VYPR

CVEs

31,277 total · page 437 of 626

  • CVE-2020-12442CriApr 28, 2020
    risk 0.64cvss 9.8epss 0.02

    Ivanti Avalanche 6.3 allows a SQL injection that is vaguely associated with the Apache HTTP Server, aka Bug 683250.

  • CVE-2020-12429CriApr 28, 2020
    risk 0.64cvss 9.8epss 0.02

    Online Course Registration 2.0 has multiple SQL injections that would can lead to a complete database compromise and authentication bypass in the login pages: admin/change-password.php, admin/check_availability.php, admin/index.php, change-password.php, check_availability.php,…

  • CVE-2019-20791CriApr 28, 2020
    risk 0.57cvss 9.8epss 0.01

    OpenThread before 2019-12-13 has a stack-based buffer overflow in MeshCoP::Commissioner::GeneratePskc.

  • CVE-2017-18858CriApr 28, 2020
    risk 0.64cvss 9.8epss 0.03

    Certain NETGEAR devices are affected by command execution. This affects M4200-10MG-POE+ 12.0.2.11 and earlier, M4300-28G 12.0.2.11 and earlier, M4300-52G 12.0.2.11 and earlier, M4300-28G-POE+ 12.0.2.11 and earlier, M4300-52G-POE+ 12.0.2.11 and earlier, M4300-8X8F 12.0.2.11 and…

  • CVE-2017-18857CriApr 28, 2020
    risk 0.64cvss 9.8epss 0.01

    The NETGEAR Insight application before 2.42 for Android and iOS is affected by password mismanagement.

  • CVE-2020-12284CriApr 28, 2020
    risk 0.00cvss 9.8epss 0.04

    cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check.

  • CVE-2020-7640CriApr 27, 2020
    risk 0.57cvss 9.8epss 0.02

    pixl-class prior to 1.0.3 allows execution of arbitrary commands. The members argument of the create function can be controlled by users without any sanitization.

  • CVE-2020-7609CriApr 27, 2020
    risk 0.57cvss 9.8epss 0.02

    node-rules including 3.0.0 and prior to 5.0.0 allows injection of arbitrary commands. The argument rules of function "fromJSON()" can be controlled by users without any sanitization.

  • CVE-2018-21153CriApr 27, 2020
    risk 0.64cvss 9.8epss 0.02

    Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78,…

  • CVE-2020-9294CriApr 27, 2020
    risk 0.73cvss 9.8epss 0.78

    An improper authentication vulnerability in FortiMail 5.4.10, 6.0.7, 6.2.2 and earlier and FortiVoiceEntreprise 6.0.0 and 6.0.1 may allow a remote unauthenticated attacker to access the system as a legitimate user by requesting a password change via the user interface.

  • CVE-2020-1952CriApr 27, 2020
    risk 0.64cvss 9.8epss 0.03

    An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. When starting IoTDB, the JMX port 31999 is exposed with no certification.Then, clients could execute code remotely.

  • CVE-2020-12279CriApr 27, 2020
    risk 0.00cvss 9.8epss 0.05

    An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353.

  • CVE-2020-12278CriApr 27, 2020
    risk 0.00cvss 9.8epss 0.05

    An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352.

  • CVE-2020-9068CriApr 27, 2020
    risk 0.64cvss 9.8epss 0.01

    Huawei AR3200 products with versions of V200R007C00SPC900, V200R007C00SPCa00, V200R007C00SPCb00, V200R007C00SPCc00, V200R009C00SPC500 have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may…

  • CVE-2018-21097CriApr 27, 2020
    risk 0.64cvss 9.8epss 0.01

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects WAC505 before 5.0.5.4, WAC510 before 5.0.5.4, WAC120 before 2.1.7, WN604 before 3.3.10, WNAP320 before 3.7.11.4, WNAP210v2 before 3.7.11.4, WNDAP350 before…

  • CVE-2020-12133CriApr 27, 2020
    risk 0.64cvss 9.8epss 0.10

    The Apros Evolution, ConsciusMap, and Furukawa provisioning systems through 2.8.1 allow remote code execution because of javax.faces.ViewState Java deserialization.

  • CVE-2020-11817CriApr 27, 2020
    risk 0.64cvss 9.8epss 0.02

    In Rukovoditel V2.5.2, attackers can upload an arbitrary file to the server just changing the the content-type value. As a result of that, an attacker can execute a command on the server. This specific attack only occurs with the Maintenance Mode setting.

  • CVE-2019-18823CriApr 27, 2020
    risk 0.64cvss 9.8epss 0.03

    HTCondor up to and including stable series 8.8.6 and development series 8.9.4 has Incorrect Access Control. It is possible to use a different authentication method to submit a job than the administrator has specified. If the administrator has configured the READ or WRITE methods…

  • CVE-2019-20790CriApr 27, 2020
    risk 0.64cvss 9.8epss 0.03

    OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field.

  • CVE-2020-12274CriApr 27, 2020
    risk 0.00cvss 9.8epss 0.01

    In TestLink 1.9.20, the lib/cfields/cfieldsExport.php goback_url parameter causes a security risk because it depends on client input and is not constrained to lib/cfields/cfieldsView.php at the web site associated with the session.

  • CVE-2020-12271CriKEVApr 27, 2020
    risk 0.85cvss 9.8epss 0.42

    A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration (HTTPS) service or the User Portal exposed on the WAN zone.…

  • CVE-2020-12268CriApr 27, 2020
    risk 0.00cvss 9.8epss 0.03

    jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow.

  • CVE-2020-12267CriApr 27, 2020
    risk 0.64cvss 9.8epss 0.02

    setMarkdown in Qt before 5.14.2 has a use-after-free related to QTextMarkdownImporter::insertBlock.

  • CVE-2020-12265CriApr 26, 2020
    risk 0.57cvss 9.8epss 0.02

    The decompress package before 4.2.1 for Node.js is vulnerable to Arbitrary File Write via ../ in an archive member, when a symlink is used, because of Directory Traversal.

  • CVE-2020-7133CriApr 24, 2020
    risk 0.64cvss 9.8epss 0.02

    A unauthorized remote access vulnerability was discovered in HPE IOT + GCP version(s): 1.4.0, 1.4.1, 1.4.2, 1.2.4.2.

  • CVE-2020-7131CriApr 24, 2020
    risk 0.59cvss 9.0epss 0.01

    This document describes a security vulnerability in Blade Maintenance Entity, Integrated Maintenance Entity and Maintenance Entity products. All J/H-series NonStop systems have a security vulnerability associated with an open UDP port 17185 on the Maintenance LAN which could…

  • CVE-2020-6826CriApr 24, 2020
    risk 0.64cvss 9.8epss 0.01

    Mozilla developers Tyson Smith, Bob Clary, and Alexandru Michis reported memory safety bugs present in Firefox 74. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This…

  • CVE-2020-6825CriApr 24, 2020
    risk 0.64cvss 9.8epss 0.02

    Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been…

  • CVE-2020-6823CriApr 24, 2020
    risk 0.64cvss 9.8epss 0.02

    A malicious extension could have called browser.identity.launchWebAuthFlow, controlling the redirect_uri, and through the Promise returned, obtain the Auth code and gain access to the user's account at the service provider. This vulnerability affects Firefox < 75.

  • CVE-2020-5869CriApr 24, 2020
    risk 0.59cvss 9.1epss 0.00

    In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization is not secure by TLS and may allow on-path attackers to read / modify confidential data in transit.

  • CVE-2020-5868CriApr 24, 2020
    risk 0.64cvss 9.8epss 0.02

    In BIG-IQ 6.0.0-7.0.0, a remote access vulnerability has been discovered that may allow a remote user to execute shell commands on affected systems using HTTP requests to the BIG-IQ user interface.

  • CVE-2020-12134CriApr 24, 2020
    risk 0.64cvss 9.8epss 0.01

    Nanometrics Centaur through 4.3.23 and TitanSMA through 4.2.20 mishandle access control for the syslog log.

  • CVE-2020-11012CriApr 23, 2020
    risk 0.00cvss 9.3epss 0.02

    MinIO versions before RELEASE.2020-04-23T00-58-49Z have an authentication bypass issue in the MinIO admin API. Given an admin access key, it is possible to perform admin API operations i.e. creating new service accounts for existing access keys - without knowing the admin secret…

  • CVE-2018-21162CriApr 23, 2020
    risk 0.64cvss 9.8epss 0.03

    Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6400 before 1.0.0.78, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.8, R6300v2 before 1.0.4.6, R6400 before 1.0.1.12, R6700 before 1.0.1.16, R7000 before…

  • CVE-2018-21161CriApr 23, 2020
    risk 0.64cvss 9.8epss 0.01

    Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D7800 before 1.0.1.34, R7800 before 1.0.2.46, and R9000 before 1.0.3.16.

  • CVE-2018-21137CriApr 23, 2020
    risk 0.64cvss 9.8epss 0.01

    Certain NETGEAR devices are affected by a hardcoded password. This affects D3600 before 1.0.0.76 and D6000 before 1.0.0.76.

  • CVE-2018-21134CriApr 23, 2020
    risk 0.64cvss 9.8epss 0.01

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6700 before 1.0.1.48, R7900 before 1.0.2.16, R6900 before 1.0.1.48, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R6250 before 1.0.4.30, R6300v2 before 1.0.4.32,…

  • CVE-2018-21133CriApr 23, 2020
    risk 0.64cvss 9.8epss 0.01

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17.

  • CVE-2018-21132CriApr 23, 2020
    risk 0.64cvss 9.8epss 0.02

    Certain NETGEAR devices are affected by authentication bypass. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17.

  • CVE-2018-21131CriApr 23, 2020
    risk 0.59cvss 9.1epss 0.01

    Certain NETGEAR devices are affected by unauthenticated firmware downgrade. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17.

  • CVE-2019-20788CriApr 23, 2020
    risk 0.57cvss 9.8epss 0.02

    libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690.

  • CVE-2020-4415CriApr 23, 2020
    risk 0.64cvss 9.8epss 0.08

    IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker to execute arbitrary code on the system with the privileges of an administrator or user associated with the Spectrum…

  • CVE-2020-11945CriApr 23, 2020
    risk 0.02cvss 9.8epss 0.27

    An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code…

  • CVE-2020-11939CriApr 23, 2020
    risk 0.00cvss 9.8epss 0.03

    In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result in a controlled remote heap overflow in concat_hash_string in ssh.c. Due to the granular nature of the overflow primitive and the ability to control both the contents and…

  • CVE-2019-8359CriApr 23, 2020
    risk 0.57cvss 9.8epss 0.02

    An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. An out of bounds write is present in the data section during 6LoWPAN fragment re-assembly in the face of forged fragment offsets in os/net/ipv6/sicslowpan.c.

  • CVE-2020-12079CriApr 23, 2020
    risk 0.65cvss 10.0epss 0.02

    Beaker before 0.8.9 allows a sandbox escape, enabling system access and code execution. This occurs because Electron context isolation is not used, and therefore an attacker can conduct a prototype-pollution attack against the Electron internal messaging API.

  • CVE-2020-10915CriApr 22, 2020
    risk 0.74cvss 9.8epss 0.87

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HandshakeResult method. The issue results from the lack…

  • CVE-2020-10914CriApr 22, 2020
    risk 0.70cvss 9.8epss 0.47

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PerformHandshake method. The issue results from the…

  • CVE-2020-7489CriApr 22, 2020
    risk 0.64cvss 9.8epss 0.02

    A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in security notification). The result of this…

  • CVE-2020-7487CriApr 22, 2020
    risk 0.64cvss 9.8epss 0.01

    A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on the Modicon M218, M241, M251, and M258 controllers.