VYPR

CVEs

31,277 total · page 453 of 626

  • CVE-2020-6969CriFeb 5, 2020
    risk 0.64cvss 9.8epss 0.02

    It is possible to unmask credentials and other sensitive information on “unprotected” project files, which may allow an attacker to remotely access the C-More Touch Panels EA9 series: firmware versions prior to 6.53 and manipulate system configurations.

  • CVE-2020-6174CriFeb 5, 2020
    risk 0.57cvss 9.8epss 0.01

    TUF (aka The Update Framework) through 0.12.1 has Improper Verification of a Cryptographic Signature.

  • CVE-2020-8114CriFeb 5, 2020
    risk 0.64cvss 9.8epss 0.01

    GitLab EE 8.9 and later through 12.7.2 has Insecure Permission

  • CVE-2019-10788CriFeb 4, 2020
    risk 0.57cvss 9.8epss 0.02

    im-metadata through 3.0.1 allows remote attackers to execute arbitrary commands via the "exec" argument. It is possible to inject arbitrary commands as part of the metadata options which is given to the "exec" function.

  • CVE-2019-10787CriFeb 4, 2020
    risk 0.57cvss 9.8epss 0.04

    im-resize through 2.3.2 allows remote attackers to execute arbitrary commands via the "exec" argument. The cmd argument used within index.js, can be controlled by user without any sanitization.

  • CVE-2019-10786CriFeb 4, 2020
    risk 0.64cvss 9.8epss 0.02

    network-manager through 1.0.2 allows remote attackers to execute arbitrary commands via the "execSync()" argument.

  • CVE-2020-8125CriFeb 4, 2020
    risk 0.57cvss 9.8epss 0.04

    Flaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using klona.

  • CVE-2020-6058CriFeb 4, 2020
    risk 0.59cvss 9.1epss 0.02

    An exploitable out-of-bounds read vulnerability exists in the way MiniSNMPD version 1.4 parses incoming SNMP packets. A specially crafted SNMP request can trigger an out-of-bounds memory read, which can result in the disclosure of sensitive information and denial of service. To…

  • CVE-2015-3613CriFeb 4, 2020
    risk 0.64cvss 9.8epss 0.02

    A vulnerability exists in in FortiManager 5.2.1 and earlier and 5.0.10 and earlier in the WebUI FTP backup page

  • CVE-2019-10784CriFeb 4, 2020
    risk 0.63cvss 9.6epss 0.04

    phppgadmin through 7.12.1 allows sensitive actions to be performed without validating that the request originated from the application. One such area, "database.php" does not verify the source of an HTTP request. This can be leveraged by a remote attacker to trick a logged-in…

  • CVE-2019-4675CriFeb 4, 2020
    risk 0.64cvss 9.8epss 0.01

    IBM Security Identity Manager 7.0.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 171511.

  • CVE-2013-7055CriFeb 4, 2020
    risk 0.67cvss 9.8epss 0.07

    D-Link DIR-100 4.03B07 has PPTP and poe information disclosure

  • CVE-2013-7052CriFeb 4, 2020
    risk 0.69cvss 9.8epss 0.25

    D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script

  • CVE-2012-5686CriFeb 4, 2020
    risk 0.67cvss 9.8epss 0.05

    ZPanel 10.0.1 has insufficient entropy for its password reset process.

  • CVE-2012-5618CriFeb 4, 2020
    risk 0.57cvss 9.8epss 0.01

    Ushahidi before 2.6.1 has insufficient entropy for forgot-password tokens.

  • CVE-2020-3938CriFeb 4, 2020
    risk 0.64cvss 9.8epss 0.01

    SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerability of Request Forgery, allowing attackers to launch inquiries into network architecture or system files of the server via forged inquests.

  • CVE-2020-8597CriFeb 3, 2020
    risk 0.02cvss 9.8epss 0.19

    eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.

  • CVE-2020-8592CriFeb 3, 2020
    risk 0.64cvss 9.8epss 0.01

    eG Manager 7.1.2 allows SQL Injection via the user parameter to com.eg.LoginHelperServlet (aka the Forgot Password feature).

  • CVE-2020-8591CriFeb 3, 2020
    risk 0.64cvss 9.8epss 0.01

    eG Manager 7.1.2 allows authentication bypass via a com.egurkha.EgLoginServlet?uname=admin&upass=&accessKey=eGm0n1t0r request.

  • CVE-2020-8547CriFeb 3, 2020
    risk 0.67cvss 9.8epss 0.06

    phpList 3.5.0 allows type juggling for admin login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.

  • CVE-2020-8510CriFeb 3, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in phpABook 0.9 Intermediate. On the login page, if one sets a userInfo cookie with the value of admin+1+en (user+perms+lang), one can login as any user without a password.

  • CVE-2020-7471CriFeb 3, 2020
    risk 0.62cvss 9.8epss 0.65

    Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter). By passing a…

  • CVE-2020-8508CriFeb 3, 2020
    risk 0.64cvss 9.8epss 0.02

    nsak64.sys in Norman Malware Cleaner 2.08.08 allows users to call arbitrary kernel functions because the passing of function pointers between user and kernel mode is mishandled.

  • CVE-2020-8515CriKEVFeb 1, 2020
    risk 0.87cvss 9.8epss 1.00

    DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in…

  • CVE-2014-2025CriJan 31, 2020
    risk 0.64cvss 9.8epss 0.04

    Unrestricted file upload vulnerability in an unspecified third party tool in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to execute arbitrary code by uploading a file with an executable extension,…

  • CVE-2014-8322CriJan 31, 2020
    risk 0.62cvss 9.8epss 0.24

    Stack-based buffer overflow in the tcp_test function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value.

  • CVE-2014-5039CriJan 31, 2020
    risk 0.62cvss 9.6epss 0.01

    Cross-site scripting (XSS) vulnerability in Eucalyptus Management Console (EMC) 4.0.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2016-2031CriJan 31, 2020
    risk 0.64cvss 9.8epss 0.05

    Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform…

  • CVE-2020-8440CriJan 31, 2020
    risk 0.64cvss 9.8epss 0.03

    controllers/page_apply.php in Simplejobscript.com SJS through 1.66 is prone to unauthenticated Remote Code Execution by uploading a PHP script as a resume.

  • CVE-2020-7956CriJan 31, 2020
    risk 0.00cvss 9.8epss 0.01

    HashiCorp Nomad and Nomad Enterprise up to 0.10.2 incorrectly validated role/region associated with TLS certificates used for mTLS RPC, and were susceptible to privilege escalation. Fixed in 0.10.3.

  • CVE-2013-2198CriJan 30, 2020
    risk 0.64cvss 9.8epss 0.02

    The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows attackers to bypass intended restrictions via a crafted username.

  • CVE-2014-3719CriJan 30, 2020
    risk 0.64cvss 9.8epss 0.02

    Multiple SQL injection vulnerabilities in cgi-bin/review_m.cgi in Ex Libris ALEPH 500 (Integrated library management system) 18.1 and 20 allow remote attackers to execute arbitrary SQL commands via the (1) find, (2) lib, or (3) sid parameter.

  • CVE-2013-1350CriJan 30, 2020
    risk 0.59cvss 9.1epss 0.02

    Verax NMS prior to 2.1.0 has multiple security bypass vulnerabilities

  • CVE-2020-8447CriJan 30, 2020
    risk 0.64cvss 9.8epss 0.02

    In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a use-after-free during processing of syscheck formatted msgs (received from authenticated remote agents and delivered to the analysisd processing queue by…

  • CVE-2020-8445CriJan 30, 2020
    risk 0.64cvss 9.8epss 0.02

    In OSSEC-HIDS 2.7 through 3.5.0, the OS_CleanMSG function in ossec-analysisd doesn't remove or encode terminal control characters or newlines from processed log messages. In many cases, those characters are later logged. Because newlines (\n) are permitted in messages processed…

  • CVE-2020-8444CriJan 30, 2020
    risk 0.64cvss 9.8epss 0.02

    In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a use-after-free during processing of ossec-alert formatted msgs (received from authenticated remote agents and delivered to the analysisd processing queue by…

  • CVE-2020-8443CriJan 30, 2020
    risk 0.64cvss 9.8epss 0.03

    In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs (received from authenticated remote agents and delivered to the analysisd…

  • CVE-2019-10783CriJan 29, 2020
    risk 0.64cvss 9.8epss 0.03

    All versions including 0.0.4 of lsof npm module are vulnerable to Command Injection. Every exported method used by the package uses the exec function to parse user input.

  • CVE-2013-3317CriJan 29, 2020
    risk 0.64cvss 9.8epss 0.05

    Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key.

  • CVE-2013-3316CriJan 29, 2020
    risk 0.64cvss 9.8epss 0.05

    Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a ".jpg".

  • CVE-2019-20445CriJan 29, 2020
    risk 0.01cvss 9.1epss 0.13

    HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header.

  • CVE-2019-20444CriJan 29, 2020
    risk 0.01cvss 9.1epss 0.09

    HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."

  • CVE-2020-8432CriJan 29, 2020
    risk 0.64cvss 9.8epss 0.04

    In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute arbitrary code. NOTE: this vulnerablity was introduced when attempting to fix a…

  • CVE-2020-3718CriJan 29, 2020
    risk 0.64cvss 9.8epss 0.08

    Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2020-3716CriJan 29, 2020
    risk 0.65cvss 9.8epss 0.14

    Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2013-2573CriJan 29, 2020
    risk 0.70cvss 9.8epss 0.42

    A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code.

  • CVE-2013-3215CriJan 29, 2020
    risk 0.72cvss 9.8epss 0.69

    vtiger CRM 5.4.0 and earlier contain an Authentication Bypass Vulnerability due to improper authentication validation in the validateSession function.

  • CVE-2013-2570CriJan 29, 2020
    risk 0.69cvss 9.8epss 0.27

    A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code.

  • CVE-2013-2568CriJan 29, 2020
    risk 0.71cvss 9.8epss 0.49

    A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code.

  • CVE-2020-7247CriKEVJan 29, 2020
    risk 0.23cvss 9.8epss 0.99

    smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented"…