VYPR

CVEs

31,277 total · page 449 of 626

  • CVE-2019-10803CriFeb 28, 2020
    risk 0.64cvss 9.8epss 0.03

    push-dir through 0.4.1 allows execution of arbritary commands. Arguments provided as part of the variable "opt.branch" is not validated before being provided to the "git" command within "index.js#L139". This could be abused by an attacker to inject arbitrary commands.

  • CVE-2019-10802CriFeb 28, 2020
    risk 0.57cvss 9.8epss 0.02

    giting version prior to 0.0.8 allows execution of arbritary commands. The first argument "repo" of function "pull()" is executed by the package without any validation.

  • CVE-2019-10801CriFeb 28, 2020
    risk 0.64cvss 9.8epss 0.03

    enpeem through 2.2.0 allows execution of arbitrary commands. The "options.dir" argument is provided to the "exec" function without any sanitization.

  • CVE-2020-9465CriFeb 28, 2020
    risk 0.73cvss 9.8epss 0.82

    An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before 5.3-3. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via the user_id field in a cookie.

  • CVE-2020-8132CriFeb 28, 2020
    risk 0.64cvss 9.8epss 0.02

    Lack of input validation in pdf-image npm package version <= 2.0.0 may allow an attacker to run arbitrary code if PDF file path is constructed based on untrusted user input.

  • CVE-2019-15609CriFeb 28, 2020
    risk 0.64cvss 9.8epss 0.04

    The kill-port-process package version < 2.2.0 is vulnerable to a Command Injection vulnerability.

  • CVE-2020-9434CriFeb 27, 2020
    risk 0.00cvss 9.1epss 0.01

    openssl_x509_check_ip_asc in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.

  • CVE-2020-9433CriFeb 27, 2020
    risk 0.00cvss 9.1epss 0.01

    openssl_x509_check_email in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.

  • CVE-2020-9432CriFeb 27, 2020
    risk 0.00cvss 9.1epss 0.01

    openssl_x509_check_host in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.

  • CVE-2020-7043CriFeb 27, 2020
    risk 0.52cvss 9.1epss 0.02

    An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonstrated by a good.example.com\x00evil.example.com attack.

  • CVE-2019-17275CriFeb 26, 2020
    risk 0.64cvss 9.8epss 0.03

    OnCommand Cloud Manager versions prior to 3.8.0 are susceptible to arbitrary code execution by remote attackers.

  • CVE-2019-19994CriFeb 26, 2020
    risk 0.64cvss 9.8epss 0.05

    An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. It allows blind Command Injection. An attacker without authentication is able to execute arbitrary operating system command by injecting the vulnerable parameter in the PHP Web page…

  • CVE-2020-9406CriFeb 26, 2020
    risk 0.64cvss 9.8epss 0.01

    IBL Online Weather before 4.3.5a allows unauthenticated eval injection via the queryBCP method of the Auxiliary Service.

  • CVE-2020-9398CriFeb 25, 2020
    risk 0.64cvss 9.8epss 0.01

    ISPConfig before 3.1.15p3, when the undocumented reverse_proxy_panel_allowed=sites option is manually enabled, allows SQL Injection.

  • CVE-2015-0565CriFeb 25, 2020
    risk 0.69cvss 10.0epss 0.13

    NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible.

  • CVE-2016-11020CriFeb 25, 2020
    risk 0.57cvss 9.8epss 0.03

    Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. This can lead to XSS and remote code execution.

  • CVE-2020-8794CriFeb 25, 2020
    risk 0.74cvss 9.8epss 0.89

    OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTPD, it is possible to attack a server because the server code launches the client…

  • CVE-2019-5138CriFeb 25, 2020
    risk 0.65cvss 9.9epss 0.05

    An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the…

  • CVE-2020-1938CriKEVFeb 24, 2020
    risk 0.87cvss 9.8epss 0.99

    When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be…

  • CVE-2020-9374CriFeb 24, 2020
    risk 0.70cvss 9.8epss 0.42

    On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature.

  • CVE-2019-12511CriFeb 24, 2020
    risk 0.64cvss 9.8epss 0.02

    In NETGEAR Nighthawk X10-R9000 prior to 1.0.4.26, an attacker may execute arbitrary system commands as root by sending a specially-crafted MAC address to the "NETGEAR Genie" SOAP endpoint at AdvancedQoS:GetCurrentBandwidthByMAC. Although this requires QoS being enabled, advanced…

  • CVE-2019-12510CriFeb 24, 2020
    risk 0.59cvss 9.1epss 0.01

    In NETGEAR Nighthawk X10-R900 prior to 1.0.4.26, an attacker may bypass all authentication checks on the device's "NETGEAR Genie" SOAP API ("/soap/server_sa") by supplying a malicious X-Forwarded-For header of the device's LAN IP address (192.168.1.1) in every request. As a…

  • CVE-2018-14705CriFeb 24, 2020
    risk 0.64cvss 9.8epss 0.02

    In Drobo 5N2 4.0.5, all optional applications lack any form of authentication/authorization validation. As a result, any user capable of accessing the device over the network may interact with and control these applications. This not only poses a severe risk to the availability…

  • CVE-2019-10796CriFeb 24, 2020
    risk 0.64cvss 9.8epss 0.03

    rpi through 0.0.3 allows execution of arbritary commands. The variable pinNumbver in function GPIO within src/lib/gpio.js is used as part of the arguement of exec function without any sanitization.

  • CVE-2020-9366CriFeb 24, 2020
    risk 0.64cvss 9.8epss 0.03

    A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact.

  • CVE-2020-4222CriFeb 24, 2020
    risk 0.65cvss 9.8epss 0.15

    IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175091.

  • CVE-2020-4213CriFeb 24, 2020
    risk 0.65cvss 9.8epss 0.15

    IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175024.

  • CVE-2020-4212CriFeb 24, 2020
    risk 0.65cvss 9.8epss 0.15

    IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175023.

  • CVE-2020-4211CriFeb 24, 2020
    risk 0.69cvss 9.8epss 0.71

    IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175022.

  • CVE-2020-4210CriFeb 24, 2020
    risk 0.65cvss 9.8epss 0.15

    IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175020.

  • CVE-2019-20481CriFeb 24, 2020
    risk 0.64cvss 9.8epss 0.01

    In MIELE XGW 3000 ZigBee Gateway before 2.4.0, the Password Change Function does not require knowledge of the old password. This can be exploited in conjunction with CVE-2019-20480.

  • CVE-2019-18183CriFeb 24, 2020
    risk 0.64cvss 9.8epss 0.04

    pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the apply_deltas() function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable the non-default delta feature and retrieve an…

  • CVE-2019-18182CriFeb 24, 2020
    risk 0.64cvss 9.8epss 0.04

    pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the download_with_xfercommand() function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand and retrieve an…

  • CVE-2020-9355CriFeb 23, 2020
    risk 0.00cvss 9.8epss 0.02

    danfruehauf NetworkManager-ssh before 1.2.11 allows privilege escalation because extra options are mishandled.

  • CVE-2020-9352CriFeb 23, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in the downloadWSDL feature by sending a POST request to /tools/developerConsoleOperations.jsp with a valid payload in the _transaction parameter. NOTE: the documentation states…

  • CVE-2020-9039CriFeb 22, 2020
    risk 0.64cvss 9.8epss 0.04

    Couchbase Server 4.0.0, 4.1.0, 4.1.1, 4.5.0, 4.5.1, 4.6.0 through 4.6.5, 5.0.0, 5.1.1, 5.5.0 and 5.5.1 have Insecure Permissions for the projector and indexer REST endpoints (they allow unauthenticated access).The /settings REST endpoint exposed by the projector process is an…

  • CVE-2012-0828CriFeb 21, 2020
    risk 0.64cvss 9.8epss 0.04

    Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture could allow remote attackers to cause a denial of service (xchat client crash) or execute arbitrary code via a UTF-8 line from server containing characters outside of the Basic…

  • CVE-2020-6841CriFeb 21, 2020
    risk 0.64cvss 9.8epss 0.03

    D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter.

  • CVE-2016-4606CriFeb 21, 2020
    risk 0.64cvss 9.8epss 0.03

    Curl before 7.49.1 in Apple OS X before macOS Sierra prior to 10.12 allows remote or local attackers to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions. This may aid in other…

  • CVE-2020-9015CriFeb 20, 2020
    risk 0.68cvss 9.8epss 0.16

    Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devices (and possibly other products) allow attackers to bypass intended TACACS+ shell restrictions via a | character. NOTE: the vendor reports that this is a configuration issue…

  • CVE-2020-8990CriFeb 20, 2020
    risk 0.59cvss 9.1epss 0.01

    Western Digital My Cloud Home before 3.6.0 and ibi before 3.6.0 allow Session Fixation.

  • CVE-2020-3765CriFeb 20, 2020
    risk 0.64cvss 9.8epss 0.06

    Adobe After Effects versions 16.1.2 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2014-4650CriFeb 20, 2020
    risk 0.69cvss 9.8epss 0.25

    The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character…

  • CVE-2014-4657CriFeb 20, 2020
    risk 0.57cvss 9.8epss 0.04

    The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions.

  • CVE-2014-3484CriFeb 20, 2020
    risk 0.64cvss 9.8epss 0.02

    Multiple stack-based buffer overflows in the __dn_expand function in network/dn_expand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to (1) have unspecified impact via an invalid name length in a DNS response or (2) cause a denial of service…

  • CVE-2014-4678CriFeb 20, 2020
    risk 0.57cvss 9.8epss 0.05

    The safe_eval function in Ansible before 1.6.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4657.

  • CVE-2013-2018CriFeb 20, 2020
    risk 0.64cvss 9.8epss 0.02

    Multiple SQL injection vulnerabilities in BOINC allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2020-6970CriFeb 19, 2020
    risk 0.64cvss 9.8epss 0.03

    A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 (if Modbus or ROC Interfaces have been installed and are in use) and all versions of OpenEnterprise 3.1 through 3.3.3, where a specially crafted script could execute code on the OpenEnterprise…

  • CVE-2020-3943CriFeb 19, 2020
    risk 0.64cvss 9.8epss 0.02

    vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) uses a JMX RMI service which is not securely configured. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may be able to…

  • CVE-2020-3158CriFeb 19, 2020
    risk 0.59cvss 9.1epss 0.03

    A vulnerability in the High Availability (HA) service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a default…