VYPR

CVEs

31,171 total · page 521 of 624

  • CVE-2018-15681CriSep 5, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in BTITeam XBTIT 2.5.4. When a user logs in, their password hash is rehashed using a predictable salt and stored in the "pass" cookie, which is not flagged as HTTPOnly. Due to the weak and predictable salt that is in place, an attacker who successfully…

  • CVE-2018-15680CriSep 5, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in BTITeam XBTIT 2.5.4. The hashed passwords stored in the xbtit_users table are stored as unsalted MD5 hashes, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack.

  • CVE-2015-9266CriSep 5, 2018
    risk 0.73cvss 9.8epss 0.74

    The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques. An attacker can exploit this vulnerability to gain root…

  • CVE-2016-1000030CriSep 5, 2018
    risk 0.57cvss 9.8epss 0.02

    Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This attack appear to be exploitable via custom X.509…

  • CVE-2018-16521CriSep 5, 2018
    risk 0.00cvss 9.8epss 0.02

    An XML External Entity (XXE) vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2.8.0.

  • CVE-2018-16518CriSep 5, 2018
    risk 0.64cvss 9.8epss 0.03

    A directory traversal vulnerability with remote code execution in Prim'X Zed! FREE through 1.0 build 186 and Zed! Limited Edition through 6.1 build 2208 allows creation of arbitrary files on a user's workstation using crafted ZED! containers because the watermark loading…

  • CVE-2018-13259CriSep 5, 2018
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.

  • CVE-2018-0502CriSep 5, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.

  • CVE-2018-0664CriSep 4, 2018
    risk 0.64cvss 9.8epss 0.02

    A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter environment variables via unspecified vectors.

  • CVE-2018-16445CriSep 4, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in SeaCMS through 6.61. SQL injection exists via the tid parameter in an adm1n/admin_topic_vod.php request.

  • CVE-2018-16444CriSep 4, 2018
    risk 0.59cvss 9.1epss 0.01

    An issue was discovered in SeaCMS 6.61. adm1n/admin_reslib.php has SSRF via the url parameter.

  • CVE-2018-16432CriSep 4, 2018
    risk 0.64cvss 9.8epss 0.01

    BlueCMS 1.6 allows SQL Injection via the user_name parameter to uploads/user.php?act=index_login.

  • CVE-2018-16428CriSep 4, 2018
    risk 0.64cvss 9.8epss 0.05

    In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.

  • CVE-2018-16402CriSep 3, 2018
    risk 0.64cvss 9.8epss 0.04

    libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice.

  • CVE-2018-16385CriSep 3, 2018
    risk 0.64cvss 9.8epss 0.02

    ThinkPHP before 5.1.23 allows SQL Injection via the public/index/index/test/index query string.

  • CVE-2018-16370CriSep 3, 2018
    risk 0.64cvss 9.8epss 0.02

    In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive.

  • CVE-2018-16367CriSep 2, 2018
    risk 0.65cvss 9.9epss 0.02

    In OnlineJudge 2.0, the sandbox has an incorrect access control vulnerability that can write a file anywhere. A user can write a directory listing to /tmp, and can leak file data with a #include.

  • CVE-2018-16354CriSep 2, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in FHCRM through 2018-02-11. There is a SQL injection via the index.php/User/read limit parameter.

  • CVE-2018-16353CriSep 2, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in FHCRM through 2018-02-11. There is a SQL injection via the /index.php/Customer/read limit parameter.

  • CVE-2018-16352CriSep 2, 2018
    risk 0.64cvss 9.8epss 0.01

    There is a PHP code upload vulnerability in WeaselCMS 0.3.6 via index.php because code can be embedded at the end of a .png file when the image/png content type is used.

  • CVE-2018-16329CriSep 1, 2018
    risk 0.64cvss 9.8epss 0.02

    In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.

  • CVE-2018-16328CriSep 1, 2018
    risk 0.64cvss 9.8epss 0.02

    In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.

  • CVE-2018-16278CriAug 31, 2018
    risk 0.64cvss 9.8epss 0.02

    phpkaiyuancms PhpOpenSourceCMS (POSCMS) V3.2.0 allows an unauthenticated user to execute arbitrary SQL commands via the diy/module/member/controllers/Api.php ajax_save_draft function with the dir parameter.

  • CVE-2018-16239CriAug 30, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in damiCMS V6.0.1. It relies on the PHP time() function for cookies, which makes it possible to determine the cookie for an existing admin session via 10800 guesses.

  • CVE-2018-15477CriAug 30, 2018
    risk 0.64cvss 9.8epss 0.02

    myStrom WiFi Switch V1 devices before 2.66 did not sanitize a parameter received from the cloud that was used in an OS command. Malicious servers were able to run operating system commands on the device.

  • CVE-2018-16159CriAug 30, 2018
    risk 0.68cvss 9.8epss 0.50

    The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php wpgv_doajax_front_template request.

  • CVE-2018-15691CriAug 30, 2018
    risk 0.68cvss 9.8epss 0.17

    Insecure deserialization of a specially crafted serialized object, in CA Release Automation 6.5 and earlier, allows attackers to potentially execute arbitrary code.

  • CVE-2018-13826CriAug 30, 2018
    risk 0.59cvss 9.1epss 0.02

    An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks.

  • CVE-2018-13824CriAug 30, 2018
    risk 0.64cvss 9.8epss 0.02

    Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute SQL injection attacks.

  • CVE-2018-13821CriAug 30, 2018
    risk 0.64cvss 9.8epss 0.03

    A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing.

  • CVE-2018-16158CriAug 30, 2018
    risk 0.69cvss 9.8epss 0.35

    Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins (to uid 0) via the…

  • CVE-2018-16115CriAug 29, 2018
    risk 0.59cvss 9.1epss 0.01

    Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. A random number generator is used in Akka Remoting for TLS (both classic and Artery Remoting). Akka allows configuration of custom random number generators. For historical…

  • CVE-2018-7791CriAug 29, 2018
    risk 0.64cvss 9.8epss 0.02

    A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to overwrite the original password with their password. If an…

  • CVE-2018-7790CriAug 29, 2018
    risk 0.64cvss 9.8epss 0.02

    An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability…

  • CVE-2018-14805CriAug 29, 2018
    risk 0.64cvss 9.8epss 0.05

    ABB eSOMS version 6.0.2 may allow unauthorized access to the system when LDAP is set to allow anonymous authentication, and specific key values within the eSOMS web.config file are present. Both conditions are required to exploit this vulnerability.

  • CVE-2018-15727CriAug 29, 2018
    risk 0.01cvss 9.8epss 0.64

    Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user.

  • CVE-2018-12829CriAug 29, 2018
    risk 0.64cvss 9.8epss 0.05

    Adobe Creative Cloud Desktop Application before 4.6.1 has an improper certificate validation vulnerability. Successful exploitation could lead to privilege escalation.

  • CVE-2018-12828CriAug 29, 2018
    risk 0.64cvss 9.8epss 0.07

    Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation.

  • CVE-2018-12825CriAug 29, 2018
    risk 0.64cvss 9.8epss 0.07

    Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability. Successful exploitation could lead to security mitigation bypass.

  • CVE-2018-12811CriAug 29, 2018
    risk 0.64cvss 9.8epss 0.06

    Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before 18.1.6 have a memory corruption vulnerability. Successful exploitation could lead to remote code execution.

  • CVE-2018-12810CriAug 29, 2018
    risk 0.64cvss 9.8epss 0.06

    Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before 18.1.6 have a memory corruption vulnerability. Successful exploitation could lead to remote code execution.

  • CVE-2018-12808CriAug 29, 2018
    risk 0.64cvss 9.8epss 0.08

    Adobe Acrobat and Reader versions 2018.011.20055 and earlier, 2017.011.30096 and earlier, and 2015.006.30434 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2018-15882CriAug 29, 2018
    risk 0.57cvss 9.8epss 0.03

    An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter.

  • CVE-2017-15398CriAug 28, 2018
    risk 0.64cvss 9.8epss 0.04

    A stack buffer overflow in the QUIC networking stack in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to gain code execution via a malicious server.

  • CVE-2018-15873CriAug 28, 2018
    risk 0.64cvss 9.8epss 0.01

    A SQL Injection issue was discovered in Sentrifugo 3.2 via the deptid parameter.

  • CVE-2018-15839CriAug 28, 2018
    risk 0.70cvss 9.8epss 0.45

    D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header.

  • CVE-2018-3904CriAug 27, 2018
    risk 0.64cvss 9.9epss 0.02

    An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a…

  • CVE-2018-15904CriAug 27, 2018
    risk 0.64cvss 9.8epss 0.01

    A10 ACOS Web Application Firewall (WAF) 2.7.1 and 2.7.2 before 2.7.2-P12, 4.1.0 before 4.1.0-P11, 4.1.1 before 4.1.1-P8, and 4.1.2 before 4.1.2-P4 mishandles the configured rules for blocking SQL injection attacks, aka A10-2017-0008.

  • CVE-2018-15894CriAug 27, 2018
    risk 0.64cvss 9.8epss 0.02

    A SQL injection was discovered in /coreframe/app/admin/pay/admin/index.php in WUZHI CMS 4.1.0 via the index.php?m=pay&f=index&v=listing keyValue parameter.

  • CVE-2018-15893CriAug 27, 2018
    risk 0.64cvss 9.8epss 0.02

    A SQL injection was discovered in /coreframe/app/admin/copyfrom.php in WUZHI CMS 4.1.0 via the index.php?m=core&f=copyfrom&v=listing keywords parameter.