VYPR

CVEs

31,277 total · page 436 of 626

  • CVE-2020-12002CriMay 8, 2020
    risk 0.64cvss 9.8epss 0.09

    Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple stack-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution.

  • CVE-2020-10638CriMay 8, 2020
    risk 0.64cvss 9.8epss 0.07

    Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution.

  • CVE-2020-12735CriMay 8, 2020
    risk 0.64cvss 9.8epss 0.02

    reset.php in DomainMOD 4.13.0 uses insufficient entropy for password reset requests, leading to account takeover.

  • CVE-2020-12720CriMay 8, 2020
    risk 0.74cvss 9.8epss 0.89

    vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1 has incorrect access control.

  • CVE-2020-11050CriMay 7, 2020
    risk 0.59cvss 9.0epss 0.01

    In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched in 1.5.0.

  • CVE-2020-10794CriMay 7, 2020
    risk 0.64cvss 9.8epss 0.01

    Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to unauthenticated path traversal that allows an attacker to download the application database. This can be combined with CVE-2020-10795 for remote root access.

  • CVE-2020-10176CriMay 7, 2020
    risk 0.64cvss 9.8epss 0.02

    ASSA ABLOY Yale WIPC-301W 2.x.2.29 through 2.x.2.43_p1 devices allow Eval Injection of commands.

  • CVE-2020-4429CriMay 7, 2020
    risk 0.72cvss 9.8epss 0.71

    IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account. A remote attacker could exploit this vulnerability to login and execute arbitrary code on the system with root privileges. IBM X-Force ID: 180534.

  • CVE-2020-4428CriKEVMay 7, 2020
    risk 0.79cvss 9.1epss 0.62

    IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to execute arbitrary commands on the system. IBM X-Force ID: 180533.

  • CVE-2020-4427CriKEVMay 7, 2020
    risk 0.84cvss 9.8epss 0.70

    IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the…

  • CVE-2020-7805CriMay 7, 2020
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered on KT Slim egg IML500 (R7283, R8112, R8424) and IML520 (R8112, R8368, R8411) wifi device. This issue is a command injection allowing attackers to execute arbitrary OS commands.

  • CVE-2020-7646CriMay 7, 2020
    risk 0.64cvss 9.8epss 0.02

    curlrequest through 1.0.1 allows reading any file by populating the file parameter with user input.

  • CVE-2020-11431CriMay 7, 2020
    risk 0.59cvss 9.1epss 0.02

    The documentation component in i-net Clear Reports 16.0 to 19.2, HelpDesk 8.0 to 8.3, and PDFC 4.3 to 6.2 allows a remote unauthenticated attacker to read arbitrary system files and directories on the target server via Directory Traversal.

  • CVE-2019-18869CriMay 7, 2020
    risk 0.64cvss 9.8epss 0.01

    Leftover Debug Code in Blaauw Remote Kiln Control through v3.00r4 allows a user to execute arbitrary php code via /default.php?idx=17.

  • CVE-2019-18868CriMay 7, 2020
    risk 0.64cvss 9.8epss 0.01

    Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to access MySQL credentials in cleartext in /engine/db.inc, /lang/nl.bak, or /lang/en.bak.

  • CVE-2020-8899CriMay 6, 2020
    risk 0.64cvss 9.8epss 0.06

    There is a buffer overwrite vulnerability in the Quram qmg library of Samsung's Android OS versions O(8.x), P(9.0) and Q(10.0). An unauthenticated, unauthorized attacker sending a specially crafted MMS to a vulnerable phone can trigger a heap-based buffer overflow in the Quram…

  • CVE-2020-3318CriMay 6, 2020
    risk 0.64cvss 9.8epss 0.01

    Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower User Agent Software could allow an attacker to access a sensitive part of an affected system with a high-privileged account. For more information about these vulnerabilities, see the…

  • CVE-2020-3187CriMay 6, 2020
    risk 0.70cvss 9.1epss 0.97

    A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to…

  • CVE-2020-3125CriMay 6, 2020
    risk 0.64cvss 9.8epss 0.02

    A vulnerability in the Kerberos authentication feature of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to impersonate the Kerberos key distribution center (KDC) and bypass authentication on an affected device that is configured…

  • CVE-2020-10634CriMay 5, 2020
    risk 0.59cvss 9.1epss 0.01

    SAE IT-systems FW-50 Remote Telemetry Unit (RTU). A specially crafted request could allow an attacker to view the file structure of the affected device and access files that should be inaccessible.

  • CVE-2020-12641CriKEVMay 4, 2020
    risk 0.19cvss 9.8epss 0.84

    rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.

  • CVE-2020-12640CriMay 4, 2020
    risk 0.01cvss 9.8epss 0.07

    Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php.

  • CVE-2020-8790CriMay 4, 2020
    risk 0.64cvss 9.8epss 0.02

    The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has weak password requirements combined with improper restriction of excessive authentication attempts, which could allow a remote attacker to discover user credentials and obtain access via a…

  • CVE-2020-12110CriMay 4, 2020
    risk 0.65cvss 9.8epss 0.14

    Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304.

  • CVE-2020-1961CriMay 4, 2020
    risk 0.64cvss 9.8epss 0.05

    Vulnerability to Server-Side Template Injection on Mail templates for Apache Syncope 2.0.X releases prior to 2.0.15, 2.1.X releases prior to 2.1.6, enabling attackers to inject arbitrary JEXL expressions, leading to Remote Code Execution (RCE) was discovered.

  • CVE-2020-1959CriMay 4, 2020
    risk 0.64cvss 9.8epss 0.05

    A Server-Side Template Injection was identified in Apache Syncope prior to 2.1.6 enabling attackers to inject arbitrary Java EL expressions, leading to an unauthenticated Remote Code Execution (RCE) vulnerability. Apache Syncope uses Java Bean Validation (JSR 380) custom…

  • CVE-2020-12627CriMay 4, 2020
    risk 0.00cvss 9.8epss 0.01

    Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT' hardcoded secret key.

  • CVE-2020-7645CriMay 2, 2020
    risk 0.00cvss 9.8epss 0.01

    All versions of chrome-launcher allow execution of arbitrary commands, by controlling the $HOME environment variable in Linux operating systems.

  • CVE-2020-10683CriMay 1, 2020
    risk 0.57cvss 9.8epss 0.07

    dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.

  • CVE-2020-11016CriApr 30, 2020
    risk 0.00cvss 9.1epss 0.02

    IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the "send" functionality of the Inspect-tool of the Monitor component. An attacker with access to the IntelMQ Manager could…

  • CVE-2020-5887CriApr 30, 2020
    risk 0.59cvss 9.1epss 0.02

    On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition (VE) may expose a mechanism for remote attackers to access local daemons and bypass port lockdown settings.

  • CVE-2020-5886CriApr 30, 2020
    risk 0.59cvss 9.1epss 0.01

    On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems setup for connection mirroring in a High Availability (HA) pair transfers sensitive cryptographic objects over an insecure communications channel. This is a control plane issue…

  • CVE-2020-5885CriApr 30, 2020
    risk 0.59cvss 9.1epss 0.01

    On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems set up for connection mirroring in a high availability (HA) pair transfer sensitive cryptographic objects over an insecure communications channel. This is a control plane issue…

  • CVE-2020-5884CriApr 30, 2020
    risk 0.59cvss 9.1epss 0.01

    On versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.4, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the default deployment mode for BIG-IP high availability (HA) pair mirroring is insecure. This is a control plane issue that is exposed only on the network used for mirroring.

  • CVE-2020-7136CriApr 30, 2020
    risk 0.70cvss 9.8epss 0.80

    A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the…

  • CVE-2020-11651CriKEVApr 30, 2020
    risk 0.79cvss 9.8epss 0.96

    An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user…

  • CVE-2019-5623CriApr 29, 2020
    risk 0.64cvss 9.8epss 0.02

    Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection').

  • CVE-2019-5622CriApr 29, 2020
    risk 0.64cvss 9.8epss 0.01

    Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-798: Use of Hard-coded Credentials.

  • CVE-2019-5620CriApr 29, 2020
    risk 0.72cvss 9.8epss 0.70

    ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication for Critical Function.

  • CVE-2019-5619CriApr 29, 2020
    risk 0.67cvss 9.8epss 0.05

    AASync.com AASync version 2.2.1.0 suffers from an instance of CWE-121: Stack-based Buffer Overflow.

  • CVE-2020-11942CriApr 29, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in Open-AudIT 3.2.2. There are Multiple SQL Injections.

  • CVE-2016-11061CriApr 29, 2020
    risk 0.64cvss 9.8epss 0.02

    Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, and 7970i devices before 073.xxx.086.15410 do not properly escape parameters in the support/remoteUI/configrui.php script, which can allow an unauthenticated attacker to execute…

  • CVE-2020-12471CriApr 29, 2020
    risk 0.64cvss 9.8epss 0.03

    MonoX through 5.1.40.5152 allows remote code execution via HTML5Upload.ashx or Pages/SocialNetworking/lng/en-US/PhotoGallery.aspx because of deserialization in ModuleGallery.HTML5Upload, ModuleGallery.SilverLightUploadModule, HTML5Upload, and SilverLightUploadHandler.

  • CVE-2020-3955CriApr 29, 2020
    risk 0.61cvss 9.3epss 0.01

    ESXi 6.5 without patch ESXi650-201912104-SG and ESXi 6.7 without patch ESXi670-202004103-SG do not properly neutralize script-related HTML when viewing virtual machines attributes. VMware has evaluated the severity of this issue to be in the Important severity range with a…

  • CVE-2020-8481CriApr 29, 2020
    risk 0.64cvss 9.8epss 0.02

    For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1,…

  • CVE-2020-8479CriApr 29, 2020
    risk 0.61cvss 9.4epss 0.02

    For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+…

  • CVE-2020-12443CriApr 29, 2020
    risk 0.00cvss 9.8epss 0.04

    BigBlueButton before 2.2.6 allows remote attackers to read arbitrary files because the presfilename (lowercase) value can be a .pdf filename while the presFilename (mixed case) value has a ../ sequence. This can be leveraged for privilege escalation via a directory traversal to…

  • CVE-2020-7452CriApr 29, 2020
    risk 0.59cvss 9.1epss 0.02

    In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r357489, and 11.3-RELEASE before 11.3-RELEASE-p7, incorrect use of a user-controlled pointer in the epair virtual network module allowed vnet jailed privileged users to panic the host…

  • CVE-2019-5614CriApr 29, 2020
    risk 0.64cvss 9.8epss 0.01

    In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in accessing out-of-bounds memory leading to a kernel panic or other unpredictable…

  • CVE-2019-15874CriApr 29, 2020
    risk 0.64cvss 9.8epss 0.01

    In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in memory access after it has been freed leading to a kernel panic or other unpredictable…