.

  • CVE-2020-27689CriNov 4, 2020
    risk 0.64cvss 9.8epss 0.02

    The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains undocumented default admin credentials for the web management interface. A remote attacker could exploit this vulnerability to login and execute commands on the device, as well as upgrade the…

  • CVE-2020-22274CriNov 4, 2020
    risk 0.64cvss 9.8epss 0.02

    JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile.

  • CVE-2020-26167CriNov 4, 2020
    risk 0.64cvss 9.8epss 0.03

    In FUEL CMS 11.4.12 and before, the page preview feature allows an anonymous user to take complete ownership of any account including an administrator one.

  • CVE-2020-22276CriNov 4, 2020
    risk 0.64cvss 9.8epss 0.03

    WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry.

  • CVE-2020-2301CriNov 4, 2020
    risk 0.57cvss 9.8epss 0.02

    Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user with any password while a successful authentication of that user is still in the optional cache when using Windows/ADSI mode.

  • CVE-2020-2300CriNov 4, 2020
    risk 0.57cvss 9.8epss 0.02

    Jenkins Active Directory Plugin 2.19 and earlier does not prohibit the use of an empty password in Windows/ADSI mode, which allows attackers to log in to Jenkins as any user depending on the configuration of the Active Directory server.

  • CVE-2020-2299CriNov 4, 2020
    risk 0.57cvss 9.8epss 0.01

    Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user if a magic constant is used as the password.

  • CVE-2020-1909CriNov 3, 2020
    risk 0.64cvss 9.8epss 0.02

    A use-after-free in a logging library in WhatsApp for iOS prior to v2.20.111 and WhatsApp Business for iOS prior to v2.20.111 could have resulted in memory corruption, crashes and potentially code execution. This could have happened only if several events occurred together in…

  • CVE-2020-16011CriNov 3, 2020
    risk 0.63cvss 9.6epss 0.02

    Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-16010CriKEVNov 3, 2020
    risk 0.75cvss 9.6epss 0.06

    Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-15999CriKEVNov 3, 2020
    risk 0.71cvss 9.6epss 0.51

    Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-15993CriNov 3, 2020
    risk 0.64cvss 9.8epss 0.01

    Use after free in printing in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-5656CriNov 2, 2020
    risk 0.64cvss 9.8epss 0.03

    Improper access control vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are…

  • CVE-2020-5653CriNov 2, 2020
    risk 0.64cvss 9.8epss 0.03

    Buffer overflow vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or…

  • CVE-2020-28039CriNov 2, 2020
    risk 0.00cvss 9.1epss 0.04

    is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected.

  • CVE-2020-28037CriNov 2, 2020
    risk 0.01cvss 9.8epss 0.08

    is_blog_installed in wp-includes/functions.php in WordPress before 5.5.2 improperly determines whether WordPress is already installed, which might allow an attacker to perform a new installation, leading to remote code execution (as well as a denial of service for the old…

  • CVE-2020-28036CriNov 2, 2020
    risk 0.00cvss 9.8epss 0.05

    wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post.

  • CVE-2020-28035CriNov 2, 2020
    risk 0.64cvss 9.8epss 0.04

    WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC.

  • CVE-2020-28032CriNov 2, 2020
    risk 0.01cvss 9.8epss 0.16

    WordPress before 5.5.2 mishandles deserialization requests in wp-includes/Requests/Utility/FilteredIterator.php.

  • CVE-2020-24881CriNov 2, 2020
    risk 0.73cvss 9.8epss 0.73

    SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning.

  • CVE-2020-23639CriNov 2, 2020
    risk 0.64cvss 9.8epss 0.03

    A command injection vulnerability exists in Moxa Inc VPort 461 Series Firmware Version 3.4 or lower that could allow a remote attacker to execute arbitrary commands in Moxa's VPort 461 Series Industrial Video Servers.

  • CVE-2020-14750CriKEVNov 2, 2020
    risk 0.87cvss 9.8epss 0.99

    Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with…

  • CVE-2018-19025CriNov 2, 2020
    risk 0.64cvss 9.8epss 0.01

    In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command, which could be executed on the K-808 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.).

  • CVE-2018-17932CriNov 2, 2020
    risk 0.64cvss 9.8epss 0.01

    JUUKO K-800 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.) is vulnerable to a replay attack and command forgery, which could allow attackers to replay commands, control the device, view commands, or cause the device to stop running.

  • CVE-2018-19950CriNov 2, 2020
    risk 0.64cvss 9.8epss 0.02

    If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11.

  • CVE-2020-3703CriNov 2, 2020
    risk 0.64cvss 9.8epss 0.01

    u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central device(This CVE is equivalent to Link Layer Length Overfow issue (CVE-2019-16336,CVE-2019-17519) and Silent Length Overflow…

  • CVE-2020-3692CriNov 2, 2020
    risk 0.64cvss 9.8epss 0.01

    u'Possible buffer overflow while updating output buffer for IMEI and Gateway Address due to lack of check of input validation for parameters received from server' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in…

  • CVE-2020-3673CriNov 2, 2020
    risk 0.64cvss 9.8epss 0.01

    u'Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to validate the index length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…

  • CVE-2020-3670CriNov 2, 2020
    risk 0.59cvss 9.1epss 0.01

    u'Potential out of bounds read while processing downlink NAS transport message due to improper length check of Information Element(IEI) NAS message container' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,…

  • CVE-2020-3657CriNov 2, 2020
    risk 0.66cvss 9.8epss 0.28

    u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client through webserver due to lack of array bound check.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial…

  • CVE-2020-3654CriNov 2, 2020
    risk 0.64cvss 9.8epss 0.01

    u'Buffer overflow occurs while processing SIP message packet due to lack of check of index validation before copying into it' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon…

  • CVE-2020-11172CriNov 2, 2020
    risk 0.64cvss 9.8epss 0.01

    u'fscanf reads a string from a file and stores its contents on a statically allocated stack memory which leads to stack overflow' in Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ6018, IPQ8064, IPQ8074, QCA9531, QCA9980

  • CVE-2020-11169CriNov 2, 2020
    risk 0.59cvss 9.1epss 0.01

    u'Buffer over-read while processing received L2CAP packet due to lack of integer overflow check' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,…

  • CVE-2020-11153CriNov 2, 2020
    risk 0.64cvss 9.8epss 0.02

    u'Out of bound memory access while processing GATT data received due to lack of check of pdu data length and leads to remote code execution' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,…

  • CVE-2020-7373CriOct 30, 2020
    risk 0.04cvss 9.8epss 0.46

    vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759. ALSO NOTE: CVE-2020-7373 is a duplicate of…

  • CVE-2020-27886CriOct 29, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in EyesOfNetwork eonweb 5.3-7 through 5.3-8. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to exploit the username_available function of the includes/functions.php file (which is called by login.php).

  • CVE-2020-27998CriOct 29, 2020
    risk 0.00cvss 9.8epss 0.02

    An issue was discovered in FastReport before 2020.4.0. It lacks a ScriptSecurity feature and therefore may mishandle (for example) GetType, typeof, TypeOf, DllImport, LoadLibrary, and GetProcAddress.

  • CVE-2020-27995CriOct 29, 2020
    risk 0.64cvss 9.8epss 0.09

    SQL Injection in Zoho ManageEngine Applications Manager 14 before 14560 allows an attacker to execute commands on the server via the MyPage.do template_resid parameter.

  • CVE-2020-27744CriOct 29, 2020
    risk 0.64cvss 9.8epss 0.06

    An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges.

  • CVE-2020-27654CriOct 29, 2020
    risk 0.64cvss 9.8epss 0.05

    Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp.

  • CVE-2020-11486CriOct 29, 2020
    risk 0.64cvss 9.8epss 0.03

    NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product's environment, which may lead to…

  • CVE-2020-11483CriOct 29, 2020
    risk 0.64cvss 9.8epss 0.01

    NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges…