VYPR

CVEs

31,277 total · page 445 of 626

  • CVE-2020-6967CriMar 23, 2020
    risk 0.64cvss 9.8epss 0.05

    In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, FactoryTalk Diagnostics exposes a .NET Remoting endpoint via RNADiagnosticsSrv.exe at TCPtcp/8082, which can insecurely deserialize untrusted data.

  • CVE-2020-7480CriMar 23, 2020
    risk 0.64cvss 9.8epss 0.01

    A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists in Andover Continuum (All versions), which could cause files on the application server filesystem to be viewable when an attacker interferes with an application's processing of XML data.

  • CVE-2020-5722CriKEVMar 23, 2020
    risk 0.85cvss 9.8epss 0.84

    The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. An attacker can use this vulnerability to execute shell commands as root on versions before 1.0.19.20 or inject HTML in password recovery…

  • CVE-2019-6560CriMar 23, 2020
    risk 0.59cvss 9.1epss 0.01

    In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and prior and Marine Observer Pro (Android App), the software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.

  • CVE-2020-7475CriMar 23, 2020
    risk 0.64cvss 9.8epss 0.02

    A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), reflective DLL, vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to…

  • CVE-2019-20627CriMar 23, 2020
    risk 0.57cvss 9.8epss 0.02

    AutoUpdater.cs in AutoUpdater.NET before 1.5.8 allows XXE.

  • CVE-2020-9760CriMar 23, 2020
    risk 0.00cvss 9.8epss 0.02

    An issue was discovered in WeeChat before 2.7.1 (0.3.4 to 2.7 are affected). When a new IRC message 005 is received with longer nick prefixes, a buffer overflow and possibly a crash can happen when a new mode is set for a nick.

  • CVE-2020-10661CriMar 23, 2020
    risk 0.52cvss 9.1epss 0.01

    HashiCorp Vault and Vault Enterprise versions 0.11.0 through 1.3.3 may, under certain circumstances, have existing nested-path policies grant access to Namespaces created after-the-fact. Fixed in 1.3.4.

  • CVE-2020-9752CriMar 23, 2020
    risk 0.64cvss 9.8epss 0.01

    Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a local file in any path on the filesystem as a system privilege through its named pipe.

  • CVE-2020-10806CriMar 22, 2020
    risk 0.64cvss 9.8epss 0.02

    eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration…

  • CVE-2019-12767CriMar 21, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H Hot Fix. Attackers can execute arbitrary commands.

  • CVE-2013-7487CriMar 21, 2020
    risk 0.64cvss 9.8epss 0.03

    On Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices, raysharpdvr application has a vulnerable call to “system”, which allows remote attackers to execute arbitrary code via TCP port 9000.

  • CVE-2020-10799CriMar 20, 2020
    risk 0.57cvss 9.8epss 0.01

    The svglib package through 0.9.3 for Python allows XXE attacks via an svg2rlg call.

  • CVE-2019-11574CriMar 20, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in Simple Machines Forum (SMF) before release 2.0.17. There is SSRF related to Subs-Package.php and Subs.php because user-supplied data is used directly in curl calls.

  • CVE-2019-18641CriMar 20, 2020
    risk 0.57cvss 9.8epss 0.03

    Rock RMS before 1.8.6 mishandles vCard access control within the People/GetVCard/REST controller.

  • CVE-2019-15522CriMar 20, 2020
    risk 0.00cvss 9.8epss 0.02

    An issue was discovered in LINBIT csync2 through 2.0. csync_daemon_session in daemon.c neglects to force a failure of a hello command when the configuration requires use of SSL.

  • CVE-2020-8137CriMar 20, 2020
    risk 0.64cvss 9.8epss 0.04

    Code injection vulnerability in blamer 1.0.0 and earlier may result in remote code execution when the input can be controlled by an attacker.

  • CVE-2020-8135CriMar 20, 2020
    risk 0.64cvss 9.8epss 0.01

    The uppy npm package < 1.9.3 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal systems.

  • CVE-2020-7961CriKEVMar 20, 2020
    risk 0.87cvss 9.8epss 1.00

    Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS).

  • CVE-2019-12498CriMar 20, 2020
    risk 0.64cvss 9.8epss 0.02

    The WP Live Chat Support plugin before 8.0.33 for WordPress accepts certain REST API calls without invoking the wplc_api_permission_check protection mechanism.

  • CVE-2019-19148CriMar 20, 2020
    risk 0.64cvss 9.8epss 0.08

    Tellabs Optical Line Terminal (OLT) 1150 devices allow Remote Command Execution via the -l option to TELNET or SSH. Tellabs has addressed this issue in the SR30.1 and SR31.1 release on February 18, 2020.

  • CVE-2018-20334CriMar 20, 2020
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell.

  • CVE-2019-16072CriMar 20, 2020
    risk 0.69cvss 9.8epss 0.25

    An OS command injection vulnerability in the discover_and_manage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an attacker to execute arbitrary code because of improper neutralization of shell metacharacters in the ip_address variable within an snmp_browser action.

  • CVE-2019-16064CriMar 19, 2020
    risk 0.63cvss 9.6epss 0.01

    NETSAS Enigma NMS 65.0.0 and prior suffers from a directory traversal vulnerability that can allow an authenticated user to access files and directories stored outside of the web root folder. By exploiting this vulnerability, it is possible for an attacker to list…

  • CVE-2019-12127CriMar 19, 2020
    risk 0.64cvss 9.8epss 0.01

    In ONAP OOM through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.

  • CVE-2019-12126CriMar 19, 2020
    risk 0.64cvss 9.8epss 0.01

    In ONAP DCAE through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.

  • CVE-2019-12125CriMar 19, 2020
    risk 0.64cvss 9.8epss 0.01

    In ONAP Logging through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.

  • CVE-2019-16382CriMar 19, 2020
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in Ivanti Workspace Control 10.3.110.0. One is able to bypass Ivanti's FileGuard folder protection by renaming the WMTemp work folder used by PowerGrid. A malicious PowerGrid XML file can then be created, after which the folder is renamed back to its…

  • CVE-2019-12130CriMar 19, 2020
    risk 0.64cvss 9.8epss 0.02

    In ONAP CLI through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.

  • CVE-2019-12129CriMar 19, 2020
    risk 0.64cvss 9.8epss 0.02

    In ONAP MSB through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.

  • CVE-2019-12128CriMar 19, 2020
    risk 0.64cvss 9.8epss 0.02

    In ONAP SO through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.

  • CVE-2020-9423CriMar 18, 2020
    risk 0.64cvss 9.8epss 0.05

    LogicalDoc before 8.3.3 could allow an attacker to upload arbitrary files, leading to command execution or retrieval of data from the database. LogicalDoc provides a functionality to add documents. Those documents could then be used for multiple tasks, such as version control,…

  • CVE-2020-10674CriMar 18, 2020
    risk 0.64cvss 9.8epss 0.01

    PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open.

  • CVE-2019-19676CriMar 18, 2020
    risk 0.63cvss 9.6epss 0.01

    A CSV injection in arxes-tolina 3.0.0 allows malicious users to gain remote control of other computers. By entering formula code in the following columns: Kundennummer, Firma, Street, PLZ, Ort, Zahlziel, and Bemerkung, an attacker can create a user with a name that contains…

  • CVE-2019-12132CriMar 18, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in ONAP SDNC before Dublin. By executing sla/dgUpload with a crafted filename parameter, an unauthenticated attacker can execute an arbitrary command. All SDC setups that include admportal are affected.

  • CVE-2019-12131CriMar 18, 2020
    risk 0.59cvss 9.1epss 0.01

    An issue was detected in ONAP APPC through Dublin and SDC through Dublin. By setting a USER_ID parameter in an HTTP header, an attacker may impersonate an arbitrary existing user without any authentication. All APPC and SDC setups are affected.

  • CVE-2019-12124CriMar 18, 2020
    risk 0.59cvss 9.1epss 0.01

    An issue was discovered in ONAP APPC before Dublin. By using an exposed unprotected Jolokia interface, an unauthenticated attacker can read or overwrite an arbitrary file. All APPC setups are affected.

  • CVE-2019-12120CriMar 18, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in ONAP VNFSDK through Dublin. By accessing port 8000 of demo-vnfsdk-vnfsdk, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are affected.

  • CVE-2019-12119CriMar 18, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in ONAP SDC through Dublin. By accessing port 7000 of demo-sdc-sdc-wfd-fe pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are…

  • CVE-2019-12118CriMar 18, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in ONAP SDC through Dublin. By accessing port 7001 of demo-sdc-sdc-wfd-be pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are…

  • CVE-2019-12117CriMar 18, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in ONAP SDC through Dublin. By accessing port 4001 of demo-sdc-sdc-onboarding-be pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are…

  • CVE-2019-12116CriMar 18, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in ONAP SDC through Dublin. By accessing port 6000 of demo-sdc-sdc-fe pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are affected.

  • CVE-2019-12115CriMar 18, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in ONAP SDC through Dublin. By accessing port 4000 of demo-sdc-sdc-be pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are affected.

  • CVE-2019-12114CriMar 18, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in ONAP HOLMES before Dublin. By accessing port 9202 of dep-holmes-engine-mgmt pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are…

  • CVE-2019-12112CriMar 18, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in ONAP SDNC before Dublin. By executing sla/upload with a crafted filename parameter, an unauthenticated attacker can execute an arbitrary command. All SDC setups that include admportal are affected.

  • CVE-2020-3922CriMar 18, 2020
    risk 0.64cvss 9.8epss 0.01

    LisoMail, by ArmorX, allows SQL Injections, attackers can access the database without authentication via a URL parameter manipulation.

  • CVE-2020-8600CriMar 18, 2020
    risk 0.64cvss 9.8epss 0.04

    Trend Micro Worry-Free Business Security (9.0, 9.5, 10.0) is affected by a directory traversal vulnerability that could allow an attacker to manipulate a key file to bypass authentication.

  • CVE-2020-8599CriKEVMar 18, 2020
    risk 0.77cvss 9.8epss 0.12

    Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login. Authentication is not required to exploit this vulnerability.

  • CVE-2020-8598CriMar 18, 2020
    risk 0.65cvss 9.8epss 0.13

    Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow a remote attacker to execute arbitrary code on affected installations with SYSTEM level privileges. Authentication is not…

  • CVE-2020-10121CriMar 17, 2020
    risk 0.64cvss 9.8epss 0.02

    cPanel before 84.0.20 allows a demo account to achieve code execution via PassengerApps APIs (SEC-546).