VYPR

CVEs

31,171 total · page 515 of 624

  • CVE-2018-18728CriOct 29, 2018
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. They allow remote code execution via shell metacharacters in the usbName field to the __fastcall function with a POST request.

  • CVE-2018-18705CriOct 29, 2018
    risk 0.64cvss 9.8epss 0.02

    PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the index.php user parameter associated with LOGIN.php, or the rno parameter to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php.

  • CVE-2018-18704CriOct 29, 2018
    risk 0.64cvss 9.8epss 0.02

    PhpTpoint Pharmacy Management System suffers from a SQL injection vulnerability in the index.php username parameter.

  • CVE-2018-18702CriOct 29, 2018
    risk 0.64cvss 9.8epss 0.01

    spider.admincp.php in iCMS v7.0.11 allows SQL injection via admincp.php?app=spider&do=import_rule because the upfile content is base64 decoded, deserialized, and used for database insertion.

  • CVE-2016-10734CriOct 29, 2018
    risk 0.64cvss 9.8epss 0.02

    ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log.export.php.

  • CVE-2016-10733CriOct 29, 2018
    risk 0.64cvss 9.8epss 0.02

    ProjectSend (formerly cFTP) r582 allows directory traversal via file=../ in the process-zip-download.php query string.

  • CVE-2016-10732CriOct 29, 2018
    risk 0.64cvss 9.8epss 0.02

    ProjectSend (formerly cFTP) r582 allows authentication bypass via a direct request for users.php, home.php, edit-file.php?file_id=1, or process-zip-download.php, or add_user_form_* parameters to users-add.php.

  • CVE-2016-10731CriOct 29, 2018
    risk 0.64cvss 9.8epss 0.01

    ProjectSend (formerly cFTP) r582 allows SQL injection via manage-files.php with the request parameter status, manage-files.php with the request parameter files, clients.php with the request parameter selected_clients, clients.php with the request parameter status,…

  • CVE-2018-8955CriOct 24, 2018
    risk 0.64cvss 9.8epss 0.04

    The installer for BitDefender GravityZone relies on an encoded string in a filename to determine the URL for installation metadata, which allows remote attackers to execute arbitrary code by changing the filename while leaving the file's digital signature unchanged.

  • CVE-2018-17903CriOct 24, 2018
    risk 0.59cvss 9.1epss 0.02

    SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command forgery.

  • CVE-2018-15751CriOct 24, 2018
    risk 0.57cvss 9.8epss 0.05

    SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi).

  • CVE-2018-13342CriOct 24, 2018
    risk 0.64cvss 9.8epss 0.01

    The server API in the Anda app relies on hardcoded credentials.

  • CVE-2018-18476CriOct 24, 2018
    risk 0.57cvss 9.8epss 0.02

    mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it removes default string escaping for affected database columns.

  • CVE-2018-11792CriOct 24, 2018
    risk 0.64cvss 9.8epss 0.02

    In Apache Impala before 3.0.1, ALTER TABLE/VIEW RENAME required ALTER on the old table. This may pose a potential security risk, such as having ALTER on a table and ALL on a particular database allows a user to move the table to a database with ALL, which will automatically…

  • CVE-2018-18475CriOct 23, 2018
    risk 0.65cvss 9.8epss 0.22

    Zoho ManageEngine OpManager before 12.3 build 123214 allows Unrestricted Arbitrary File Upload.

  • CVE-2018-17448CriOct 23, 2018
    risk 0.64cvss 9.8epss 0.02

    An Incorrect Access Control issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

  • CVE-2018-17446CriOct 23, 2018
    risk 0.64cvss 9.8epss 0.02

    A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

  • CVE-2018-17445CriOct 23, 2018
    risk 0.65cvss 9.8epss 0.11

    A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

  • CVE-2018-15497CriOct 23, 2018
    risk 0.64cvss 9.8epss 0.05

    The Mitel MiVoice 5330e VoIP device is affected by memory corruption flaws in the SIP/SDP packet handling functionality. An attacker can exploit this issue remotely, by sending a particular pattern of SIP/SDP packets, to cause a denial of service state in the affected devices…

  • CVE-2018-18628CriOct 23, 2018
    risk 0.57cvss 9.8epss 0.05

    An issue was discovered in Pippo 1.11.0. The function SerializationSessionDataTranscoder.decode() calls ObjectInputStream.readObject() to deserialize a SessionData object without checking the object types. An attacker can create a malicious object, base64 encode it, and place it…

  • CVE-2018-14816CriOct 23, 2018
    risk 0.64cvss 9.8epss 0.04

    Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabilities that have been identified, which may allow an attacker to execute arbitrary code.

  • CVE-2018-14806CriOct 23, 2018
    risk 0.64cvss 9.8epss 0.05

    Advantech WebAccess 8.3.1 and earlier has a path traversal vulnerability which may allow an attacker to execute arbitrary code.

  • CVE-2017-18349CriOct 23, 2018
    risk 0.60cvss 9.8epss 0.39

    parseObject in Fastjson before 1.2.25, as used in FastjsonEngine in Pippo 1.11.0 and other products, allows remote attackers to execute arbitrary code via a crafted JSON request, as demonstrated by a crafted rmi:// URI in the dataSourceName field of HTTP POST data to the Pippo…

  • CVE-2018-13114CriOct 22, 2018
    risk 0.64cvss 9.8epss 0.02

    Missing authentication and improper input validation in KERUI Wifi Endoscope Camera (YPC99) allow an attacker to execute arbitrary commands (with a length limit of 19 characters) via the "ssid" value, as demonstrated by ssid:;ping 192.168.1.2 in the body of a SETSSID command.

  • CVE-2018-18546CriOct 21, 2018
    risk 0.57cvss 9.8epss 0.02

    ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable.

  • CVE-2018-12671CriOct 19, 2018
    risk 0.64cvss 9.8epss 0.01

    An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) web interface can disclose information about the camera including all password sets set within the camera. This information can then be used to gain…

  • CVE-2018-12670CriOct 19, 2018
    risk 0.64cvss 9.8epss 0.03

    SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow OS Command Injection.

  • CVE-2018-12668CriOct 19, 2018
    risk 0.64cvss 9.8epss 0.02

    SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices have a Hard-coded Password.

  • CVE-2018-12667CriOct 19, 2018
    risk 0.64cvss 9.8epss 0.01

    The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) is affected by an improper authentication vulnerability that allows requests to be made to back-end CGI scripts without a valid session. This vulnerability could be used to read and…

  • CVE-2018-12666CriOct 19, 2018
    risk 0.64cvss 9.8epss 0.02

    SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B devices improperly identifies users only by the authentication level sent in the cookies, which allow remote attackers to bypass authentication and gain administrator access by setting the authLevel cookie to 255.

  • CVE-2018-18531CriOct 19, 2018
    risk 0.64cvss 9.8epss 0.01

    text/impl/DefaultTextCreator.java, text/impl/ChineseTextProducer.java, and text/impl/FiveLetterFirstNameTextCreator.java in kaptcha 2.3.2 use the Random (rather than SecureRandom) function for generating CAPTCHA values, which makes it easier for remote attackers to bypass…

  • CVE-2018-18530CriOct 19, 2018
    risk 0.64cvss 9.8epss 0.01

    ThinkPHP 5.1.25 has SQL Injection via the count parameter because the library/think/db/Query.php aggregate function mishandles the aggregate variable. NOTE: a backquote character is required in the attack URI.

  • CVE-2018-18529CriOct 19, 2018
    risk 0.64cvss 9.8epss 0.01

    ThinkPHP 3.2.4 has SQL Injection via the count parameter because the Library/Think/Db/Driver/Mysql.class.php parseKey function mishandles the key variable. NOTE: a backquote character is not required in the attack URI.

  • CVE-2018-18527CriOct 19, 2018
    risk 0.64cvss 9.8epss 0.02

    OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter.

  • CVE-2018-18396CriOct 19, 2018
    risk 0.64cvss 9.8epss 0.02

    Remote Code Execution in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

  • CVE-2018-18395CriOct 19, 2018
    risk 0.64cvss 9.8epss 0.02

    Hidden Token Access in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

  • CVE-2018-18394CriOct 19, 2018
    risk 0.64cvss 9.8epss 0.01

    Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

  • CVE-2018-18393CriOct 19, 2018
    risk 0.64cvss 9.8epss 0.01

    Password Management Issue in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

  • CVE-2018-4013CriOct 19, 2018
    risk 0.64cvss 9.8epss 0.09

    An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger…

  • CVE-2018-15758CriOct 18, 2018
    risk 0.56cvss 9.6epss 0.02

    Spring Security OAuth, versions 2.3 prior to 2.3.4, and 2.2 prior to 2.2.3, and 2.1 prior to 2.1.3, and 2.0 prior to 2.0.16, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can craft a request…

  • CVE-2018-18488CriOct 18, 2018
    risk 0.64cvss 9.8epss 0.01

    In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL Injection exists via the ids[] parameter.

  • CVE-2018-18486CriOct 18, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in PHPSHE 1.7. SQL injection exists via the admin.php?mod=user&act=del user_id[] parameter.

  • CVE-2018-14807CriOct 18, 2018
    risk 0.64cvss 9.8epss 0.03

    A stack-based buffer overflow vulnerability in Opto 22 PAC Control Basic and PAC Control Professional versions R10.0a and prior may allow remote code execution.

  • CVE-2015-4633CriOct 18, 2018
    risk 0.67cvss 9.8epss 0.06

    Multiple SQL injection vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow (1) remote attackers to execute arbitrary SQL commands via the number parameter to opac-tags_subject.pl in the OPAC interface or (2)…

  • CVE-2018-1822CriOct 18, 2018
    risk 0.64cvss 9.8epss 0.03

    IBM FlashSystem 900 product GUI allows a specially crafted attack to bypass the authentication requirements of the system, resulting in the ability to remotely change the superuser password. This can be used by an attacker to gain administrative control or to deny service. IBM…

  • CVE-2018-5188CriOct 18, 2018
    risk 0.64cvss 9.8epss 0.04

    Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird <…

  • CVE-2018-5187CriOct 18, 2018
    risk 0.64cvss 9.8epss 0.03

    Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60, Firefox ESR <…

  • CVE-2018-5186CriOct 18, 2018
    risk 0.64cvss 9.8epss 0.02

    Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 61.

  • CVE-2018-5156CriOct 18, 2018
    risk 0.64cvss 9.8epss 0.04

    A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox…

  • CVE-2018-12387CriOct 18, 2018
    risk 0.60cvss 9.1epss 0.10

    A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the…