VYPR

CVEs

31,781 total · page 430 of 636

  • CVE-2020-25787CriSep 19, 2020
    risk 0.68cvss 9.8epss 0.18

    An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. It does not validate all URLs before requesting them.

  • CVE-2020-8158CriSep 18, 2020
    risk 0.64cvss 9.8epss 0.02

    Prototype pollution vulnerability in the TypeORM package < 0.2.25 may allow attackers to add or modify Object properties leading to further denial of service or SQL injection attacks.

  • CVE-2020-15181CriSep 18, 2020
    risk 0.00cvss 9.3epss 0.01

    The Alfresco Reset Password add-on before version 1.2.0 relies on untrusted inputs in a security decision. Intruders can get admin's access to the system using the vulnerability in the project. Impacts all servers where this add-on is installed. The problem is fixed in version…

  • CVE-2020-15188CriSep 18, 2020
    risk 0.00cvss 10.0epss 0.05

    SOY CMS 3.0.2.327 and earlier is affected by Unauthenticated Remote Code Execution (RCE). The allows remote attackers to execute any arbitrary code when the inquiry form feature is enabled by the service. The vulnerability is caused by unserializing the form without any…

  • CVE-2020-0354CriSep 18, 2020
    risk 0.64cvss 9.8epss 0.01

    In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-25756CriSep 18, 2020
    risk 0.64cvss 9.8epss 0.02

    A buffer overflow vulnerability exists in the mg_get_http_header function in Cesanta Mongoose 6.18 due to a lack of bounds checking. A crafted HTTP header can exploit this bug. NOTE: a committer has stated "this will not happen in practice.

  • CVE-2020-0333CriSep 17, 2020
    risk 0.64cvss 9.8epss 0.01

    In UrlQuerySanitizer, there is a possible improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-73822755

  • CVE-2020-25216CriSep 17, 2020
    risk 0.64cvss 9.8epss 0.02

    yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet.

  • CVE-2020-25215CriSep 17, 2020
    risk 0.64cvss 9.8epss 0.01

    yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document.

  • CVE-2020-25489CriSep 17, 2020
    risk 0.57cvss 9.8epss 0.03

    A heap overflow in Sqreen PyMiniRacer (aka Python Mini Racer) before 0.3.0 allows remote attackers to potentially exploit heap corruption.

  • CVE-2020-24753CriSep 17, 2020
    risk 0.00cvss 9.8epss 0.03

    A memory corruption vulnerability in Objective Open CBOR Run-time (oocborrt) in versions before 2020-08-12 could allow an attacker to execute code via crafted Concise Binary Object Representation (CBOR) input to the cbor2json decoder. An uncaught error while decoding CBOR Major…

  • CVE-2020-13169CriSep 17, 2020
    risk 0.59cvss 9.0epss 0.02

    Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and pages. This vulnerability may lead to the Information Disclosure and Escalation of Privileges (takeover of administrator account).

  • CVE-2020-11698CriSep 17, 2020
    risk 0.73cvss 9.8epss 0.74

    An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp-x.php would allow a remote attacker to inject commands into the file snmpd.conf that would allow executing commands on the target server.

  • CVE-2020-0380CriSep 17, 2020
    risk 0.64cvss 9.8epss 0.03

    In allocExcessBits of bitalloc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0342CriSep 17, 2020
    risk 0.64cvss 9.8epss 0.01

    There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812576

  • CVE-2020-0278CriSep 17, 2020
    risk 0.64cvss 9.8epss 0.01

    There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812574

  • CVE-2020-0229CriSep 17, 2020
    risk 0.64cvss 9.8epss 0.01

    There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-156333725

  • CVE-2020-0123CriSep 17, 2020
    risk 0.64cvss 9.8epss 0.01

    There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-149871374

  • CVE-2020-8028CriSep 17, 2020
    risk 0.60cvss 9.3epss 0.00

    A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to…

  • CVE-2020-24377CriSep 16, 2020
    risk 0.62cvss 9.6epss 0.01

    A DNS rebinding vulnerability in the Freebox OS web interface in Freebox Server before 4.2.3.

  • CVE-2020-24376CriSep 16, 2020
    risk 0.62cvss 9.6epss 0.01

    A DNS rebinding vulnerability in the UPnP IGD implementations in Freebox v5 before 1.5.29 and Freebox Server before 4.2.3.

  • CVE-2020-24374CriSep 16, 2020
    risk 0.62cvss 9.6epss 0.01

    A DNS rebinding vulnerability in Freebox v5 before 1.5.29.

  • CVE-2020-14517CriSep 16, 2020
    risk 0.64cvss 9.8epss 0.01

    Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected, including Version 6.90 or newer only if CodeMeter Runtime is running as server) and the server accepts external connections, which may allow an attacker to remotely communicate with…

  • CVE-2020-14509CriSep 16, 2020
    risk 0.64cvss 9.8epss 0.02

    Multiple memory corruption vulnerabilities exist in CodeMeter (All versions prior to 7.10) where the packet parser mechanism does not verify length fields. An attacker could send specially crafted packets to exploit these vulnerabilities.

  • CVE-2020-25614CriSep 16, 2020
    risk 0.57cvss 9.8epss 0.02

    xmlquery before 1.3.1 lacks a check for whether a LoadURL response is in the XML format, which allows attackers to cause a denial of service (SIGSEGV) at xmlquery.(*Node).InnerText or possibly have unspecified other impact.

  • CVE-2020-25412CriSep 16, 2020
    risk 0.64cvss 9.8epss 0.03

    com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy() that may lead to arbitrary code execution.

  • CVE-2020-14315CriSep 16, 2020
    risk 0.64cvss 9.8epss 0.03

    A memory corruption vulnerability is present in bspatch as shipped in Colin Percival’s bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an attacker to bypass the sanity checks in place and write out of a dynamically allocated buffer boundaries.

  • CVE-2020-7293CriSep 15, 2020
    risk 0.59cvss 9.0epss 0.01

    Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user with low permissions to change the system's root password via improper access controls in the user interface.

  • CVE-2020-23833CriSep 15, 2020
    risk 0.64cvss 9.8epss 0.04

    Projectworlds House Rental v1.0 suffers from an unauthenticated SQL Injection vulnerability, allowing remote attackers to execute arbitrary code on the hosting webserver via a malicious index.php POST request.

  • CVE-2020-23828CriSep 15, 2020
    risk 0.64cvss 9.8epss 0.04

    A File Upload vulnerability in SourceCodester Online Course Registration v1.0 allows remote attackers to achieve Remote Code Execution (RCE) on the hosting webserver by uploading a crafted PHP web-shell that bypasses the image upload filters. An attack uses…

  • CVE-2020-24561CriSep 15, 2020
    risk 0.60cvss 9.1epss 0.05

    A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system. An attacker must first obtain admin/root privileges on the SPLX console to exploit this vulnerability.

  • CVE-2020-23512CriSep 15, 2020
    risk 0.64cvss 9.8epss 0.02

    VR CAM P1 Model P1 v1 has an incorrect access control vulnerability where an attacker can obtain complete access of the device from web (remote) without authentication.

  • CVE-2020-16098CriSep 15, 2020
    risk 0.64cvss 9.8epss 0.01

    It is possible to enumerate access card credentials via an unauthenticated network connection to the server in versions of Command Centre v8.20 prior to v8.20.1166(MR3), versions of 8.10 prior to v8.10.1211(MR5), versions of 8.00 prior to v8.00.1228(MR6), all versions of 7.90…

  • CVE-2020-16096CriSep 15, 2020
    risk 0.64cvss 9.9epss 0.01

    In Gallagher Command Centre versions 8.10 prior to 8.10.1134(MR4), 8.00 prior to 8.00.1161(MR5), 7.90 prior to 7.90.991(MR5), 7.80 prior to 7.80.960(MR2), 7.70 and earlier, any operator account has access to all data that would be replicated if the system were to be (or is)…

  • CVE-2020-25576CriSep 14, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in the rand_core crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints.

  • CVE-2020-25575CriSep 14, 2020
    risk 0.00cvss 9.8epss 0.03

    An issue was discovered in the failure crate through 0.1.5 for Rust. It may introduce "compatibility hazards" in some applications, and has a type confusion flaw when downcasting. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.…

  • CVE-2020-25573CriSep 14, 2020
    risk 0.00cvss 9.8epss 0.02

    An issue was discovered in the linked-hash-map crate before 0.5.3 for Rust. It creates an uninitialized NonNull pointer, which violates a non-null constraint.

  • CVE-2019-0230CriSep 14, 2020
    risk 0.74cvss 9.8epss 0.97

    Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.

  • CVE-2020-11684CriSep 14, 2020
    risk 0.00cvss 9.1epss 0.01

    AT91bootstrap before 3.9.2 does not properly wipe encryption and authentication keys from memory before passing control to a less privileged software component. This can be exploited to disclose these keys and subsequently encrypt and sign the next boot stage (such as the…

  • CVE-2018-20432CriSep 14, 2020
    risk 0.64cvss 9.8epss 0.04

    D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated attackers to gain privileged access to the router, and to extract sensitive data or modify the configuration.

  • CVE-2020-24660CriSep 14, 2020
    risk 0.57cvss 9.8epss 0.02

    An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is used. An attacker may bypass URL-based access control to protected Virtual Hosts by submitting a non-normalized URI. This also affects versions before 0.5.2 of the "Lemonldap::NG handler for Node.js" package.

  • CVE-2020-25283CriSep 11, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. BT manager allows attackers to bypass intended access restrictions on a certain mode. The LG ID is LVE-SMP-200021 (September 2020).

  • CVE-2020-25282CriSep 11, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on LG mobile devices with Android OS 10 software. The lguicc software (for the LG Universal Integrated Circuit Card) allows attackers to bypass intended access restrictions on property values. The LG ID is LVE-SMP-200020 (September 2020).

  • CVE-2020-25279CriSep 11, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The baseband component has a buffer overflow via an abnormal SETUP message, leading to execution of arbitrary code. The Samsung ID is SVE-2020-18098 (September 2020).

  • CVE-2020-25278CriSep 11, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The Quram image codec library allows attackers to overwrite memory and execute arbitrary code via crafted JPEG data that is mishandled during decoding. The Samsung IDs are…

  • CVE-2020-1595CriSep 11, 2020
    risk 0.65cvss 9.9epss 0.02

    A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the…

  • CVE-2020-1210CriSep 11, 2020
    risk 0.64cvss 9.9epss 0.02

    A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application…

  • CVE-2020-14100CriSep 11, 2020
    risk 0.64cvss 9.8epss 0.05

    In Xiaomi router R3600 ROM version<1.0.66, filters in the set_WAN6 interface can be bypassed, causing remote code execution. The router administrator can gain root access from this vulnerability.

  • CVE-2020-14096CriSep 11, 2020
    risk 0.64cvss 9.8epss 0.01

    Memory overflow in Xiaomi AI speaker Rom version <1.59.6 can happen when the speaker verifying a malicious firmware during OTA process.

  • CVE-2020-25260CriSep 11, 2020
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to execute arbitrary code because of unsafe JSON deserialization.