VYPR

CVEs

31,173 total · page 496 of 624

  • CVE-2019-9951CriApr 24, 2019
    risk 0.64cvss 9.8epss 0.02

    Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is affected by an unauthenticated file upload vulnerability. The page…

  • CVE-2019-9950CriApr 24, 2019
    risk 0.64cvss 9.8epss 0.02

    Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is affected by an authentication bypass vulnerability. The login_mgr.cgi file…

  • CVE-2019-3793CriApr 24, 2019
    risk 0.64cvss 9.8epss 0.01

    Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0.21, versions 667.0.x prior to 667.0.7, contain an invitation service that accepts HTTP. A remote unauthenticated user could listen to network traffic and gain access to the…

  • CVE-2019-7214CriApr 24, 2019
    risk 0.73cvss 9.8epss 0.83

    SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data. An unauthenticated attacker could run commands on the server when port 17001 was remotely accessible. This port is not accessible remotely by default after applying the Build 6985 patch.

  • CVE-2019-11081CriApr 24, 2019
    risk 0.64cvss 9.8epss 0.02

    A default username and password in Dentsply Sirona Sidexis 4.3.1 and earlier allows an attacker to gain administrative access to the application server.

  • CVE-2019-7727CriApr 23, 2019
    risk 0.64cvss 9.8epss 0.04

    In NICE Engage through 6.5, the default configuration binds an unauthenticated JMX/RMI interface to all network interfaces, without restricting registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol by using the JMX connector. The…

  • CVE-2019-2702CriApr 23, 2019
    risk 0.61cvss 9.3epss 0.01

    Vulnerability in the Oracle Hospitality Cruise Dining Room Management component of Oracle Hospitality Applications (subcomponent: Web Service). The supported version that is affected is 8.0.80. Easily exploitable vulnerability allows unauthenticated attacker with network access…

  • CVE-2019-2699CriApr 23, 2019
    risk 0.59cvss 9.0epss 0.03

    Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Windows DLL). The supported version that is affected is Java SE: 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE.…

  • CVE-2019-2658CriApr 23, 2019
    risk 0.64cvss 9.8epss 0.02

    Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via…

  • CVE-2019-2646CriApr 23, 2019
    risk 0.64cvss 9.8epss 0.02

    Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: EJB Container). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access…

  • CVE-2019-2645CriApr 23, 2019
    risk 0.64cvss 9.8epss 0.02

    Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network…

  • CVE-2019-2638CriApr 23, 2019
    risk 0.64cvss 9.9epss 0.01

    Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Consolidation Hierarchy Viewer). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability…

  • CVE-2019-2633CriApr 23, 2019
    risk 0.64cvss 9.9epss 0.01

    Vulnerability in the Oracle Work in Process component of Oracle E-Business Suite (subcomponent: Messages). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows low privileged…

  • CVE-2019-2517CriApr 23, 2019
    risk 0.59cvss 9.1epss 0.02

    Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1 and 18c. Easily exploitable vulnerability allows high privileged attacker having DBFS_ROLE privilege with network access via Oracle Net to compromise Core…

  • CVE-2019-11076CriApr 23, 2019
    risk 0.64cvss 9.8epss 0.04

    Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthenticated web request.

  • CVE-2019-7304CriApr 23, 2019
    risk 0.65cvss 9.8epss 0.61

    Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.

  • CVE-2019-11469CriApr 23, 2019
    risk 0.68cvss 9.8epss 0.18

    Zoho ManageEngine Applications Manager 12 through 14 allows FaultTemplateOptions.jsp resourceid SQL injection. Subsequently, an unauthenticated user can gain the authority of SYSTEM on the server by uploading a malicious file via the "Execute Program Action(s)" feature.

  • CVE-2019-11460CriApr 22, 2019
    risk 0.59cvss 9.0epss 0.02

    An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 prior to 3.30.2.2, and 3.32 prior to 3.32.1.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the…

  • CVE-2019-11383CriApr 22, 2019
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in the Medha WiFi FTP Server application 1.8.3 for Android. An attacker can read the username/password of a valid user via /data/data/com.medhaapps.wififtpserver/shared_prefs/com.medhaapps.wififtpserver_preferences.xml

  • CVE-2019-11384CriApr 22, 2019
    risk 0.64cvss 9.8epss 0.01

    The Zalora application 6.15.1 for Android stores confidential information insecurely on the system (i.e. plain text), which allows a non-root user to find out the username/password of a valid user via /data/data/com.zalora.android/shared_prefs/login_data.xml.

  • CVE-2019-3899CriApr 22, 2019
    risk 0.64cvss 9.8epss 0.01

    It was found that default configuration of Heketi does not require any authentication potentially exposing the management interface to misuse. This isue only affects heketi as shipped with Openshift Container Platform 3.11.

  • CVE-2016-1585CriApr 22, 2019
    risk 0.64cvss 9.8epss 0.01

    In all versions of AppArmor mount rules are accidentally widened when compiled.

  • CVE-2014-1427CriApr 22, 2019
    risk 0.62cvss 9.6epss 0.01

    A vulnerability in the REST API of Ubuntu MAAS allows an attacker to cause a logged-in user to execute commands via cross-site scripting. This issue affects MAAS versions prior to 1.9.2.

  • CVE-2019-11450CriApr 22, 2019
    risk 0.64cvss 9.8epss 0.01

    whatsns 4.0 allows index.php?question/ajaxadd.html title SQL injection.

  • CVE-2019-11448CriApr 22, 2019
    risk 0.68cvss 9.8epss 0.12

    An issue was discovered in Zoho ManageEngine Applications Manager 11.0 through 14.0. An unauthenticated user can gain the authority of SYSTEM on the server due to a Popup_SLA.jsp sid SQL injection vulnerability. For example, the attacker can subsequently write arbitrary text to…

  • CVE-2019-11418CriApr 22, 2019
    risk 0.64cvss 9.8epss 0.02

    apply.cgi on the TRENDnet TEW-632BRP 1.010B32 router has a buffer overflow via long strings to the SOAPACTION:HNAP1 interface.

  • CVE-2019-11417CriApr 22, 2019
    risk 0.64cvss 9.8epss 0.02

    system.cgi on TRENDnet TV-IP110WN cameras has a buffer overflow caused by an inadequate source-length check before a strcpy operation in the respondAsp function. Attackers can exploit the vulnerability by using the languse parameter with a long string. This affects 1.2.2 build…

  • CVE-2019-11411CriApr 22, 2019
    risk 0.00cvss 9.8epss 0.03

    An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations in jsnumber.c have a stack-based buffer overflow.

  • CVE-2019-11403CriApr 22, 2019
    risk 0.64cvss 9.8epss 0.01

    In Gradle Enterprise before 2018.5.2, Build Cache Nodes would reflect the configured password back when viewing the HTML page source of the settings page.

  • CVE-2019-11402CriApr 22, 2019
    risk 0.64cvss 9.8epss 0.01

    In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in an encrypted format.

  • CVE-2019-11395CriApr 22, 2019
    risk 0.65cvss 9.8epss 0.15

    A buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long string, as demonstrated by SMTP RCPT TO, POP3 USER, POP3 LIST, POP3 TOP, or POP3 RETR.

  • CVE-2019-11393CriApr 22, 2019
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in /admin/users/update in M/Monit before 3.7.3. It allows unprivileged users to escalate their privileges to an administrator by requesting a password change and specifying the admin parameter.

  • CVE-2019-11235CriApr 22, 2019
    risk 0.64cvss 9.8epss 0.04

    FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and…

  • CVE-2019-11234CriApr 22, 2019
    risk 0.64cvss 9.8epss 0.08

    FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497.

  • CVE-2018-20818CriApr 22, 2019
    risk 0.64cvss 9.8epss 0.02

    A buffer overflow vulnerability was discovered in the OpenPLC controller, in the OpenPLC_v2 and OpenPLC_v3 versions. It occurs in the modbus.cpp mapUnusedIO() function, which can cause a runtime crash of the PLC or possibly have unspecified other impact.

  • CVE-2019-11371CriApr 20, 2019
    risk 0.64cvss 9.8epss 0.02

    BWA (aka Burrow-Wheeler Aligner) 0.7.17 r1198 has a Buffer Overflow via a long prefix that is mishandled in bns_fasta2bntseq and bns_dump at btnseq.c.

  • CVE-2019-11365CriApr 20, 2019
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple…

  • CVE-2019-11362CriApr 20, 2019
    risk 0.64cvss 9.8epss 0.02

    app/controllers/frontend/PostController.php in ROCBOSS V2.2.1 has SQL injection via the Post:doReward score paramter, as demonstrated by the /do/reward/3 URI.

  • CVE-2018-20817CriApr 19, 2019
    risk 0.64cvss 9.8epss 0.04

    SV_SteamAuthClient in various Activision Infinity Ward Call of Duty games before 2015-08-11 is missing a size check when reading authBlob data into a buffer, which allows one to execute code on the remote target machine when sending a steam authentication request. This affects…

  • CVE-2019-11350CriApr 19, 2019
    risk 0.64cvss 9.8epss 0.02

    CloudBees Jenkins Operations Center 2.150.2.3, when an expired trial license exists, allows Cleartext Password Storage and Retrieval via the proxy configuration page.

  • CVE-2019-2030CriApr 19, 2019
    risk 0.64cvss 9.8epss 0.01

    In removeInterfaceAddress of NetworkController.cpp, there is a possible use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID:…

  • CVE-2019-11344CriApr 19, 2019
    risk 0.64cvss 9.8epss 0.04

    data/inc/files.php in Pluck 4.7.8 allows remote attackers to execute arbitrary code by uploading a .htaccess file that specifies SetHandler x-httpd-php for a .txt file, because only certain PHP-related filename extensions are blocked.

  • CVE-2019-9161CriApr 18, 2019
    risk 0.64cvss 9.8epss 0.05

    WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a Remote Code Execution issue allowing remote attackers to achieve full access to the system, because shell metacharacters in the nginx_webconsole.php Cookie header can be used to read an…

  • CVE-2019-9160CriApr 18, 2019
    risk 0.64cvss 9.8epss 0.03

    WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a backdoor account allowing a remote attacker to login to the system via SSH (on TCP port 22345) and escalate to root (because the password for root is the WebUI admin password concatenated with a static…

  • CVE-2019-11223CriApr 18, 2019
    risk 0.64cvss 9.8epss 0.09

    An Unrestricted File Upload Vulnerability in the SupportCandy plugin through 2.0.0 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension.

  • CVE-2019-11322CriApr 18, 2019
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function startRmtAssist in hnap, which leads to remote code execution via shell metacharacters in a JSON value.

  • CVE-2019-11320CriApr 18, 2019
    risk 0.64cvss 9.8epss 0.02

    In Motorola CX2 1.01 and M2 1.01, users can access the router's /priv_mgt.html web page to launch telnetd, as demonstrated by the 192.168.51.1 address.

  • CVE-2019-11319CriApr 18, 2019
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function downloadFirmware in hnap, which leads to remote code execution via shell metacharacters in a JSON value.

  • CVE-2019-11035CriApr 18, 2019
    risk 0.60cvss 9.1epss 0.04

    When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.

  • CVE-2019-11034CriApr 18, 2019
    risk 0.59cvss 9.1epss 0.04

    When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.