VYPR

CVEs

31,179 total · page 481 of 624

  • CVE-2019-14193CriJul 31, 2019
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length.

  • CVE-2019-14192CriJul 31, 2019
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an nc_input_packet call.

  • CVE-2019-5454CriJul 30, 2019
    risk 0.64cvss 9.8epss 0.02

    SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account.

  • CVE-2019-13026CriJul 30, 2019
    risk 0.64cvss 9.8epss 0.01

    OXID eShop 6.0.x before 6.0.5 and 6.1.x before 6.1.4 allows SQL Injection via a crafted URL, leading to full access by an attacker. This includes all shopping cart options, customer data, and the database. No interaction between the attacker and the victim is necessary.

  • CVE-2018-20871CriJul 30, 2019
    risk 0.64cvss 9.8epss 0.02

    In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on root_squash, weak file permissions ("other" write access) occur in certain cases (GE-6890).

  • CVE-2019-14313CriJul 30, 2019
    risk 0.64cvss 9.8epss 0.04

    A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.php.

  • CVE-2019-11202CriJul 30, 2019
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered that affects the following versions of Rancher: v2.0.0 through v2.0.13, v2.1.0 through v2.1.8, and v2.2.0 through 2.2.1. When Rancher starts for the first time, it creates a default admin user with a well-known password. After initial setup, the Rancher…

  • CVE-2018-20863CriJul 30, 2019
    risk 0.64cvss 9.8epss 0.02

    cPanel before 76.0.8 allows remote attackers to execute arbitrary code via mailing-list attachments (SEC-452).

  • CVE-2019-13635CriJul 30, 2019
    risk 0.63cvss 9.1epss 0.45

    The WP Fastest Cache plugin through 0.8.9.5 for WordPress allows wpFastestCache.php and inc/cache.php Directory Traversal.

  • CVE-2015-9290CriJul 30, 2019
    risk 0.64cvss 9.8epss 0.03

    In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again.

  • CVE-2019-14431CriJul 29, 2019
    risk 0.64cvss 9.8epss 0.04

    In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDecode.c. During processing of a crafted packet, the server…

  • CVE-2018-11773CriJul 29, 2019
    risk 0.64cvss 9.8epss 0.02

    Apache VCL versions 2.1 through 2.5 do not properly validate form input when processing a submitted block allocation. The form data is then used as an argument to the php built in function strtotime. This allows for an attack against the underlying implementation of that…

  • CVE-2019-14271CriJul 29, 2019
    risk 0.58cvss 9.8epss 0.19

    In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container.

  • CVE-2019-13571CriJul 29, 2019
    risk 0.64cvss 9.8epss 0.04

    A SQL injection vulnerability exists in the Vsourz Digital Advanced CF7 DB plugin through 1.6.1 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.

  • CVE-2019-14379CriJul 29, 2019
    risk 0.57cvss 9.8epss 0.08

    SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.

  • CVE-2019-14363CriJul 28, 2019
    risk 0.64cvss 9.8epss 0.03

    A stack-based buffer overflow in the upnpd binary running on NETGEAR WNDR3400v3 routers with firmware version 1.0.1.18_1.0.63 allows an attacker to remotely execute arbitrary code via a crafted UPnP SSDP packet.

  • CVE-2017-18379CriJul 27, 2019
    risk 0.00cvss 9.8epss 0.03

    In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c.

  • CVE-2016-10764CriJul 27, 2019
    risk 0.57cvss 9.8epss 0.03

    In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead.

  • CVE-2012-6712CriJul 27, 2019
    risk 0.57cvss 9.8epss 0.03

    In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.

  • CVE-2011-5327CriJul 27, 2019
    risk 0.57cvss 9.8epss 0.04

    In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption.

  • CVE-2007-6762CriJul 27, 2019
    risk 0.57cvss 9.8epss 0.03

    In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array.

  • CVE-2019-13990CriJul 26, 2019
    risk 0.58cvss 9.8epss 0.16

    initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.

  • CVE-2019-14282CriJul 26, 2019
    risk 0.64cvss 9.8epss 0.03

    The simple_captcha2 gem 0.2.3 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.

  • CVE-2019-14281CriJul 26, 2019
    risk 0.64cvss 9.8epss 0.03

    The datagrid gem 1.0.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.

  • CVE-2019-14277CriJul 26, 2019
    risk 0.64cvss 9.8epss 0.07

    Axway SecureTransport 5.x through 5.3 (or 5.x through 5.5 with certain API configuration) is vulnerable to unauthenticated blind XML injection (and XXE) in the resetPassword functionality via the REST API. This vulnerability can lead to local file disclosure, DoS, or URI…

  • CVE-2019-5604CriJul 26, 2019
    risk 0.63cvss 9.6epss 0.03

    In FreeBSD 12.0-STABLE before r350246, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350247, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, the emulated XHCI device included with the bhyve hypervisor did not properly validate data…

  • CVE-2019-10744CriJul 26, 2019
    risk 0.00cvss 9.1epss 0.05

    Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.

  • CVE-2018-11779CriJul 26, 2019
    risk 0.64cvss 9.8epss 0.03

    In Apache Storm versions 1.1.0 to 1.2.2, when the user is using the storm-kafka-client or storm-kafka modules, it is possible to cause the Storm UI daemon to deserialize user provided bytes into a Java class.

  • CVE-2019-11921CriJul 25, 2019
    risk 0.00cvss 9.8epss 0.02

    An out of bounds write is possible via a specially crafted packet in certain configurations of Proxygen due to improper handling of Base64 when parsing malformed binary content in Structured HTTP Headers. This issue affects versions of proxygen prior to v2019.07.22.00.

  • CVE-2019-13917CriJul 25, 2019
    risk 0.64cvss 9.8epss 0.09

    Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).

  • CVE-2019-9885CriJul 25, 2019
    risk 0.64cvss 9.8epss 0.03

    eClass platform < ip.2.5.10.2.1 allows an attacker to execute SQL command via /admin/academic/studenview_left.php StudentID parameter.

  • CVE-2019-9884CriJul 25, 2019
    risk 0.64cvss 9.8epss 0.03

    eClass platform < ip.2.5.10.2.1 allows an attacker to use GETS method to request /admin page to bypass the password validation and access management page.

  • CVE-2019-2327CriJul 25, 2019
    risk 0.64cvss 9.8epss 0.01

    Possible buffer overflow can occur when playing clip with incorrect element size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206,…

  • CVE-2019-2322CriJul 25, 2019
    risk 0.64cvss 9.8epss 0.01

    Buffer overflow can occur when playing specific clip which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in…

  • CVE-2019-2309CriJul 25, 2019
    risk 0.64cvss 9.8epss 0.01

    While storing calibrated data from firmware in cache, An integer overflow may occur since data length received may exceed real data length. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,…

  • CVE-2019-2307CriJul 25, 2019
    risk 0.64cvss 9.8epss 0.02

    Possible integer underflow due to lack of validation before calculation of data length in 802.11 Rx management configuration in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice…

  • CVE-2019-2305CriJul 25, 2019
    risk 0.64cvss 9.8epss 0.01

    Out of bound access when reason code is extracted from frame data without validating the frame length in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150,…

  • CVE-2019-2276CriJul 25, 2019
    risk 0.64cvss 9.8epss 0.01

    Possible out of bound read occurs while processing beaconing request due to lack of check on action frames received from user controlled space in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music…

  • CVE-2019-2254CriJul 25, 2019
    risk 0.64cvss 9.8epss 0.01

    Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206,…

  • CVE-2019-2253CriJul 25, 2019
    risk 0.64cvss 9.8epss 0.01

    Buffer over-read can occur while parsing an ogg file with a corrupted comment block. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150,…

  • CVE-2019-1010176CriJul 25, 2019
    risk 0.64cvss 9.8epss 0.03

    JerryScript commit 4e58ccf68070671e1fff5cd6673f0c1d5b80b166 is affected by: Buffer Overflow. The impact is: denial of service and possibly arbitrary code execution. The component is: function lit_char_to_utf8_bytes (jerry-core/lit/lit-char-helpers.c:377). The attack vector is:…

  • CVE-2019-1010174CriJul 25, 2019
    risk 0.64cvss 9.8epss 0.05

    CImg The CImg Library v.2.3.3 and earlier is affected by: command injection. The impact is: RCE. The component is: load_network() function. The attack vector is: Loading an image from a user-controllable url can lead to command injection, because no string sanitization is done…

  • CVE-2019-1010161CriJul 25, 2019
    risk 0.64cvss 9.8epss 0.01

    perl-CRYPT-JWT 0.022 and earlier is affected by: Incorrect Access Control. The impact is: bypass authentication. The component is: JWT.pm for JWT security token, line 614 in _decode_jws(). The attack vector is: network connectivity(crafting user-controlled input to bypass…

  • CVE-2019-1010191CriJul 24, 2019
    risk 0.00cvss 9.8epss 0.01

    marginalia < 1.6 is affected by: SQL Injection. The impact is: The impact is a injection of any SQL queries when a user controller argument is added as a component. The component is: Affects users that add a component that is user controller, for instance a parameter or a…

  • CVE-2019-1010179CriJul 24, 2019
    risk 0.64cvss 9.8epss 0.03

    PHKP including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b is affected by: Improper Neutralization of Special Elements used in a Command ('Command Injection'). The impact is: It is possible to manipulate gpg-keys or execute commands remotely. The component is: function…

  • CVE-2019-1010178CriJul 24, 2019
    risk 0.64cvss 9.8epss 0.05

    Fred MODX Revolution < 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. The impact is: Remote Code Execution. The component is: assets/components/fred/web/elfinder/connector.php. The attack vector is: Uploading a PHP file or change data in the database. The fixed…

  • CVE-2019-1010177CriJul 24, 2019
    risk 0.64cvss 9.8epss 0.02

    Jsish 2.4.70 2.047 is affected by: Use After Free. The impact is: denial of service and possibly arbitrary code execution. The component is: function Jsi_RegExpNew (jsi/jsiRegexp.c:39). The attack vector is: executing crafted javascript code. The fixed version is: after commit…

  • CVE-2019-2856CriJul 23, 2019
    risk 0.64cvss 9.8epss 0.02

    Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Application Container - JavaEE). Supported versions that are affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to…

  • CVE-2019-2828CriJul 23, 2019
    risk 0.63cvss 9.6epss 0.02

    Vulnerability in the Oracle Field Service component of Oracle E-Business Suite (subcomponent: Wireless). Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2019-2775CriJul 23, 2019
    risk 0.59cvss 9.1epss 0.02

    Vulnerability in the Oracle Payments component of Oracle E-Business Suite (subcomponent: File Transmission). Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via…