VYPR

CVEs

31,277 total · page 472 of 626

  • CVE-2019-16891CriOct 4, 2019
    risk 0.67cvss 9.8epss 0.46

    Liferay Portal CE 6.2.5 allows remote command execution because of deserialization of a JSON payload.

  • CVE-2019-17133CriOct 4, 2019
    risk 0.64cvss 9.8epss 0.07

    In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.

  • CVE-2019-17132CriOct 4, 2019
    risk 0.68cvss 9.8epss 0.12

    vBulletin through 5.5.4 mishandles custom avatars.

  • CVE-2019-17113CriOct 4, 2019
    risk 0.00cvss 9.8epss 0.03

    In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow.

  • CVE-2018-10105CriOct 3, 2019
    risk 0.64cvss 9.8epss 0.04

    tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).

  • CVE-2018-10103CriOct 3, 2019
    risk 0.64cvss 9.8epss 0.04

    tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).

  • CVE-2019-13957CriOct 2, 2019
    risk 0.64cvss 9.8epss 0.01

    In Umbraco 7.3.8, there is SQL Injection in the backoffice/PageWApprove/PageWApproveApi/GetInpectSearch method via the nodeName parameter.

  • CVE-2019-12736CriOct 2, 2019
    risk 0.64cvss 9.8epss 0.02

    JetBrains Ktor framework before 1.2.0-rc does not sanitize the username provided by the user for the LDAP protocol, leading to command injection.

  • CVE-2019-12630CriOct 2, 2019
    risk 0.69cvss 9.8epss 0.66

    A vulnerability in the Java deserialization function used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected…

  • CVE-2019-12157CriOct 2, 2019
    risk 0.64cvss 9.8epss 0.02

    In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC commands.

  • CVE-2019-11929CriOct 2, 2019
    risk 0.00cvss 9.8epss 0.04

    Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution. This issue affects HHVM versions prior to 3.30.10, all versions between 4.0.0 and 4.8.5, all versions between…

  • CVE-2019-10212CriOct 2, 2019
    risk 0.64cvss 9.8epss 0.02

    A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user's credentials from the log files.

  • CVE-2019-13658CriOct 2, 2019
    risk 0.64cvss 9.8epss 0.03

    CA Network Flow Analysis 9.x and 10.0.x have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security.

  • CVE-2019-13025CriOct 2, 2019
    risk 0.64cvss 9.8epss 0.03

    Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST (HTTP) request containing shell commands, which will be executed on the device, to an backend API…

  • CVE-2019-14454CriOct 2, 2019
    risk 0.64cvss 9.8epss 0.02

    SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to vertical privilege escalation.

  • CVE-2019-13335CriOct 2, 2019
    risk 0.64cvss 9.8epss 0.01

    SalesAgility SuiteCRM 7.10.x 7.10.19 and 7.11.x before and 7.11.7 has SSRF.

  • CVE-2019-17067CriOct 1, 2019
    risk 0.64cvss 9.8epss 0.02

    PuTTY before 0.73 on Windows improperly opens port-forwarding listening sockets, which allows attackers to listen on the same port to steal an incoming connection.

  • CVE-2019-16943CriOct 1, 2019
    risk 0.57cvss 9.8epss 0.05

    A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an…

  • CVE-2019-16942CriOct 1, 2019
    risk 0.57cvss 9.8epss 0.06

    A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and…

  • CVE-2019-10202CriOct 1, 2019
    risk 0.64cvss 9.8epss 0.05

    A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by…

  • CVE-2019-15039CriOct 1, 2019
    risk 0.68cvss 9.8epss 0.13

    An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possible remote code execution issue. This was fixed in TeamCity 2019.1.

  • CVE-2019-10431CriOct 1, 2019
    risk 0.58cvss 9.9epss 0.03

    A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.64 and earlier related to the handling of default parameter expressions in constructors allowed attackers to execute arbitrary code in sandboxed scripts.

  • CVE-2019-15940CriOct 1, 2019
    risk 0.64cvss 9.8epss 0.02

    Victure PC530 devices allow unauthenticated TELNET access as root.

  • CVE-2019-2294CriSep 30, 2019
    risk 0.64cvss 9.8epss 0.01

    Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,…

  • CVE-2019-2252CriSep 30, 2019
    risk 0.64cvss 9.8epss 0.01

    Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &…

  • CVE-2019-16932CriSep 30, 2019
    risk 0.68cvss 10.0epss 0.39

    A blind SSRF vulnerability exists in the Visualizer plugin before 3.3.1 for WordPress via wp-json/visualizer/v1/upload-data.

  • CVE-2019-10540CriSep 30, 2019
    risk 0.64cvss 9.8epss 0.01

    Buffer overflow in WLAN NAN function due to lack of check of count value received in NAN availability attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…

  • CVE-2019-10539CriSep 30, 2019
    risk 0.64cvss 9.8epss 0.01

    Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice…

  • CVE-2019-10538CriSep 30, 2019
    risk 0.64cvss 9.8epss 0.01

    Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can compromise HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice…

  • CVE-2019-10509CriSep 30, 2019
    risk 0.64cvss 9.8epss 0.01

    Device record of the pairing device used after free during ACL disconnection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W,…

  • CVE-2019-17040CriSep 30, 2019
    risk 0.57cvss 9.8epss 0.02

    contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled.

  • CVE-2019-16999CriSep 30, 2019
    risk 0.64cvss 9.8epss 0.01

    CloudBoot through 2019-03-08 allows SQL Injection via a crafted Status field in JSON data to the api/osinstall/v1/device/getNumByStatus URI.

  • CVE-2019-16676CriSep 30, 2019
    risk 0.57cvss 9.8epss 0.03

    Plataformatec Simple Form has Incorrect Access Control in file_method? in lib/simple_form/form_builder.rb, because a user-supplied string is invoked as a method call.

  • CVE-2019-16941CriSep 28, 2019
    risk 0.57cvss 9.8epss 0.05

    NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files feature of Bit Patterns Explorer is used with a modified XML document. This occurs in Features/BytePatterns/src/main/java/ghidra/bitpatterns/info/FileBitPatternInfoR…

  • CVE-2019-3766CriSep 27, 2019
    risk 0.64cvss 9.8epss 0.02

    Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive authentication attempts vulnerability. An unauthenticated remote attacker may potentially perform a password brute-force attack to gain access to the targeted accounts.

  • CVE-2019-16928CriKEVSep 27, 2019
    risk 0.79cvss 9.8epss 0.42

    Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.

  • CVE-2019-9459CriSep 27, 2019
    risk 0.64cvss 9.8epss 0.01

    In libttspico, there is a possible OOB write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:…

  • CVE-2019-9365CriSep 27, 2019
    risk 0.64cvss 9.8epss 0.01

    In Bluetooth, there is a possible deserialization error due to missing string validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:…

  • CVE-2019-9301CriSep 27, 2019
    risk 0.64cvss 9.8epss 0.01

    In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112663384

  • CVE-2019-11734CriSep 27, 2019
    risk 0.64cvss 9.8epss 0.01

    Mozilla developers and community members reported memory safety bugs present in Firefox 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects…

  • CVE-2019-11733CriSep 27, 2019
    risk 0.64cvss 9.8epss 0.01

    When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. It was found that locally stored passwords can be copied to the clipboard thorough the 'copy password' context menu item without re-entering…

  • CVE-2019-8074CriSep 27, 2019
    risk 0.65cvss 9.8epss 0.19

    ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Path Traversal vulnerability. Successful exploitation could lead to Access Control Bypass in the context of the current user.

  • CVE-2019-8073CriSep 27, 2019
    risk 0.64cvss 9.8epss 0.08

    ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Command Injection via Vulnerable component vulnerability. Successful exploitation could lead to Arbitrary code execution in the context of the current user.

  • CVE-2019-16920CriKEVSep 27, 2019
    risk 0.84cvss 9.8epss 1.00

    Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacker who…

  • CVE-2019-16915CriSep 26, 2019
    risk 0.57cvss 9.8epss 0.04

    An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_contents or file_put_contents.

  • CVE-2019-16894CriSep 26, 2019
    risk 0.67cvss 9.8epss 0.03

    download.php in inoERP 4.15 allows SQL injection through insecure deserialization.

  • CVE-2019-16755CriSep 26, 2019
    risk 0.64cvss 9.8epss 0.03

    BMC Remedy ITSM Suite is prone to unspecified vulnerabilities in both DWP and SmartIT components, which can permit remote attackers to perform pre-authenticated remote commands execution on the Operating System running the targeted application. Affected DWP versions: versions:…

  • CVE-2019-10082CriSep 26, 2019
    risk 0.60cvss 9.1epss 0.17

    In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.

  • CVE-2015-9435CriSep 26, 2019
    risk 0.64cvss 9.8epss 0.02

    The oauth2-provider plugin before 3.1.5 for WordPress has incorrect generation of random numbers.

  • CVE-2019-15941CriSep 25, 2019
    risk 0.64cvss 9.8epss 0.02

    OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access control rules via a crafted OpenID Connect authorization request. To be vulnerable, there must exist an OIDC Relaying party within the LemonLDAP configuration with weaker access…