VYPR

CVEs

31,172 total · page 502 of 624

  • CVE-2018-17412CriMar 7, 2019
    risk 0.64cvss 9.8epss 0.02

    zzcms v8.3 contains a SQL Injection vulnerability in /user/logincheck.php via an X-Forwarded-For HTTP header.

  • CVE-2018-16809CriMar 7, 2019
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Dolibarr through 7.0.0. expensereport/card.php in the expense reports module allows SQL injection via the integer parameters qty and value_unit.

  • CVE-2018-18815CriMar 7, 2019
    risk 0.65cvss 10.0epss 0.03

    The REST API component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contains a…

  • CVE-2019-0192CriMar 7, 2019
    risk 0.70cvss 9.8epss 0.78

    In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on…

  • CVE-2019-5019CriMar 7, 2019
    risk 0.64cvss 9.8epss 0.02

    A heap-based overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro R1 (7,0,2018,1113). While parsing Document Summary Property Set stream, the getSummaryInformation function is incorrectly checking…

  • CVE-2019-9626CriMar 7, 2019
    risk 0.64cvss 9.8epss 0.01

    PHPSHE 1.7 allows module/index/cart.php pintuan_id SQL Injection to index.php.

  • CVE-2019-9623CriMar 7, 2019
    risk 0.67cvss 9.8epss 0.08

    Feng Office 3.7.0.5 allows remote attackers to execute arbitrary code via "<!--#exec cmd=" in a .shtml file to ck_upload_handler.php.

  • CVE-2019-0187CriMar 6, 2019
    risk 0.64cvss 9.8epss 0.03

    Unauthenticated RCE is possible when JMeter is used in distributed mode (-r or -R command line options). Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests…

  • CVE-2019-9594CriMar 6, 2019
    risk 0.64cvss 9.8epss 0.01

    BlueCMS 1.6 allows SQL Injection via the user_id parameter in an uploads/admin/user.php?act=edit request.

  • CVE-2019-0729CriMar 5, 2019
    risk 0.64cvss 9.8epss 0.03

    An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'.

  • CVE-2019-0626CriMar 5, 2019
    risk 0.69cvss 9.8epss 0.68

    A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'.

  • CVE-2019-0604CriKEVMar 5, 2019
    risk 0.93cvss 9.8epss 1.00

    A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594.

  • CVE-2019-3922CriMar 5, 2019
    risk 0.64cvss 9.8epss 0.05

    The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, unauthenticated attacker to /GponForm/fsetup_Form. An attacker can leverage this vulnerability to potentially…

  • CVE-2019-3918CriMar 5, 2019
    risk 0.64cvss 9.8epss 0.02

    The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard coded credentials for the Telnet and SSH interfaces.

  • CVE-2019-6563CriMar 5, 2019
    risk 0.64cvss 9.8epss 0.02

    Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the device.

  • CVE-2019-6557CriMar 5, 2019
    risk 0.64cvss 9.8epss 0.05

    Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code execution.

  • CVE-2019-6524CriMar 5, 2019
    risk 0.64cvss 9.8epss 0.03

    Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attacker to discover passwords via brute force attack.

  • CVE-2019-6522CriMar 5, 2019
    risk 0.59cvss 9.1epss 0.03

    Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device reboot.

  • CVE-2018-19725CriMar 5, 2019
    risk 0.64cvss 9.8epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a security bypass vulnerability. Successful exploitation could lead to privilege escalation.

  • CVE-2019-4032CriMar 5, 2019
    risk 0.64cvss 9.8epss 0.02

    IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM…

  • CVE-2019-8262CriMar 5, 2019
    risk 0.64cvss 9.8epss 0.05

    UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder, which results in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1204.

  • CVE-2019-8261CriMar 5, 2019
    risk 0.64cvss 9.8epss 0.02

    UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE decoder, caused by multiplication overflow. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1200.

  • CVE-2019-8260CriMar 5, 2019
    risk 0.64cvss 9.8epss 0.02

    UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code, caused by multiplication overflow. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1200.

  • CVE-2019-8258CriMar 5, 2019
    risk 0.64cvss 9.8epss 0.04

    UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199.

  • CVE-2018-15361CriMar 5, 2019
    risk 0.64cvss 9.8epss 0.03

    UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199.

  • CVE-2019-6235CriMar 4, 2019
    risk 0.65cvss 10.0epss 0.02

    A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions.

  • CVE-2019-6206CriMar 4, 2019
    risk 0.64cvss 9.8epss 0.01

    An issue existed with autofill resuming after it was canceled. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.3. Password autofill may fill in passwords after they were manually cleared.

  • CVE-2019-9566CriMar 4, 2019
    risk 0.64cvss 9.8epss 0.02

    FlarumChina v0.1.0-beta.7C has SQL injection via a /?q= request.

  • CVE-2019-9565CriMar 4, 2019
    risk 0.59cvss 9.1epss 0.02

    Druide Antidote RX, HD, 8 before 8.05.2287, 9 before 9.5.3937 and 10 before 10.1.2147 allows remote attackers to steal NTLM hashes or perform SMB relay attacks upon a direct launch of the product, or upon an indirect launch via an integration such as Chrome, Firefox, Word,…

  • CVE-2019-9552CriMar 4, 2019
    risk 0.64cvss 9.8epss 0.02

    Eloan V3.0 through 2018-09-20 allows remote attackers to list files via a direct request to the p2p/api/ or p2p/lib/ or p2p/images/ URI.

  • CVE-2019-9546CriMar 1, 2019
    risk 0.64cvss 9.8epss 0.03

    SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service.

  • CVE-2019-9483CriMar 1, 2019
    risk 0.59cvss 9.1epss 0.01

    Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows attackers to obtain audio and video data, or insert spoofed video that does not correspond to the actual person at the door.

  • CVE-2019-1663CriFeb 28, 2019
    risk 0.74cvss 9.8epss 0.96

    A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected…

  • CVE-2018-18498CriFeb 28, 2019
    risk 0.64cvss 9.8epss 0.04

    A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4,…

  • CVE-2018-18493CriFeb 28, 2019
    risk 0.64cvss 9.8epss 0.05

    A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4,…

  • CVE-2018-18492CriFeb 28, 2019
    risk 0.64cvss 9.8epss 0.10

    A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox <…

  • CVE-2018-12407CriFeb 28, 2019
    risk 0.64cvss 9.8epss 0.03

    A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially exploitable crash. This vulnerability affects Firefox < 64.

  • CVE-2018-12405CriFeb 28, 2019
    risk 0.64cvss 9.8epss 0.03

    Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This…

  • CVE-2018-12392CriFeb 28, 2019
    risk 0.64cvss 9.8epss 0.03

    When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.

  • CVE-2018-12390CriFeb 28, 2019
    risk 0.64cvss 9.8epss 0.03

    Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This…

  • CVE-2019-9227CriFeb 28, 2019
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered in baigo CMS 2.1.1. There is a vulnerability that allows remote attackers to execute arbitrary code. A BG_SITE_NAME parameter with malicious code can be written into the opt_base.inc.php file.

  • CVE-2019-9215CriFeb 28, 2019
    risk 0.64cvss 9.8epss 0.02

    In Live555 before 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function.

  • CVE-2019-9212CriFeb 27, 2019
    risk 0.64cvss 9.8epss 0.03

    SOFA-Hessian through 4.0.2 allows remote attackers to execute arbitrary commands via a crafted serialized Hessian object because blacklisting of com.caucho.naming.QName and com.sun.org.apache.xpath.internal.objects.XString is mishandled, related to Resin Gadget. NOTE: The vendor…

  • CVE-2019-9201CriFeb 26, 2019
    risk 0.64cvss 9.8epss 0.03

    Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories.

  • CVE-2019-9195CriFeb 26, 2019
    risk 0.00cvss 9.8epss 0.04

    util/src/zip.rs in Grin before 1.0.2 mishandles suspicious files. An attacker can execute arbitrary code via directory traversal in a ZIP archive.

  • CVE-2019-9194CriFeb 26, 2019
    risk 0.04cvss 9.8epss 0.97

    elFinder before 2.1.48 has a command injection vulnerability in the PHP connector.

  • CVE-2019-7392CriFeb 26, 2019
    risk 0.59cvss 9.1epss 0.02

    An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration.

  • CVE-2019-9184CriFeb 26, 2019
    risk 0.67cvss 9.8epss 0.09

    SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the product_option[] parameter.

  • CVE-2019-6592CriFeb 26, 2019
    risk 0.59cvss 9.1epss 0.01

    On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file when validating SSL certificates in client SSL or server SSL profiles.

  • CVE-2019-9169CriFeb 26, 2019
    risk 0.64cvss 9.8epss 0.05

    In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.