VYPR

CVEs

31,171 total · page 504 of 624

  • CVE-2019-5916CriFeb 13, 2019
    risk 0.64cvss 9.8epss 0.01

    Input validation issue in POWER EGG(Ver 2.0.1, Ver 2.02 Patch 3 and earlier, Ver 2.1 Patch 4 and earlier, Ver 2.2 Patch 7 and earlier, Ver 2.3 Patch 9 and earlier, Ver 2.4 Patch 13 and earlier, Ver 2.5 Patch 12 and earlier, Ver 2.6 Patch 8 and earlier, Ver 2.7 Patch 6 and…

  • CVE-2019-5909CriFeb 13, 2019
    risk 0.64cvss 9.8epss 0.05

    License Manager Service of YOKOGAWA products (CENTUM VP (R5.01.00 - R6.06.00), CENTUM VP Entry Class (R5.01.00 - R6.06.00), ProSafe-RS (R3.01.00 - R4.04.00), PRM (R4.01.00 - R4.02.00), B/M9000 VP(R7.01.01 - R8.02.03)) allows remote attackers to bypass access restriction to send…

  • CVE-2019-6543CriFeb 13, 2019
    risk 0.68cvss 9.8epss 0.17

    AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update. Code is executed under the program runtime privileges, which could lead to the compromise of the machine.

  • CVE-2018-19645CriFeb 12, 2019
    risk 0.64cvss 9.8epss 0.01

    An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.

  • CVE-2019-7743CriFeb 12, 2019
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in Joomla! before 3.9.3. The phar:// stream wrapper can be used for objection injection attacks because there is no protection mechanism (such as the TYPO3 PHAR stream wrapper) to prevent use of the phar:// handler for non .phar-files.

  • CVE-2019-6533CriFeb 12, 2019
    risk 0.59cvss 9.1epss 0.01

    Registers used to store Modbus values can be read and written from the web interface without authentication in the PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166).

  • CVE-2019-6527CriFeb 12, 2019
    risk 0.64cvss 9.8epss 0.01

    PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) may allow an attacker to be able to change the password for an admin user who is currently or previously logged in, provided the device has not been restarted.

  • CVE-2018-9583CriFeb 11, 2019
    risk 0.64cvss 9.8epss 0.02

    In bta_ag_parse_cmer of bta_ag_cmd.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution in the bluetooth server with no additional…

  • CVE-2019-7747CriFeb 11, 2019
    risk 0.63cvss 9.6epss 0.01

    DbNinja 3.2.7 allows session fixation via the data.php sessid parameter.

  • CVE-2019-7736CriFeb 11, 2019
    risk 0.64cvss 9.8epss 0.03

    D-Link DIR-600M C1 3.04 devices allow authentication bypass via a direct request to the wan.htm page. NOTE: this may overlap CVE-2019-13101.

  • CVE-2019-7731CriFeb 11, 2019
    risk 0.64cvss 9.8epss 0.04

    MyWebSQL 3.7 has a remote code execution (RCE) vulnerability after an attacker writes shell code into the database, and executes the Backup Database function with a .php filename for the backup's archive file.

  • CVE-2018-12549CriFeb 11, 2019
    risk 0.64cvss 9.8epss 0.02

    In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it.

  • CVE-2018-12547CriFeb 11, 2019
    risk 0.64cvss 9.8epss 0.03

    In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user…

  • CVE-2019-7720CriFeb 11, 2019
    risk 0.64cvss 9.8epss 0.02

    taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request.

  • CVE-2019-7719CriFeb 11, 2019
    risk 0.64cvss 9.8epss 0.02

    Nibbleblog 4.0.5 allows eval injection by placing PHP code in the install.php username parameter and then making a content/private/shadow.php request.

  • CVE-2018-20779CriFeb 11, 2019
    risk 0.64cvss 9.8epss 0.02

    Traq 3.7.1 allows SQL Injection via a tickets?search= URI.

  • CVE-2018-20771CriFeb 10, 2019
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is unauthenticated Remote Command Execution.

  • CVE-2018-20770CriFeb 10, 2019
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL Injection.

  • CVE-2018-20768CriFeb 10, 2019
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An attacker can execute PHP code by leveraging a writable file.

  • CVE-2019-7692CriFeb 10, 2019
    risk 0.64cvss 9.8epss 0.02

    install/install.php in CIM 0.9.3 allows remote attackers to execute arbitrary PHP code via a crafted prefix value because of configuration file mishandling in the N=83 case, as demonstrated by a call to the PHP fputs function that creates a .php file in the public folder.

  • CVE-2018-13792CriFeb 10, 2019
    risk 0.64cvss 9.8epss 0.01

    Multiple SQL injection vulnerabilities in the monitoring feature in the HTTP API in ABBYY FlexiCapture before 12 Release 2 allow an attacker to execute arbitrary SQL commands via the mask, sortOrder, filter, or Order parameter.

  • CVE-2019-7684CriFeb 9, 2019
    risk 0.64cvss 9.8epss 0.02

    inxedu through 2018-12-24 has a vulnerability that can lead to the upload of a malicious JSP file. The vulnerable code location is com.inxedu.os.common.controller.VideoUploadController#gok4 (com/inxedu/os/common/controller/VideoUploadController.java). The attacker uses the…

  • CVE-2019-7678CriFeb 9, 2019
    risk 0.64cvss 9.8epss 0.02

    A directory traversal vulnerability was discovered in Enphase Envoy R3.*.* via images/, include/, include/js, or include/css on TCP port 8888.

  • CVE-2019-7674CriFeb 9, 2019
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. /admin/access accepts a request to set the "aaaaa" password, considered insecure for some use cases, from a user.

  • CVE-2009-5154CriFeb 9, 2019
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. There is a default password of meinsm for the admin account.

  • CVE-2019-7653CriFeb 9, 2019
    risk 0.64cvss 9.8epss 0.02

    The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in this directory, as demonstrated by rdf2dot. This issue is specific to use of the…

  • CVE-2018-1352CriFeb 8, 2019
    risk 0.64cvss 9.8epss 0.01

    A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username variable.

  • CVE-2018-20764CriFeb 8, 2019
    risk 0.64cvss 9.8epss 0.01

    A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for BoKS encrypted telnet through BoKS version 6.7.1. Since tcpcrypt is setuid, exploitation leads to privilege escalation.

  • CVE-2019-7401CriFeb 8, 2019
    risk 0.64cvss 9.8epss 0.03

    NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a denial of service (router process crash) or possibly have unspecified other impact.

  • CVE-2019-6139CriFeb 7, 2019
    risk 0.64cvss 9.8epss 0.02

    Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnerability, upgrade to FUID version 1.3 or higher. To prevent…

  • CVE-2019-7587CriFeb 7, 2019
    risk 0.64cvss 9.8epss 0.02

    Bo-blog Wind through 1.6.0-r allows SQL Injection via the admin.php/comments/batchdel/ comID parameter because this parameter is mishandled in the mode/admin.mode.php delBlockedBatch function.

  • CVE-2019-7585CriFeb 7, 2019
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/PublicAction.class.php allows time-based SQL Injection via the param array parameter to the /index.php?m=public&a=checkemail URI.

  • CVE-2019-4008CriFeb 7, 2019
    risk 0.64cvss 9.8epss 0.02

    API Connect V2018.1 through 2018.4.1.1 is impacted by access token leak. Authorization tokens in some URLs can result in the tokens being written to log files. IBM X-Force ID: 155626.

  • CVE-2019-7568CriFeb 7, 2019
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in baijiacms V4 that can result in time-based blind SQL injection to get data via the cate parameter in an index.php?act=index request.

  • CVE-2019-3822CriFeb 6, 2019
    risk 0.65cvss 9.8epss 0.13

    libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received…

  • CVE-2019-3464CriFeb 6, 2019
    risk 0.64cvss 9.8epss 0.05

    Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.

  • CVE-2019-3463CriFeb 6, 2019
    risk 0.64cvss 9.8epss 0.05

    Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.

  • CVE-2019-1003015CriFeb 6, 2019
    risk 0.59cvss 9.1epss 0.02

    An XML external entity processing vulnerability exists in Jenkins Job Import Plugin 2.1 and earlier in src/main/java/org/jenkins/ci/plugins/jobimport/client/RestApiClient.java that allows attackers with the ability to control the HTTP server (Jenkins) queried in preparation of…

  • CVE-2018-3991CriFeb 5, 2019
    risk 0.68cvss 10.0epss 0.34

    An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40.2402.500. A specially crafted TCP packet can cause a heap overflow, potentially leading to remote code execution. An attacker can send a malformed…

  • CVE-2018-3990CriFeb 5, 2019
    risk 0.61cvss 9.3epss 0.01

    An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400). A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege…

  • CVE-2019-6523CriFeb 5, 2019
    risk 0.64cvss 9.8epss 0.02

    WebAccess/SCADA, Version 8.3. The software does not properly sanitize its inputs for SQL commands.

  • CVE-2019-6519CriFeb 5, 2019
    risk 0.64cvss 9.8epss 0.03

    WebAccess/SCADA, Version 8.3. An improper authentication vulnerability exists that could allow a possible authentication bypass allowing an attacker to upload malicious data.

  • CVE-2018-18505CriFeb 5, 2019
    risk 0.65cvss 10.0epss 0.05

    An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is…

  • CVE-2018-18504CriFeb 5, 2019
    risk 0.64cvss 9.8epss 0.02

    A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations. This results is a potentially exploitable crash and the possibility of reading from the memory of the freed buffers. This vulnerability…

  • CVE-2018-18502CriFeb 5, 2019
    risk 0.64cvss 9.8epss 0.02

    Mozilla developers and community members reported memory safety bugs present in Firefox 64. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects…

  • CVE-2018-18501CriFeb 5, 2019
    risk 0.64cvss 9.8epss 0.03

    Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This…

  • CVE-2018-18500CriFeb 5, 2019
    risk 0.65cvss 9.8epss 0.13

    A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5,…

  • CVE-2018-8800CriFeb 5, 2019
    risk 0.01cvss 9.8epss 0.07

    rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_clip_handle_data() that results in a memory corruption and probably even a remote code execution.

  • CVE-2018-8797CriFeb 5, 2019
    risk 0.01cvss 9.8epss 0.07

    rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function process_plane() that results in a memory corruption and probably even a remote code execution.

  • CVE-2018-8795CriFeb 5, 2019
    risk 0.01cvss 9.8epss 0.07

    rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and results in a memory corruption and probably even a remote code execution.