VYPR

CVEs

31,173 total · page 490 of 624

  • CVE-2019-9891CriMay 31, 2019
    risk 0.64cvss 9.8epss 0.03

    The function getopt_simple as described in Advanced Bash Scripting Guide (ISBN 978-1435752184) allows privilege escalation and execution of commands when used in a shell script called, for example, via sudo.

  • CVE-2019-9874CriKEVMay 31, 2019
    risk 0.82cvss 9.8epss 0.84

    Deserialization of Untrusted Data in the Sitecore.Security.AntiCSRF (aka anti CSRF) module in Sitecore CMS 7.0 to 7.2 and Sitecore XP 7.5 to 8.2 allows an unauthenticated attacker to execute arbitrary code by sending a serialized .NET object in the HTTP POST parameter…

  • CVE-2019-9871CriMay 31, 2019
    risk 0.64cvss 9.8epss 0.06

    Jector Smart TV FM-K75 devices allow remote code execution because there is an adb open port with root permission.

  • CVE-2019-10328CriMay 31, 2019
    risk 0.58cvss 9.9epss 0.02

    Jenkins Pipeline Remote Loader Plugin 1.4 and earlier provided a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection.

  • CVE-2019-8457CriMay 30, 2019
    risk 0.67cvss 9.8epss 0.45

    SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.

  • CVE-2019-9670CriKEVMay 29, 2019
    risk 0.80cvss 9.8epss 1.00

    mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability, as demonstrated by Autodiscover/Autodiscover.xml.

  • CVE-2019-6980CriMay 29, 2019
    risk 0.57cvss 9.8epss 0.04

    Synacor Zimbra Collaboration Suite 8.7.x through 8.8.11 allows insecure object deserialization in the IMAP component.

  • CVE-2018-20160CriMay 29, 2019
    risk 0.64cvss 9.8epss 0.02

    ZxChat (aka ZeXtras Chat), as used for zimbra-chat and zimbra-talk in Synacor Zimbra Collaboration Suite 8.7 and 8.8 and in other products, allows XXE attacks, as demonstrated by a crafted XML request to mailboxd.

  • CVE-2019-6958CriMay 29, 2019
    risk 0.59cvss 9.1epss 0.02

    A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy…

  • CVE-2019-6957CriMay 29, 2019
    risk 0.64cvss 9.8epss 0.02

    A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Video Recording Manager (VRM), Video Streaming Gateway (VSG), Configuration Manager, Building Integration System (BIS) with…

  • CVE-2019-9732CriMay 29, 2019
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control.

  • CVE-2019-9485CriMay 29, 2019
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Insecure Permissions.

  • CVE-2019-12450CriMay 29, 2019
    risk 0.64cvss 9.8epss 0.03

    file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.

  • CVE-2019-12165CriMay 29, 2019
    risk 0.64cvss 9.8epss 0.03

    MiCollab 7.3 PR2 (7.3.0.204) and earlier, 7.2 (7.2.2.13) and earlier, and 7.1 (7.1.0.57) and earlier and MiCollab AWV 6.3 (6.3.0.103), 6.2 (6.2.2.8), 6.1 (6.1.0.28), 6.0 (6.0.0.61), and 5.0 (5.0.5.7) have a Command Execution Vulnerability. Successful exploit of this…

  • CVE-2019-9218CriMay 29, 2019
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 1 of 5).

  • CVE-2019-12440CriMay 29, 2019
    risk 0.64cvss 9.8epss 0.02

    The Sitecore Rocks plugin before 2.1.149 for Sitecore allows an unauthenticated threat actor to inject malicious commands and code via the Sitecore Rocks Hard Rocks Service.

  • CVE-2018-17198CriMay 28, 2019
    risk 0.64cvss 9.8epss 0.04

    Server-side Request Forgery (SSRF) and File Enumeration vulnerability in Apache Roller 5.2.1, 5.2.0 and earlier unsupported versions relies on Java SAX Parser to implement its XML-RPC interface and by default that parser supports external entities in XML DOCTYPE, which opens…

  • CVE-2019-7095CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.09

    Adobe Digital Editions versions 4.5.10.185749 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2019-7094CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.06

    Adobe Photoshop CC 19.1.7 and earlier, and 20.0.2 and earlier have a heap corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2019-7091CriMay 24, 2019
    risk 0.66cvss 9.8epss 0.26

    ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2019-7087CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7086CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7085CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.06

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7084CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7083CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7082CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7080CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.05

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a double free vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7076CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7068CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7066CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7062CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7060CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.05

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7054CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.05

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7052CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7051CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7050CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7046CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7040CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.05

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7039CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7037CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7031CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7029CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7816CriMay 24, 2019
    risk 0.69cvss 9.8epss 0.67

    ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier have a file upload restriction bypass vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2019-7027CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.05

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7026CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7025CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7020CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.06

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7019CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.05

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7018CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2018-17843CriMay 24, 2019
    risk 0.64cvss 9.8epss 0.02

    SQL injection exists in ADD Clicking MLM Software 1.0, Binary MLM Software 1.0, Level MLM Software 1.0, Singleleg MLM Software 1.0, Autopool MLM Software 1.0, Investment MLM Software 1.0, Bidding MLM Software 1.0, Moneyorder MLM Software 1.0, Repurchase MLM Software 1.0, and…