VYPR

CVEs

31,277 total · page 471 of 626

  • CVE-2015-9479CriOct 10, 2019
    risk 0.64cvss 9.8epss 0.03

    The ACF-Frontend-Display plugin through 2015-07-03 for WordPress has arbitrary file upload via an action=upload request to js/blueimp-jQuery-File-Upload-d45deb1/server/php/index.php.

  • CVE-2015-9471CriOct 10, 2019
    risk 0.64cvss 9.8epss 0.04

    The dzs-zoomsounds plugin through 2.0 for WordPress has admin/upload.php arbitrary file upload.

  • CVE-2015-9467CriOct 10, 2019
    risk 0.64cvss 9.8epss 0.02

    The broken-link-manager plugin before 0.5.0 for WordPress has wpslDelURL or wpslEditURL SQL injection via the url parameter.

  • CVE-2015-9466CriOct 10, 2019
    risk 0.64cvss 9.8epss 0.02

    The wti-like-post plugin before 1.4.3 for WordPress has WtiLikePostProcessVote SQL injection via the HTTP_CLIENT_IP, HTTP_X_FORWARDED_FOR, HTTP_X_FORWARDED, HTTP_FORWARDED_FOR, or HTTP_FORWARDED variable.

  • CVE-2019-17320CriOct 10, 2019
    risk 0.64cvss 9.8epss 0.02

    NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads attacker to execute arbitrary code by sending a crafted filename.

  • CVE-2019-1372CriOct 10, 2019
    risk 0.66cvss 10.0epss 0.18

    An remote code execution vulnerability exists when Azure App Service/ Antares on Azure Stack fails to check the length of a buffer prior to copying memory to it.An attacker who successfully exploited this vulnerability could allow an unprivileged function run by the user to…

  • CVE-2019-1365CriOct 10, 2019
    risk 0.65cvss 9.9epss 0.04

    An elevation of privilege vulnerability exists when Microsoft IIS Server fails to check the length of a buffer prior to copying memory to it.An attacker who successfully exploited this vulnerability can allow an unprivileged function ran by the user to execute code in the…

  • CVE-2019-17429CriOct 10, 2019
    risk 0.64cvss 9.8epss 0.01

    Adhouma CMS through 2019-10-09 has SQL Injection via the post.php p_id parameter.

  • CVE-2019-17072CriOct 10, 2019
    risk 0.64cvss 9.8epss 0.02

    The new-contact-form-widget (aka Contact Form Widget - Contact Query, Form Maker) plugin 1.0.9 for WordPress has SQL Injection via all-query-page.php.

  • CVE-2019-17426CriOct 10, 2019
    risk 0.52cvss 9.1epss 0.02

    Automattic Mongoose through 5.7.4 allows attackers to bypass access control (in some applications) because any query object with a _bsontype attribute is ignored. For example, adding "_bsontype":"a" can sometimes interfere with a query filter. NOTE: this CVE is about Mongoose's…

  • CVE-2019-17415CriOct 9, 2019
    risk 0.64cvss 9.8epss 0.04

    A Structured Exception Handler (SEH) based buffer overflow in File Sharing Wizard 1.5.0 26-8-2008 allows remote unauthenticated attackers to execute arbitrary code via the HTTP DELETE method, a similar issue to CVE-2019-16724 and CVE-2010-2331.

  • CVE-2019-1584CriOct 9, 2019
    risk 0.64cvss 9.8epss 0.03

    A security vulnerability exists in Zingbox Inspector version 1.293 and earlier, that allows for remote code execution if the Inspector were sent a malicious command from the Zingbox cloud, or if the Zingbox Inspector were tampered with to connect to an attacker's cloud endpoint.

  • CVE-2019-15020CriOct 9, 2019
    risk 0.64cvss 9.8epss 0.01

    A security vulnerability exists in the Zingbox Inspector versions 1.293 and earlier, that could allow an attacker to supply an invalid software update image to the Zingbox Inspector that could result in command injection.

  • CVE-2019-15019CriOct 9, 2019
    risk 0.64cvss 9.8epss 0.01

    A security vulnerability exists in the Zingbox Inspector versions 1.294 and earlier, that could allow an attacker to supply an invalid software update image to the Zingbox Inspector.

  • CVE-2019-9535CriOct 9, 2019
    risk 0.64cvss 9.8epss 0.02

    A vulnerability exists in the way that iTerm2 integrates with tmux's control mode, which may allow an attacker to execute arbitrary commands by providing malicious output to the terminal. This affects versions of iTerm2 up to and including 3.3.5. This vulnerability may allow an…

  • CVE-2019-17399CriOct 9, 2019
    risk 0.64cvss 9.8epss 0.02

    The Shack Forms Pro extension before 4.0.32 for Joomla! allows path traversal via a file attachment.

  • CVE-2019-17383CriOct 9, 2019
    risk 0.57cvss 9.8epss 0.02

    The netaddr gem before 2.0.4 for Ruby has misconfigured file permissions, such that a gem install may result in 0777 permissions in the target filesystem.

  • CVE-2019-17124CriOct 9, 2019
    risk 0.69cvss 9.8epss 0.23

    Kramer VIAware 2.5.0719.1034 has Incorrect Access Control.

  • CVE-2019-15859CriOct 9, 2019
    risk 0.66cvss 9.8epss 0.34

    Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the /password.jsn URI.

  • CVE-2019-17382CriOct 9, 2019
    risk 0.63cvss 9.1epss 0.54

    An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password (i.e., anonymously). All…

  • CVE-2019-17373CriOct 9, 2019
    risk 0.64cvss 9.8epss 0.02

    Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending with .jpg, such as by appending ?x=1.jpg to a URL. This affects MBR1515, MBR1516, DGN2200, DGN2200M, DGND3700, WNR2000v2, WNDR3300, WNDR3400, WNR3500, and WNR834Bv2.

  • CVE-2019-17354CriOct 9, 2019
    risk 0.61cvss 9.4epss 0.01

    wan.htm page on Zyxel NBG-418N v2 with firmware version V1.00(AARP.9)C0 can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify data fields of the page.

  • CVE-2019-17362CriOct 9, 2019
    risk 0.52cvss 9.1epss 0.03

    In LibTomCrypt through 1.18.2, the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read information from…

  • CVE-2019-3980CriOct 8, 2019
    risk 0.64cvss 9.8epss 0.05

    The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an…

  • CVE-2019-10757CriOct 8, 2019
    risk 0.64cvss 9.8epss 0.01

    knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB.

  • CVE-2019-17134CriOct 8, 2019
    risk 0.52cvss 9.1epss 0.02

    Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve information or issue configuration commands via simple HTTP requests to the…

  • CVE-2018-21024CriOct 8, 2019
    risk 0.00cvss 9.8epss 0.02

    licenseUpload.php in Centreon Web before 2.8.27 allows attackers to upload arbitrary files via a POST request.

  • CVE-2019-13336CriOct 8, 2019
    risk 0.64cvss 9.8epss 0.03

    The dbell Wi-Fi Smart Video Doorbell DB01-S Gen 1 allows remote attackers to launch commands with no authentication verification via TCP port 81, because the loginuse and loginpass parameters to openlock.cgi can have arbitrary values. NOTE: the vendor's position is that this…

  • CVE-2018-21025CriOct 8, 2019
    risk 0.64cvss 9.8epss 0.03

    In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to become root via a crafted script, due to incorrect rights of sourced configuration files.

  • CVE-2019-17042CriOct 7, 2019
    risk 0.57cvss 9.8epss 0.03

    An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy…

  • CVE-2019-17041CriOct 7, 2019
    risk 0.57cvss 9.8epss 0.05

    An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do…

  • CVE-2019-12812CriOct 7, 2019
    risk 0.64cvss 9.8epss 0.03

    MyBuilder viewer before 6.2.2019.814 allow an attacker to execute arbitrary command via specifically crafted configuration file. This can be leveraged for code execution.

  • CVE-2019-12811CriOct 7, 2019
    risk 0.64cvss 9.8epss 0.02

    ActiveX Control in MyBuilder before 6.2.2019.814 allow an attacker to execute arbitrary command via the ShellOpen method. This can be leveraged for code execution

  • CVE-2015-9452CriOct 7, 2019
    risk 0.64cvss 9.8epss 0.02

    The nex-forms-express-wp-form-builder plugin before 4.6.1 for WordPress has SQL injection via the wp-admin/admin.php?page=nex-forms-main nex_forms_Id parameter.

  • CVE-2015-9451CriOct 7, 2019
    risk 0.64cvss 9.8epss 0.02

    The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the wp-admin/admin-ajax.php?action=pmfb_mailchimp pmfb_tid parameter.

  • CVE-2015-9450CriOct 7, 2019
    risk 0.64cvss 9.8epss 0.02

    The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the wp-admin/admin-ajax.php?action=pmfb_cc pmfb_tid parameter.

  • CVE-2019-15751CriOct 7, 2019
    risk 0.64cvss 9.8epss 0.04

    An unrestricted file upload vulnerability in SITOS six Build v6.2.1 allows remote attackers to execute arbitrary code by uploading a SCORM file with an executable extension. This allows an unauthenticated attacker to upload a malicious file (containing PHP code to execute…

  • CVE-2019-15748CriOct 7, 2019
    risk 0.64cvss 9.8epss 0.02

    SITOS six Build v6.2.1 permits unauthorised users to upload and import a SCORM 2004 package by browsing directly to affected pages. An unauthenticated attacker could use the upload and import functionality to import a malicious SCORM package that includes a PHP file, which could…

  • CVE-2019-15746CriOct 7, 2019
    risk 0.64cvss 9.8epss 0.02

    SITOS six Build v6.2.1 allows an attacker to inject arbitrary PHP commands. As a result, an attacker can compromise the running server and execute system commands in the context of the web user.

  • CVE-2019-17269CriOct 7, 2019
    risk 0.64cvss 9.8epss 0.03

    Intellian Remote Access 3.18 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the Ping Test field.

  • CVE-2019-17267CriOct 7, 2019
    risk 0.57cvss 9.8epss 0.05

    A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.

  • CVE-2019-17266CriOct 6, 2019
    risk 0.57cvss 9.8epss 0.03

    libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soup_ntlm_parse_challenge() in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy.

  • CVE-2019-17240CriOct 6, 2019
    risk 0.06cvss 9.8epss 0.40

    bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers.

  • CVE-2019-17218CriOct 6, 2019
    risk 0.59cvss 9.1epss 0.01

    An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05. By default, the communication to the web service is unencrypted via http. An attacker is able to intercept and sniff communication to the web service.

  • CVE-2019-17216CriOct 6, 2019
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05. Password authentication uses MD5 to hash passwords. Cracking is possible with minimal effort.

  • CVE-2019-17215CriOct 6, 2019
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05. There is no bruteforce protection (e.g., lockout) established. An attacker might be able to bruteforce the password to authenticate on the device.

  • CVE-2019-17206CriOct 5, 2019
    risk 0.57cvss 9.8epss 0.03

    Uncontrolled deserialization of a pickled object in models.py in Frost Ming rediswrapper (aka Redis Wrapper) before 0.3.0 allows attackers to execute arbitrary scripts.

  • CVE-2019-17197CriOct 5, 2019
    risk 0.00cvss 9.8epss 0.01

    OpenEMR through 5.0.2 has SQL Injection in the Lifestyle demographic filter criteria in library/clinical_rules.php that affects library/patient.inc.

  • CVE-2019-17192CriOct 5, 2019
    risk 0.64cvss 9.8epss 0.03

    The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified…

  • CVE-2019-17184CriOct 4, 2019
    risk 0.64cvss 9.8epss 0.02

    Xerox AtlaLink B8045/B8055/B8065/B8075/B8090 C8030/C8035/C8045/C8055/C8070 printers with software before 101.00x.089.22600 allow an attacker to gain privileges.