VYPR

CVEs

31,277 total · page 438 of 626

  • CVE-2020-7055CriApr 22, 2020
    risk 0.65cvss 9.9epss 0.03

    An issue was discovered in Elementor 2.7.4. Arbitrary file upload is possible in the Elementor Import Templates function, allowing an attacker to execute code via a crafted ZIP archive.

  • CVE-2020-11011CriApr 22, 2020
    risk 0.00cvss 9.9epss 0.02

    In Phproject before version 1.7.8, there's a vulnerability which allows users with access to file uploads to execute arbitrary code. This is patched in version 1.7.8.

  • CVE-2019-20787CriApr 22, 2020
    risk 0.57cvss 9.8epss 0.02

    Teeworlds before 0.7.4 has an integer overflow when computing a tilemap size.

  • CVE-2019-19106CriApr 22, 2020
    risk 0.59cvss 9.1epss 0.01

    Improper implementation of Access Control in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows an unauthorized user to access data marked as restricted, such as viewing or editing user profiles and application settings.

  • CVE-2019-19104CriApr 22, 2020
    risk 0.59cvss 9.1epss 0.01

    The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows access to different endpoints of the application without authenticating by accessing a specific uniform resource locator (URL) , violating the access-control (ACL) rules. This issue…

  • CVE-2020-11796CriApr 22, 2020
    risk 0.64cvss 9.8epss 0.01

    In JetBrains Space through 2020-04-22, the password authentication implementation was insecure.

  • CVE-2020-11690CriApr 22, 2020
    risk 0.64cvss 9.8epss 0.02

    In JetBrains IntelliJ IDEA before 2020.1, the license server could be resolved to an untrusted host in some cases.

  • CVE-2020-10569CriApr 21, 2020
    risk 0.64cvss 9.8epss 0.03

    SysAid On-Premise 20.1.11, by default, allows the AJP protocol port, which is vulnerable to a GhostCat attack. Additionally, it allows unauthenticated access to upload files, which can be used to execute commands on the system by chaining it with a GhostCat attack. NOTE: This…

  • CVE-2020-11967CriApr 21, 2020
    risk 0.64cvss 9.8epss 0.03

    In IQrouter through 3.3.1, remote attackers can control the device (restart network, reboot, upgrade, reset) because of Incorrect Access Control. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial…

  • CVE-2020-11966CriApr 21, 2020
    risk 0.64cvss 9.8epss 0.03

    In IQrouter through 3.3.1, the Lua function reset_password in the web-panel allows remote attackers to change the root password arbitrarily. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial…

  • CVE-2020-11965CriApr 21, 2020
    risk 0.64cvss 9.8epss 0.02

    In IQrouter through 3.3.1, there is a root user without a password, which allows attackers to gain full remote access via SSH. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration (which has…

  • CVE-2020-11963CriApr 21, 2020
    risk 0.64cvss 9.8epss 0.03

    IQrouter through 3.3.1, when unconfigured, has multiple remote code execution vulnerabilities in the web-panel because of Bash Shell Metacharacter Injection. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced…

  • CVE-2020-9279CriApr 20, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A hard-coded account allows management-interface login with high privileges. The logged-in user can perform critical tasks and take full control of the device.

  • CVE-2020-9278CriApr 20, 2020
    risk 0.59cvss 9.1epss 0.02

    An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The device can be reset to its default configuration by accessing an unauthenticated URL.

  • CVE-2020-9277CriApr 20, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. Authentication can be bypassed when accessing cgi modules. This allows one to perform administrative tasks (e.g., modify the admin password) with no authentication.

  • CVE-2020-9275CriApr 20, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A cfm UDP service listening on port 65002 allows remote, unauthenticated exfiltration of administrative credentials.

  • CVE-2019-19108CriApr 20, 2020
    risk 0.61cvss 9.4epss 0.02

    An authentication weakness in the SNMP service in B&R Automation Runtime versions 2.96, 3.00, 3.01, 3.06 to 3.10, 4.00 to 4.63, 4.72 and above allows unauthenticated users to modify the configuration of B&R products via SNMP.

  • CVE-2020-11928CriApr 20, 2020
    risk 0.64cvss 9.8epss 0.04

    In the media-library-assistant plugin before 2.82 for WordPress, Remote Code Execution can occur via the tax_query, meta_query, or date_query parameter in mla_gallery via an admin.

  • CVE-2019-20786CriApr 19, 2020
    risk 0.57cvss 9.8epss 0.03

    handleIncomingPacket in conn.go in Pion DTLS before 1.5.2 lacks a check for application data with epoch 0, which allows remote attackers to inject arbitrary unencrypted data after handshake completion.

  • CVE-2020-11895CriApr 19, 2020
    risk 0.59cvss 9.1epss 0.02

    Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) in the function decompileIF() in decompile.c.

  • CVE-2020-11894CriApr 19, 2020
    risk 0.59cvss 9.1epss 0.02

    Ming (aka libming) 0.4.8 has a heap-based buffer over-read (8 bytes) in the function decompileIF() in decompile.c.

  • CVE-2020-0073CriApr 17, 2020
    risk 0.64cvss 9.8epss 0.01

    In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0072CriApr 17, 2020
    risk 0.64cvss 9.8epss 0.01

    In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0071CriApr 17, 2020
    risk 0.64cvss 9.8epss 0.01

    In rw_t2t_extract_default_locks_info of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-0070CriApr 17, 2020
    risk 0.64cvss 9.8epss 0.01

    In rw_t2t_update_lock_attributes of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2019-6203CriApr 17, 2020
    risk 0.64cvss 9.8epss 0.04

    A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. An attacker in a privileged network position may be able to intercept network traffic.

  • CVE-2020-11878CriApr 17, 2020
    risk 0.64cvss 9.8epss 0.01

    The Jitsi Meet (aka docker-jitsi-meet) stack on Docker before stable-4384-1 uses default passwords (such as passw0rd) for system accounts.

  • CVE-2020-11873CriApr 17, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A stack-based buffer overflow in the logging tool could allow an attacker to gain privileges. The LG ID is LVE-SMP-200005 (April 2020).

  • CVE-2019-20783CriApr 17, 2020
    risk 0.59cvss 9.1epss 0.00

    An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 (North America CDMA) software. The LTE protocol implementation allows a bypass of AKA (Authentication and Key Agreement). The LG ID is LVE-SMP-180014 (February 2019).

  • CVE-2019-20782CriApr 17, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. LG Advanced Flash (LAF) has a buffer overflow. The LG ID is LVE-SMP-190001 (March 2019).

  • CVE-2019-20780CriApr 17, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. Certain security settings, related to whether packages are verified and accepted only from known sources, are mishandled. The LG ID is LVE-SMP-190002 (April 2019).

  • CVE-2019-20778CriApr 17, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Backup subsystem does not properly restrict operations or validate their input. The LG ID is LVE-SMP-190004 (June 2019).

  • CVE-2019-20777CriApr 17, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService mishandles OTA Provisioning on V40 and G7 devices. The LG ID is LVE-SMP-190006 (July 2019).

  • CVE-2019-20772CriApr 17, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Account subsystem allows authorization bypass. The LG ID is LVE-SMP-190007 (August 2019).

  • CVE-2019-12002CriApr 17, 2020
    risk 0.64cvss 9.8epss 0.02

    A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and…

  • CVE-2020-10377CriApr 17, 2020
    risk 0.64cvss 9.8epss 0.01

    A weak encryption vulnerability in Mitel MiVoice Connect Client before 214.100.1214.0 could allow an unauthenticated attacker to gain access to user credentials. A successful exploit could allow an attacker to access the system with compromised user credentials.

  • CVE-2020-10211CriApr 17, 2020
    risk 0.64cvss 9.8epss 0.03

    A remote code execution vulnerability in UCB component of Mitel MiVoice Connect before 19.1 SP1 could allow an unauthenticated remote attacker to execute arbitrary scripts due to insufficient validation of URL parameters. A successful exploit could allow an attacker to gain…

  • CVE-2019-20730CriApr 16, 2020
    risk 0.64cvss 9.8epss 0.01

    Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1.00.28, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39,…

  • CVE-2020-7485CriApr 16, 2020
    risk 0.64cvss 9.8epss 0.02

    **VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1

  • CVE-2020-7224CriApr 16, 2020
    risk 0.64cvss 9.8epss 0.02

    The Aviatrix OpenVPN client through 2.5.7 on Linux, macOS, and Windows is vulnerable when OpenSSL parameters are altered from the issued value set; the parameters could allow unauthorized third-party libraries to load.

  • CVE-2020-7114CriApr 16, 2020
    risk 0.64cvss 9.8epss 0.01

    A vulnerability exists allowing attackers, when present in the same network segment as ClearPass' management interface, to make changes to certain databases in ClearPass by crafting HTTP packets. As a result of this attack, a possible complete cluster compromise might occur.…

  • CVE-2020-1964CriApr 16, 2020
    risk 0.64cvss 9.8epss 0.05

    It was noticed that Apache Heron 0.20.2-incubating, Release 0.20.1-incubating, and Release v-0.20.0-incubating does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerabilities (CWE-502: Deserialization of…

  • CVE-2020-11820CriApr 16, 2020
    risk 0.64cvss 9.8epss 0.02

    Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the entities_id parameter.

  • CVE-2020-11819CriApr 16, 2020
    risk 0.69cvss 9.8epss 0.27

    In Rukovoditel 2.5.2, an attacker may inject an arbitrary .php file location instead of a language file and thus achieve command execution.

  • CVE-2020-11816CriApr 16, 2020
    risk 0.64cvss 9.8epss 0.02

    Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the reports_id (POST) parameter.

  • CVE-2020-11815CriApr 16, 2020
    risk 0.64cvss 9.8epss 0.02

    In Rukovoditel 2.5.2, attackers can upload arbitrary file to the server by just changing the content-type value. As a result of that, an attacker can execute a command on the server. This specific attack only occurs without the Maintenance Mode setting.

  • CVE-2020-11812CriApr 16, 2020
    risk 0.64cvss 9.8epss 0.02

    Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the filters[0][value] or filters[1][value] parameter.

  • CVE-2020-11811CriApr 16, 2020
    risk 0.64cvss 9.8epss 0.03

    In qdPM 9.1, an attacker can upload a malicious .php file to the server by exploiting the Add Profile Photo capability with a crafted content-type value. After that, the attacker can execute an arbitrary command on the server using this malicious file.

  • CVE-2019-20699CriApr 16, 2020
    risk 0.64cvss 9.8epss 0.01

    Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects GS105Ev2 before 1.6.0.4, GS105PE before 1.6.0.4, GS408EPP before 1.0.0.15, GS808E before 1.7.0.7, GS908E before 1.7.0.3, GSS108E before 1.6.0.4, and GSS108EPP before 1.0.0.15.

  • CVE-2020-3653CriApr 16, 2020
    risk 0.59cvss 9.1epss 0.01

    Possible buffer over-read in windows wlan driver function due to lack of check of length of variable received from userspace in Snapdragon Compute, Snapdragon Connectivity in MSM8998, QCA6390, SC7180, SC8180X, SDM850