VYPR

CVEs

31,277 total · page 447 of 626

  • CVE-2019-13394CriMar 13, 2020
    risk 0.64cvss 9.8epss 0.01

    The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses HTTP Basic Authentication over cleartext HTTP.

  • CVE-2019-13204CriMar 13, 2020
    risk 0.64cvss 9.8epss 0.03

    Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by multiple buffer overflow vulnerabilities in the IPP service. This would allow an unauthenticated attacker to cause a Denial of Service (DoS), and potentially execute arbitrary code on the…

  • CVE-2020-10083CriMar 13, 2020
    risk 0.59cvss 9.1epss 0.01

    GitLab 12.7 through 12.8.1 has Insecure Permissions. Under certain conditions involving groups, project authorization changes were not being applied.

  • CVE-2019-12182CriMar 13, 2020
    risk 0.64cvss 9.8epss 0.05

    Directory Traversal in Safescan Timemoto and TA-8000 series version 1.0 allows unauthenticated remote attackers to execute code via the administrative API.

  • CVE-2020-1953CriMar 13, 2020
    risk 0.59cvss 10.0epss 0.07

    Apache Commons Configuration uses a third-party library to parse YAML files which by default allows the instantiation of classes if the YAML includes special statements. Apache Commons Configuration versions 2.2, 2.3, 2.4, 2.5, 2.6 did not change the default settings of this…

  • CVE-2020-10541CriMar 13, 2020
    risk 0.65cvss 9.8epss 0.10

    Zoho ManageEngine OpManager before 12.4.179 allows remote code execution via a specially crafted Mail Server Settings v1 API request. This was fixed in 12.5.108.

  • CVE-2020-1887CriMar 13, 2020
    risk 0.00cvss 9.1epss 0.01

    Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust.

  • CVE-2020-10534CriMar 12, 2020
    risk 0.64cvss 9.8epss 0.01

    In the GlobalBlocking extension before 2020-03-10 for MediaWiki through 1.34.0, an issue related to IP range evaluation resulted in blocked users re-gaining escalated privileges. This is related to the case in which an IP address is contained in two ranges, one of which is…

  • CVE-2019-17658CriMar 12, 2020
    risk 0.64cvss 9.8epss 0.02

    An unquoted service path vulnerability in the FortiClient FortiTray component of FortiClientWindows v6.2.2 and prior allow an attacker to gain elevated privileges via the FortiClientConsole executable service path.

  • CVE-2019-11343CriMar 12, 2020
    risk 0.57cvss 9.8epss 0.02

    Torpedo Query before 2.5.3 mishandles the LIKE operator in ConditionBuilder.java, LikeCondition.java, and NotLikeCondition.java.

  • CVE-2020-0902CriMar 12, 2020
    risk 0.64cvss 9.8epss 0.03

    An elevation of privilege vulnerability exists in Service Fabric File Store Service under certain conditions, aka 'Service Fabric Elevation of Privilege'.

  • CVE-2020-0872CriMar 12, 2020
    risk 0.63cvss 9.6epss 0.10

    A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'.

  • CVE-2020-0796CriKEVMar 12, 2020
    risk 0.94cvss 10.0epss 1.00

    A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.

  • CVE-2020-0690CriMar 12, 2020
    risk 0.64cvss 9.8epss 0.07

    An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.

  • CVE-2020-10109CriMar 12, 2020
    risk 0.57cvss 9.8epss 0.03

    In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remainder of the request body was interpreted as a pipelined request.

  • CVE-2020-10108CriMar 12, 2020
    risk 0.57cvss 9.8epss 0.04

    In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request.

  • CVE-2019-5161CriMar 11, 2020
    risk 0.59cvss 9.1epss 0.03

    An exploitable remote code execution vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). A specially crafted XML file will direct the Cloud Connectivity service to download and execute a shell script…

  • CVE-2019-5160CriMar 11, 2020
    risk 0.59cvss 9.1epss 0.03

    An exploitable improper host validation vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). A specially crafted HTTPS POST request can cause the software to connect to an unauthorized host,…

  • CVE-2019-10807CriMar 11, 2020
    risk 0.57cvss 9.8epss 0.02

    Blamer versions prior to 1.0.1 allows execution of arbitrary commands. It is possible to inject arbitrary commands as part of the arguments provided to blamer.

  • CVE-2020-1947CriMar 11, 2020
    risk 0.66cvss 9.8epss 0.34

    In Apache ShardingSphere(incubator) 4.0.0-RC3 and 4.0.0, the ShardingSphere's web console uses the SnakeYAML library for parsing YAML inputs to load datasource configuration. SnakeYAML allows to unmarshal data to a Java type By using the YAML tag. Unmarshalling untrusted data…

  • CVE-2020-8540CriMar 11, 2020
    risk 0.65cvss 9.8epss 0.12

    An XML external entity (XXE) vulnerability in Zoho ManageEngine Desktop Central before the 07-Mar-2020 update allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.

  • CVE-2020-10181CriKEVMar 11, 2020
    risk 0.77cvss 9.8epss 0.14

    goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of arbitrary users with elevated privileges (administrator) on a device, as demonstrated by a setString=new_user<*1*>administrator<*1*>123456 request.

  • CVE-2019-9099CriMar 11, 2020
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A Buffer overflow in the built-in web server allows remote attackers to initiate DoS, and probably to…

  • CVE-2019-9096CriMar 11, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. Insufficient password requirements for the MGate web application may allow an attacker to gain access by…

  • CVE-2019-9095CriMar 11, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An attacker may be able to intercept weakly encrypted passwords and gain administrative access.

  • CVE-2020-5203CriMar 11, 2020
    risk 0.57cvss 9.8epss 0.02

    In Fat-Free Framework 3.7.1, attackers can achieve arbitrary code execution if developers choose to pass user controlled input (e.g., $_REQUEST, $_GET, or $_POST) to the framework's Clear method.

  • CVE-2020-10376CriMar 11, 2020
    risk 0.64cvss 9.8epss 0.01

    Technicolor TC7337NET 08.89.17.23.03 devices allow remote attackers to discover passwords by sniffing the network for an "Authorization: Basic" HTTP header.

  • CVE-2020-6207CriKEVMar 10, 2020
    risk 0.87cvss 9.8epss 0.98

    SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager.

  • CVE-2020-6203CriMar 10, 2020
    risk 0.59cvss 9.1epss 0.02

    SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the…

  • CVE-2020-6198CriMar 10, 2020
    risk 0.64cvss 9.8epss 0.01

    SAP Solution Manager (Diagnostics Agent), version 720, allows unencrypted connections from unauthenticated sources. This allows an attacker to control all remote functions on the Agent due to Missing Authentication Check.

  • CVE-2019-7589CriMar 10, 2020
    risk 0.64cvss 9.8epss 0.02

    A vulnerability with the SmartService API Service option exists whereby an unauthorized user could potentially exploit this to upload malicious code to the server that could be executed at system level privileges. This affects Johnson Controls' Kantech EntraPass Corporate…

  • CVE-2020-10255CriMar 10, 2020
    risk 0.59cvss 9.0epss 0.03

    Modern DRAM chips (DDR4 and LPDDR4 after 2015) are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh (TRR), aka the TRRespass issue. To exploit this vulnerability, the attacker needs to create certain access…

  • CVE-2019-12443CriMar 10, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in GitLab Community and Enterprise Edition 10.2 through 11.11. Multiple features contained Server-Side Request Forgery (SSRF) vulnerabilities caused by an insufficient validation to prevent DNS rebinding attacks.

  • CVE-2019-12428CriMar 10, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in GitLab Community and Enterprise Edition 6.8 through 11.11. Users could bypass the mandatory external authentication provider sign-in restrictions by sending a specially crafted request. It has Improper Authorization.

  • CVE-2018-14502CriMar 10, 2020
    risk 0.64cvss 9.8epss 0.03

    controllers/quizzes.php in the Kiboko Chained Quiz plugin before 1.0.9 for WordPress allows remote unauthenticated users to execute arbitrary SQL commands via the 'answer' and 'answers' parameters.

  • CVE-2017-10992CriMar 10, 2020
    risk 0.65cvss 9.8epss 0.10

    In HPE Storage Essentials 9.5.0.142, there is Unauthenticated Java Deserialization with remote code execution via OS commands in a request to invoker/JMXInvokerServlet, aka PSRT110461.

  • CVE-2020-10257CriMar 10, 2020
    risk 0.64cvss 9.8epss 0.09

    The ThemeREX Addons plugin before 2020-03-09 for WordPress lacks access control on the /trx_addons/v2/get/sc_layout REST API endpoint, allowing for PHP functions to be executed by any users, because includes/plugin.rest-api.php calls trx_addons_rest_get_sc_layout with an unsafe…

  • CVE-2020-9758CriMar 9, 2020
    risk 0.63cvss 9.6epss 0.02

    An issue was discovered in chat.php in LiveZilla Live Chat 8.0.1.3 (Helpdesk). A blind JavaScript injection lies in the name parameter. Triggering this can fetch the username and passwords of the helpdesk employees in the URI. This leads to a privilege escalation, from…

  • CVE-2020-10250CriMar 9, 2020
    risk 0.64cvss 9.8epss 0.03

    BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the PKG parameter to uninstall.php3.

  • CVE-2016-6918CriMar 9, 2020
    risk 0.64cvss 9.8epss 0.02

    Lexmark Markvision Enterprise (MVE) before 2.4.1 allows remote attackers to execute arbitrary commands by uploading files. (

  • CVE-2014-1634CriMar 9, 2020
    risk 0.64cvss 9.8epss 0.01

    SQL Injection exists in Advanced Newsletter Magento extension before 2.3.5 via the /store/advancednewsletter/index/subscribeajax/an_category_id/ PATH_INFO.

  • CVE-2019-20504CriMar 9, 2020
    risk 0.64cvss 9.8epss 0.10

    service/krashrpt.php in Quest KACE K1000 Systems Management Appliance before 6.4 SP3 (6.4.120822) allows a remote attacker to execute code via shell metacharacters in the kuid parameter.

  • CVE-2020-10233CriMar 9, 2020
    risk 0.59cvss 9.1epss 0.02

    In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a heap-based buffer over-read in ntfs_dinode_lookup in fs/ntfs.c.

  • CVE-2020-10232CriMar 9, 2020
    risk 0.00cvss 9.8epss 0.02

    In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfs_istat() in fs/yaffs.c.

  • CVE-2020-10225CriMar 8, 2020
    risk 0.64cvss 9.8epss 0.04

    An unauthenticated file upload vulnerability has been identified in admin/gallery.php in PHPGurukul Job Portal 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command…

  • CVE-2020-10224CriMar 8, 2020
    risk 0.64cvss 9.8epss 0.05

    An unauthenticated file upload vulnerability has been identified in admin_add.php in PHPGurukul Online Book Store 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command…

  • CVE-2020-10220CriMar 7, 2020
    risk 0.75cvss 9.8epss 1.00

    An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameter.

  • CVE-2020-10212CriMar 7, 2020
    risk 0.64cvss 9.8epss 0.01

    upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an internal IP address. For example, an SSRF attempt may succeed if a .ico filename…

  • CVE-2020-5328CriMar 6, 2020
    risk 0.64cvss 9.8epss 0.01

    Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of thorough authorization checks when SyncIQ is licensed, but encrypted syncs are not marked as required. When this happens, loss of control of the cluster can occur.

  • CVE-2020-8113CriMar 6, 2020
    risk 0.64cvss 9.8epss 0.01

    GitLab 10.7 and later through 12.7.2 has Incorrect Access Control.