VYPR

CVEs

31,173 total · page 493 of 624

  • CVE-2019-8352CriMay 20, 2019
    risk 0.67cvss 9.8epss 0.06

    By default, BMC PATROL Agent through 11.3.01 uses a static encryption key for encrypting/decrypting user credentials sent over the network to managed PATROL Agent services. If an attacker were able to capture this network traffic, they could decrypt these credentials and use…

  • CVE-2019-12208CriMay 20, 2019
    risk 0.64cvss 9.8epss 0.02

    njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in njs_function_native_call in njs/njs_function.c.

  • CVE-2019-12207CriMay 20, 2019
    risk 0.64cvss 9.8epss 0.02

    njs through 0.3.1, used in NGINX, has a heap-based buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c.

  • CVE-2019-12206CriMay 20, 2019
    risk 0.64cvss 9.8epss 0.02

    njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in nxt_utf8_encode in nxt_utf8.c.

  • CVE-2019-12160CriMay 17, 2019
    risk 0.64cvss 9.8epss 0.02

    GoHTTP through 2017-07-25 has a sendHeader use-after-free.

  • CVE-2019-12158CriMay 17, 2019
    risk 0.64cvss 9.8epss 0.02

    GoHTTP through 2017-07-25 has a GetExtension heap-based buffer overflow via a long extension.

  • CVE-2019-7353CriMay 17, 2019
    risk 0.52cvss 9.1epss 0.02

    An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 11.7.x before 11.7.4. GitLab Releases were vulnerable to an authorization issue that allowed users to view confidential issue and merge request titles of other projects.

  • CVE-2019-11887CriMay 17, 2019
    risk 0.64cvss 9.8epss 0.02

    SimplyBook.me through 2019-05-11 does not properly restrict File Upload which could allow remote code execution.

  • CVE-2019-5954CriMay 17, 2019
    risk 0.59cvss 9.1epss 0.02

    JR East Japan train operation information push notification App for Android version 1.2.4 and earlier allows remote attackers to bypass access restriction to obtain or alter the user's registered information via unspecified vectors.

  • CVE-2019-5953CriMay 17, 2019
    risk 0.64cvss 9.8epss 0.06

    Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers to cause a denial-of-service (DoS) or may execute an arbitrary code via unspecified vectors.

  • CVE-2019-5945CriMay 17, 2019
    risk 0.64cvss 9.8epss 0.02

    Cybozu Garoon 4.2.4 to 4.10.1 allow remote attackers to obtain the users' credential information via the authentication of Cybozu Garoon.

  • CVE-2019-5883CriMay 17, 2019
    risk 0.59cvss 9.1epss 0.01

    An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 6.0 and later but before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. The issue comments feature could allow a user to comment on an issue which they shouldn't be allowed to.

  • CVE-2019-4279CriMay 17, 2019
    risk 0.73cvss 9.8epss 0.80

    IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 160445.

  • CVE-2019-0172CriMay 17, 2019
    risk 0.64cvss 9.8epss 0.02

    A logic issue in Intel Unite(R) Client for Android prior to version 4.0 may allow a remote attacker to potentially enable escalation of privilege via network access.

  • CVE-2019-0153CriMay 17, 2019
    risk 0.64cvss 9.8epss 0.02

    Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

  • CVE-2018-17181CriMay 17, 2019
    risk 0.00cvss 9.8epss 0.01

    An issue was discovered in OpenEMR before 5.0.1 Patch 7. SQL Injection exists in the SaveAudit function in /portal/lib/paylib.php and the portalAudit function in /portal/lib/appsql.class.php.

  • CVE-2018-17179CriMay 17, 2019
    risk 0.04cvss 9.8epss 0.12

    An issue was discovered in OpenEMR before 5.0.1 Patch 7. There is SQL Injection in the make_task function in /interface/forms/eye_mag/php/taskman_functions.php via /interface/forms/eye_mag/taskman.php.

  • CVE-2019-10913CriMay 16, 2019
    risk 0.57cvss 9.8epss 0.02

    In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, HTTP Methods provided as verbs or using the override header may be treated as trusted input, but they are not validated, possibly causing SQL injection or XSS. This is…

  • CVE-2019-10910CriMay 16, 2019
    risk 0.57cvss 9.8epss 0.06

    In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, when service ids allow user input, this could allow for SQL Injection and remote code execution. This is related to symfony/dependency-injection.

  • CVE-2019-0938CriMay 16, 2019
    risk 0.59cvss 9.0epss 0.03

    An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.

  • CVE-2019-0725CriMay 16, 2019
    risk 0.66cvss 9.8epss 0.26

    A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets, aka 'Windows DHCP Server Remote Code Execution Vulnerability'.

  • CVE-2019-0708CriKEVMay 16, 2019
    risk 0.93cvss 9.8epss 1.00

    A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution…

  • CVE-2013-7285CriMay 15, 2019
    risk 0.66cvss 9.8epss 0.84

    Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. e.g. JSON.

  • CVE-2019-5597CriMay 15, 2019
    risk 0.59cvss 9.1epss 0.04

    In FreeBSD 11.3-PRERELEASE and 12.0-STABLE before r347591, 11.2-RELEASE before 11.2-RELEASE-p10, and 12.0-RELEASE before 12.0-RELEASE-p4, a bug in the pf IPv6 fragment reassembly logic incorrectly uses the last extension header offset from the last received packet instead of the…

  • CVE-2019-3725CriMay 15, 2019
    risk 0.64cvss 9.8epss 0.03

    RSA Netwitness Platform versions prior to 11.2.1.1 and RSA Security Analytics versions prior to 10.6.6.1 are vulnerable to a Command Injection vulnerability due to missing input validation in the product. A remote unauthenticated malicious user could exploit this vulnerability…

  • CVE-2018-14839CriKEVMay 14, 2019
    risk 0.83cvss 9.8epss 0.89

    LG N1A1 NAS 3718.510 is affected by: Remote Command Execution. The impact is: execute arbitrary code (remote). The attack vector is: HTTP POST with parameters.

  • CVE-2019-6572CriMay 14, 2019
    risk 0.59cvss 9.1epss 0.03

    A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions <…

  • CVE-2019-3568CriKEVMay 14, 2019
    risk 0.79cvss 9.8epss 0.39

    A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp…

  • CVE-2019-10922CriMay 14, 2019
    risk 0.64cvss 9.8epss 0.03

    A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 and newer (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 and newer (All versions). An attacker with network access to affected…

  • CVE-2019-10919CriMay 14, 2019
    risk 0.61cvss 9.4epss 0.03

    A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Attackers with access to port 10005/tcp could perform device reconfigurations and obtain project files from the devices. The system manual recommends to protect access to this port.…

  • CVE-2018-8940CriMay 14, 2019
    risk 0.64cvss 9.8epss 0.02

    ClientServiceConfigController.cs in Enghouse Cloud Contact Center Platform 7.2.5 has functionality for loading external XML files and parsing them, allowing an attacker to upload a malicious XML file and reference it in the URL of the application, forcing the application to load…

  • CVE-2018-6885CriMay 14, 2019
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in MicroStrategy Web Services (the Microsoft Office plugin) before 10.4 Hotfix 7, and before 10.11. The vulnerability is unauthenticated and leads to access to the asset files with the MicroStrategy user privileges. (This includes the credentials to…

  • CVE-2019-8923CriMay 14, 2019
    risk 0.67cvss 9.8epss 0.04

    XAMPP through 5.6.8 and previous allows SQL injection via the cds-fpdf.php jahr parameter. NOTE: This product is discontinued.

  • CVE-2018-11691CriMay 14, 2019
    risk 0.64cvss 9.8epss 0.02

    Emerson DeltaV Smart Switch Command Center application, available in versions 11.3.x and 12.3.1, was unable to change the DeltaV Smart Switches’ management password upon commissioning. Emerson released patches for DeltaV workstations to address this issue, and the patches can…

  • CVE-2018-18800CriMay 14, 2019
    risk 0.67cvss 9.8epss 0.03

    The Tubigan "Welcome to our Resort" 1.0 software allows SQL Injection via index.php?p=accomodation&q=[SQL], index.php?p=rooms&q=[SQL], or admin/login.php.

  • CVE-2019-9618CriMay 13, 2019
    risk 0.70cvss 9.8epss 0.41

    The GraceMedia Media Player plugin 1.0 for WordPress allows Local File Inclusion via the "cfg" parameter.

  • CVE-2019-10053CriMay 13, 2019
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow.

  • CVE-2018-18912CriMay 13, 2019
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered in Easy File Sharing (EFS) Web Server 7.2. A stack-based buffer overflow vulnerability occurs when a malicious POST request has been made to forum.ghp upon creating a new topic in the forums, which allows remote attackers to execute arbitrary code.

  • CVE-2019-11680CriMay 13, 2019
    risk 0.64cvss 9.8epss 0.04

    KonaKart 8.9.0.0 is vulnerable to Remote Code Execution by uploading a web shell as a product category image.

  • CVE-2019-7690CriMay 13, 2019
    risk 0.64cvss 9.8epss 0.03

    In MobaTek MobaXterm Personal Edition v11.1 Build 3860, the SSH private key and its password can be retrieved from process memory for the lifetime of the process, even after the user disconnects from the remote SSH server. This affects Passwordless Authentication that has a…

  • CVE-2018-4029CriMay 13, 2019
    risk 0.64cvss 9.8epss 0.03

    An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code…

  • CVE-2018-4023CriMay 13, 2019
    risk 0.64cvss 9.8epss 0.03

    An exploitable code execution vulnerability exists in the XML_UploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution.

  • CVE-2018-4018CriMay 13, 2019
    risk 0.64cvss 9.8epss 0.02

    An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on Anker Roav A1 Dashcam version RoavA1SWV1.9. The HTTP server allows for arbitrary firmware binaries to be uploaded which will be flashed upon next reboot. An attacker can send an HTTP…

  • CVE-2018-4014CriMay 13, 2019
    risk 0.64cvss 9.8epss 0.02

    An exploitable code execution vulnerability exists in Wi-Fi Command 9999 of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this…

  • CVE-2015-9287CriMay 13, 2019
    risk 0.64cvss 9.8epss 0.02

    Directory Traversal was discovered in University of Cambridge mod_ucam_webauth before 2.0.2. The key identification field ("kid") of the IdP's HTTP response message ("WLS-Response") can be manipulated by an attacker. The "kid" field is not signed like the rest of the message,…

  • CVE-2018-19990CriMay 13, 2019
    risk 0.64cvss 9.8epss 0.05

    In the /HNAP1/SetWiFiVerifyAlpha message, the WPSPIN parameter is vulnerable, and the vulnerability affects D-Link DIR-822 B1 202KRb06 devices. In the SetWiFiVerifyAlpha.php source code, the WPSPIN parameter is saved in the $rphyinf1."/media/wps/enrollee/pin" and…

  • CVE-2018-19989CriMay 13, 2019
    risk 0.64cvss 9.8epss 0.06

    In the /HNAP1/SetQoSSettings message, the uplink parameter is vulnerable, and the vulnerability affects D-Link DIR-822 Rev.B 202KRb06 and DIR-822 Rev.C 3.10B06 devices. In the SetQoSSettings.php source code, the uplink parameter is saved in the /bwc/entry:1/bandwidth and…

  • CVE-2018-19988CriMay 13, 2019
    risk 0.64cvss 9.8epss 0.07

    In the /HNAP1/SetClientInfoDemo message, the AudioMute and AudioEnable parameters are vulnerable, and the vulnerabilities affect D-Link DIR-868L Rev.B 2.05B02 devices. In the SetClientInfoDemo.php source code, the AudioMute and AudioEnble parameters are saved in the ShellPath…

  • CVE-2018-19987CriMay 13, 2019
    risk 0.65cvss 9.8epss 0.13

    D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code,…

  • CVE-2018-19986CriMay 13, 2019
    risk 0.67cvss 9.8epss 0.42

    In the /HNAP1/SetRouterSettings message, the RemotePort parameter is vulnerable, and the vulnerability affects D-Link DIR-818LW Rev.A 2.05.B03 and DIR-822 B1 202KRb06 devices. In the SetRouterSettings.php source code, the RemotePort parameter is saved in the…