VYPR

CVEs

31,781 total · page 428 of 636

  • CVE-2020-26899CriOct 9, 2020
    risk 0.62cvss 9.6epss 0.01

    Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.

  • CVE-2020-26898CriOct 9, 2020
    risk 0.62cvss 9.6epss 0.01

    NETGEAR RAX40 devices before 1.0.3.80 are affected by incorrect configuration of security settings.

  • CVE-2020-26897CriOct 9, 2020
    risk 0.62cvss 9.6epss 0.01

    Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.

  • CVE-2020-15243CriOct 8, 2020
    risk 0.59cvss 9.1epss 0.01

    Affected versions of Smartstore have a missing WebApi Authentication attribute. This vulnerability affects Smartstore shops in version 4.0.0 & 4.0.1 which have installed and activated the Web API plugin. Users of Smartstore 4.0.0 and 4.0.1 must merge their repository with 4.0.x…

  • CVE-2020-1914CriOct 8, 2020
    risk 0.57cvss 9.8epss 0.03

    A logic vulnerability when handling the SaveGeneratorLong instruction in Facebook Hermes prior to commit b2021df620824627f5a8c96615edbd1eb7fdddfc allows attackers to potentially read out of bounds or theoretically execute arbitrary code via crafted JavaScript. Note that this is…

  • CVE-2020-25273CriOct 8, 2020
    risk 0.64cvss 9.8epss 0.02

    In SourceCodester Online Bus Booking System 1.0, there is Authentication bypass on the Admin Login screen in admin.php via username or password SQL injection.

  • CVE-2020-11800CriOct 7, 2020
    risk 0.64cvss 9.8epss 0.09

    Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code.

  • CVE-2020-13347CriOct 7, 2020
    risk 0.59cvss 9.1epss 0.02

    A command injection vulnerability was discovered in Gitlab runner versions prior to 13.2.4, 13.3.2 and 13.4.1. When the runner is configured on a Windows system with a docker executor, which allows the attacker to run arbitrary commands on Windows host, via DOCKER_AUTH_CONFIG…

  • CVE-2020-26607CriOct 6, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered in TimaService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. PendingIntent with an empty intent is mishandled, allowing an attacker to perform a privileged action via a modified intent. The Samsung ID is SVE-2020-18418 (October…

  • CVE-2020-1907CriOct 6, 2020
    risk 0.64cvss 9.8epss 0.02

    A stack overflow in WhatsApp for Android prior to v2.20.196.16, WhatsApp Business for Android prior to v2.20.196.12, WhatsApp for iOS prior to v2.20.90, WhatsApp Business for iOS prior to v2.20.90, and WhatsApp for Portal prior to v173.0.0.29.505 could have allowed arbitrary…

  • CVE-2020-7741CriOct 6, 2020
    risk 0.57cvss 9.9epss 0.01

    This affects the package hellojs before 1.18.6. The code get the param oauth_redirect from url and pass it to location.assign without any check and sanitisation. So we can simply pass some XSS payloads into the url param oauth_redirect, such as javascript:alert(1).

  • CVE-2020-26574CriOct 6, 2020
    risk 0.63cvss 9.6epss 0.02

    Leostream Connection Broker 8.2.x is affected by stored XSS. An unauthenticated attacker can inject arbitrary JavaScript code via the webquery.pl User-Agent HTTP header. It is rendered by the admins the next time they log in. The JavaScript injected can be used to force the…

  • CVE-2020-7465CriOct 6, 2020
    risk 0.64cvss 9.8epss 0.03

    The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted L2TP control packet with AVP Q.931 Cause Code to execute arbitrary code or cause a denial of service (memory corruption).

  • CVE-2020-24218CriOct 6, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on URayTech IPTV/H.264/H.265 video encoders through 1.97. Attackers can log in as root via the password that is hard-coded in the executable file.

  • CVE-2020-24217CriOct 6, 2020
    risk 0.70cvss 9.8epss 0.40

    An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. The file-upload endpoint does not enforce authentication. Attackers can send an unauthenticated HTTP request to upload a custom firmware component, possibly in conjunction with…

  • CVE-2020-24215CriOct 6, 2020
    risk 0.68cvss 9.8epss 0.20

    An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can use hard-coded credentials in HTTP requests to perform any administrative task on the device including retrieving the device's configuration (with the cleartext admin…

  • CVE-2020-24214CriOct 6, 2020
    risk 0.70cvss 9.8epss 0.35

    An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can send a crafted unauthenticated RTSP request to cause a buffer overflow and application crash. The device will not be able to perform its main purpose of video…

  • CVE-1999-0199CriOct 6, 2020
    risk 0.57cvss 9.8epss 0.02

    manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation…

  • CVE-2020-16226CriOct 5, 2020
    risk 0.64cvss 9.8epss 0.02

    Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands.

  • CVE-2020-24231CriOct 5, 2020
    risk 0.64cvss 9.8epss 0.02

    Symmetric DS <3.12.0 uses mx4j to provide access to JMX over HTTP. mx4j, by default, has no auth and is available on all interfaces. An attacker can interact with JMX: get system info, and invoke MBean methods. It is possible to install additional MBeans from a remote host using…

  • CVE-2020-6875CriOct 5, 2020
    risk 0.64cvss 9.8epss 0.01

    A ZTE product is impacted by the improper access control vulnerability. Due to lack of an authentication protection mechanism in the program, attackers could use this vulnerability to gain access right through brute-force attacks. This affects: <ZXONE 19700…

  • CVE-2020-4493CriOct 5, 2020
    risk 0.64cvss 9.8epss 0.03

    IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow an attacker to bypass authentication and issue commands using a specially crafted HTTP command. IBM X-Force ID: 181995.

  • CVE-2020-26527CriOct 2, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in API/api/Version in Damstra Smart Asset 2020.7. Cross-origin resource sharing trusts random origins by accepting the arbitrary 'Origin: example.com' header and responding with 200 OK and a wildcard 'Access-Control-Allow-Origin: *' header.

  • CVE-2020-26525CriOct 2, 2020
    risk 0.61cvss 9.1epss 0.26

    Damstra Smart Asset 2020.7 has SQL injection via the API/api/Asset originator parameter. This allows forcing the database and server to initiate remote connections to third party DNS servers.

  • CVE-2020-15232CriOct 2, 2020
    risk 0.00cvss 9.3epss 0.01

    In mapfish-print before version 3.24, a user can do to an XML External Entity (XXE) attack with the provided SDL style.

  • CVE-2020-15231CriOct 2, 2020
    risk 0.00cvss 9.3epss 0.01

    In mapfish-print before version 3.24, a user can use the JSONP support to do a Cross-site scripting.

  • CVE-2020-12676CriOct 2, 2020
    risk 0.59cvss 9.1epss 0.03

    FusionAuth fusionauth-samlv2 0.2.3 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack".

  • CVE-2020-18191CriOct 2, 2020
    risk 0.59cvss 9.1epss 0.02

    GetSimpleCMS-3.3.15 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /GetSimpleCMS-3.3.15/admin/log.php

  • CVE-2020-18190CriOct 2, 2020
    risk 0.59cvss 9.1epss 0.02

    Bludit v3.8.1 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /admin/ajax/upload-profile-picture.

  • CVE-2020-18185CriOct 2, 2020
    risk 0.64cvss 9.8epss 0.02

    class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrary PHP code by modify the configuration file in a linux environment.

  • CVE-2020-24698CriOct 2, 2020
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution. by sending crafted queries with a…

  • CVE-2020-12126CriOct 2, 2020
    risk 0.64cvss 9.8epss 0.01

    Multiple authentication bypass vulnerabilities in the /cgi-bin/ endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to leak router settings, change configuration variables, and cause denial of service via an unauthenticated endpoint.

  • CVE-2020-12125CriOct 2, 2020
    risk 0.64cvss 9.8epss 0.04

    A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary machine instructions as root without authentication.

  • CVE-2020-12124CriOct 2, 2020
    risk 0.70cvss 9.8epss 0.75

    A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without authentication.

  • CVE-2020-26539CriOct 2, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Foxit Reader and PhantomPDF before 10.1. When there is a multiple interpretation error for /V (in the Additional Action and Field dictionaries), a use-after-free can occur with resultant remote code execution (or an information leak).

  • CVE-2020-26537CriOct 2, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in Foxit Reader and PhantomPDF before 10.1. In a certain Shading calculation, the number of outputs is unequal to the number of color components in a color space. This causes an out-of-bounds write.

  • CVE-2020-26535CriOct 2, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Foxit Reader and PhantomPDF before 10.1. If TslAlloc attempts to allocate thread local storage but obtains an unacceptable index value, V8 throws an exception that leads to a write access violation (and read access violation).

  • CVE-2020-26534CriOct 2, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Foxit Reader and PhantomPDF before 10.1. There is an Opt object use-after-free related to Field::ClearItems and Field::DeleteOptions, during AcroForm JavaScript execution.

  • CVE-2020-26518CriOct 2, 2020
    risk 0.64cvss 9.8epss 0.02

    Artica Pandora FMS before 743 allows unauthenticated attackers to conduct SQL injection attacks via the pandora_console/include/chart_generator.php session_id parameter.

  • CVE-2020-15533CriOct 1, 2020
    risk 0.64cvss 9.8epss 0.04

    In Zoho ManageEngine Application Manager 14.7 Build 14730 (before 14684, and between 14689 and 14750), the AlarmEscalation module is vulnerable to unauthenticated SQL Injection attack.

  • CVE-2020-25990CriOct 1, 2020
    risk 0.64cvss 9.8epss 0.02

    WebsiteBaker 2.12.2 allows SQL Injection via parameter 'display_name' in /websitebaker/admin/preferences/save.php. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

  • CVE-2020-12870CriSep 30, 2020
    risk 0.64cvss 9.8epss 0.02

    RainbowFish PacsOne Server 6.8.4 allows SQL injection on the username parameter in the signup page.

  • CVE-2020-26158CriSep 30, 2020
    risk 0.63cvss 9.6epss 0.02

    Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled when the batch feature is triggered. This leads to remote code execution because of Node integration.

  • CVE-2020-26157CriSep 30, 2020
    risk 0.63cvss 9.6epss 0.02

    Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled during syncing. This leads to remote code execution because of Node integration.

  • CVE-2020-26154CriSep 30, 2020
    risk 0.00cvss 9.8epss 0.04

    url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.

  • CVE-2020-26042CriSep 30, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in Hoosk CMS v1.8.0. There is a SQL injection vulnerability in install/index.php

  • CVE-2020-26041CriSep 30, 2020
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in Hoosk CmS v1.8.0. There is an Remote Code Execution vulnerability in install/index.php

  • CVE-2020-25763CriSep 30, 2020
    risk 0.64cvss 9.8epss 0.05

    Seat Reservation System version 1.0 suffers from an Unauthenticated File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading PHP files.

  • CVE-2020-25762CriSep 30, 2020
    risk 0.63cvss 9.1epss 0.11

    An issue was discovered in SourceCodester Seat Reservation System 1.0. The file admin_class.php does not perform input validation on the username and password parameters. An attacker can send malicious input in the post request to /admin/ajax.php?action=login and bypass…

  • CVE-2020-21526CriSep 30, 2020
    risk 0.64cvss 9.8epss 0.02

    An Arbitrary file writing vulnerability in halo v1.1.3. In an interface to write files in the background, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass it.