VYPR

CVEs

31,171 total · page 513 of 624

  • CVE-2018-18761CriNov 16, 2018
    risk 0.68cvss 9.8epss 0.16

    SaltOS 3.1 r8126 allows action=login&querystring=&user=[SQL] SQL Injection.

  • CVE-2018-18755CriNov 16, 2018
    risk 0.67cvss 9.8epss 0.03

    K-iwi Framework 1775 has SQL Injection via the admin/user/group/update user_group_id parameter or the admin/user/user/update user_id parameter.

  • CVE-2018-16395CriNov 16, 2018
    risk 0.58cvss 9.8epss 0.11

    An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first…

  • CVE-2018-7360CriNov 16, 2018
    risk 0.62cvss 9.6epss 0.01

    All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by information exposure vulnerability, which may allow an unauthenticated attacker to get the GPON SN information via appviahttp service.

  • CVE-2018-7359CriNov 16, 2018
    risk 0.59cvss 9.0epss 0.02

    All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by heap-based buffer overflow vulnerability, which may allow an attacker to execute arbitrary code.

  • CVE-2018-8529CriNov 15, 2018
    risk 0.65cvss 9.8epss 0.13

    A remote code execution vulnerability exists when Team Foundation Server (TFS) does not enable basic authorization on the communication between the TFS and Search services, aka "Team Foundation Server Remote Code Execution Vulnerability." This affects Team.

  • CVE-2018-0694CriNov 15, 2018
    risk 0.64cvss 9.8epss 0.02

    FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors.

  • CVE-2018-0684CriNov 15, 2018
    risk 0.64cvss 9.8epss 0.04

    Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R3.0 and earlier, Denbun IMAP version V3.3I R3.0 and earlier) allows remote attackers to execute arbitrary code or cause a denial-of-service (DoS) condition via multipart/form-data format data.

  • CVE-2018-0683CriNov 15, 2018
    risk 0.64cvss 9.8epss 0.04

    Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote attackers to execute arbitrary code or cause a denial-of-service (DoS) condition via Cookie data.

  • CVE-2018-0682CriNov 15, 2018
    risk 0.64cvss 9.8epss 0.02

    Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) does not properly manage sessions, which allows remote attackers to read/send mail or change the configuration via unspecified vectors.

  • CVE-2018-0681CriNov 15, 2018
    risk 0.64cvss 9.8epss 0.02

    Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) uses hard-coded credentials, which may allow remote attackers to login to the Management page and change the configuration.

  • CVE-2018-0680CriNov 15, 2018
    risk 0.64cvss 9.8epss 0.02

    Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) uses hard-coded credentials, which may allow remote attackers to read/send mail or change the configuration.

  • CVE-2018-19281CriNov 14, 2018
    risk 0.00cvss 9.8epss 0.02

    Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.27) allows SNMP trap SQL Injection.

  • CVE-2018-5495CriNov 14, 2018
    risk 0.64cvss 9.8epss 0.02

    All StorageGRID Webscale versions are susceptible to a vulnerability which could permit an unauthenticated attacker to communicate with systems on the same network as the StorageGRID Webscale Admin Node via HTTP or to take over services on the Admin Node.

  • CVE-2018-9580CriNov 14, 2018
    risk 0.64cvss 9.8epss 0.00

    A Elevation of privilege vulnerability in the HTC bootloader. Product: Android. Versions: Android kernel. Android ID: A-76222002.

  • CVE-2018-15708CriNov 14, 2018
    risk 0.74cvss 9.8epss 0.89

    Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated attackers to execute arbitrary commands via a crafted HTTP request.

  • CVE-2018-17472CriNov 14, 2018
    risk 0.63cvss 9.6epss 0.01

    Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the sandbox via a crafted HTML page.

  • CVE-2018-17462CriNov 14, 2018
    risk 0.63cvss 9.6epss 0.01

    Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page.

  • CVE-2018-8476CriNov 14, 2018
    risk 0.69cvss 9.8epss 0.63

    A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory, aka "Windows Deployment Services TFTP Server Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows…

  • CVE-2018-16850CriNov 13, 2018
    risk 0.64cvss 9.8epss 0.05

    postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges.

  • CVE-2018-19222CriNov 12, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in LAOBANCMS 2.0. It allows a /install/mysql_hy.php?riqi=0&i=0 attack to reset the admin password, even if install.txt exists.

  • CVE-2018-19221CriNov 12, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via the admin/login.php guanliyuan parameter.

  • CVE-2018-19220CriNov 12, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to execute arbitrary PHP code via the host parameter to the install/ URI.

  • CVE-2018-19207CriNov 12, 2018
    risk 0.74cvss 9.8epss 0.87

    The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before 1.4.3 for WordPress allows remote attackers to execute arbitrary code because $wpdb->prepare() input is mishandled, as exploited in the wild in November 2018.

  • CVE-2018-19199CriNov 12, 2018
    risk 0.00cvss 9.8epss 0.02

    An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery* or uriComposeQueryEx* function because of an unchecked multiplication.

  • CVE-2018-19198CriNov 12, 2018
    risk 0.00cvss 9.8epss 0.02

    An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.

  • CVE-2018-19196CriNov 12, 2018
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in XiaoCms 20141229. It allows remote attackers to execute arbitrary code by using the type parameter to bypass the standard admin\controller\uploadfile.php restrictions on uploaded file types (jpg, jpeg, bmp, png, gif), as demonstrated by an…

  • CVE-2018-19185CriNov 12, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different dataSetValue sequence than the CVE-2018-18834 attack vector.

  • CVE-2018-19180CriNov 11, 2018
    risk 0.64cvss 9.8epss 0.02

    statics/app/index/controller/Install.php in YUNUCMS 1.1.5 (if install.lock is not present) allows remote attackers to execute arbitrary PHP code by placing this code in the index.php?s=index/install/setup2 DB_PREFIX field, which is written to database.php.

  • CVE-2018-19168CriNov 11, 2018
    risk 0.64cvss 9.8epss 0.07

    Shell Metacharacter Injection in www/modules/save.php in FruityWifi (aka PatatasFritas/PatataWifi) through 2.4 allows remote attackers to execute arbitrary code with root privileges via a crafted mod_name parameter in a POST request. NOTE: unlike in CVE-2018-17317, the attacker…

  • CVE-2018-19127CriNov 9, 2018
    risk 0.65cvss 9.8epss 0.21

    A code injection vulnerability in /type.php in PHPCMS 2008 allows attackers to write arbitrary content to a website cache file with a controllable filename, leading to arbitrary code execution. The PHP code is sent via the template parameter, and is written to a…

  • CVE-2018-19126CriNov 9, 2018
    risk 0.05cvss 9.8epss 0.23

    PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to execute arbitrary code via a file upload.

  • CVE-2018-19115CriNov 8, 2018
    risk 0.00cvss 9.8epss 0.04

    keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the…

  • CVE-2018-15439CriNov 8, 2018
    risk 0.71cvss 9.8epss 0.50

    A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device. The vulnerability exists because under specific circumstances, the affected software enables a…

  • CVE-2018-15394CriNov 8, 2018
    risk 0.64cvss 9.8epss 0.04

    A vulnerability in the Stealthwatch Management Console (SMC) of Cisco Stealthwatch Enterprise could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected system. The vulnerability is due to…

  • CVE-2018-15381CriNov 8, 2018
    risk 0.71cvss 9.8epss 0.87

    A Java deserialization vulnerability in Cisco Unity Express (CUE) could allow an unauthenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insecure deserialization of user-supplied content by the…

  • CVE-2018-19082CriNov 7, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to conduct stack-based buffer overflow attacks via the IPv4Address field.

  • CVE-2018-19081CriNov 7, 2018
    risk 0.64cvss 9.8epss 0.05

    An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to execute arbitrary OS commands via the IPv4Address field.

  • CVE-2018-19078CriNov 7, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The response to an ONVIF media GetStreamUri request contains the administrator username and password.

  • CVE-2018-19076CriNov 7, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The FTP and RTSP services make it easier for attackers to conduct brute-force…

  • CVE-2018-19069CriNov 7, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for the root user…

  • CVE-2018-19067CriNov 7, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. There is a hardcoded Ak47@99 password for the factory~ account.

  • CVE-2018-19064CriNov 7, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ftpuser1 account has a blank password, which cannot be changed.

  • CVE-2018-19063CriNov 7, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The admin account has a blank password.

  • CVE-2018-19061CriNov 7, 2018
    risk 0.64cvss 9.8epss 0.02

    DedeCMS 5.7 SP2 has SQL Injection via the dede\co_do.php ids parameter.

  • CVE-2018-18590CriNov 7, 2018
    risk 0.62cvss 9.6epss 0.01

    A potential remote code execution and information disclosure vulnerability exists in Micro Focus Operations Bridge containerized suite versions 2017.11, 2018.02, 2018.05, 2018.08. This vulnerability could allow for information disclosure.

  • CVE-2018-8021CriNov 7, 2018
    risk 0.00cvss 9.8epss 0.54

    Versions of Superset prior to 0.23 used an unsafe load method from the pickle library to deserialize data leading to possible remote code execution. Note Superset 0.23 was released prior to any Superset release under the Apache Software Foundation.

  • CVE-2018-19047CriNov 7, 2018
    risk 0.65cvss 10.0epss 0.02

    mPDF through 7.1.6, if deployed as a web application that accepts arbitrary HTML, allows SSRF, as demonstrated by a '<img src="http://192.168' substring that triggers a call to getImage in Image/ImageProcessor.php. NOTE: the software maintainer disputes this, stating "If you…

  • CVE-2018-14667CriKEVNov 6, 2018
    risk 0.11cvss 9.8epss 0.74

    The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via…

  • CVE-2018-9446CriNov 6, 2018
    risk 0.64cvss 9.8epss 0.02

    In smp_br_state_machine_event of smp_br_main.cc, there is a possible out of bounds write due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:…