VYPR

CVEs

27,348 total · page 525 of 547

  • CVE-2016-2355CriDec 19, 2016
    risk 0.64cvss 9.8epss 0.02

    SQL injection vulnerability in the REST API in dotCMS before 3.3.2 allows remote attackers to execute arbitrary SQL commands via the stName parameter to api/content/save/1.

  • CVE-2016-9967CriDec 16, 2016
    risk 0.64cvss 9.8epss 0.02

    Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is…

  • CVE-2016-9966CriDec 16, 2016
    risk 0.64cvss 9.8epss 0.02

    Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is…

  • CVE-2016-9965CriDec 16, 2016
    risk 0.64cvss 9.8epss 0.02

    Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is…

  • CVE-2013-1430CriDec 16, 2016
    risk 0.57cvss 9.8epss 0.01

    An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the user's cleartext password, DES encrypted with a known key.

  • CVE-2016-9565CriDec 15, 2016
    risk 0.69cvss 9.8epss 0.23

    MagpieRSS, as used in the front-end component in Nagios Core before 4.2.2 might allow remote attackers to read or write to arbitrary files by spoofing a crafted response from the Nagios RSS feed server. NOTE: this vulnerability exists because of an incomplete fix for…

  • CVE-2016-7886CriDec 15, 2016
    risk 0.64cvss 9.8epss 0.06

    Adobe InDesign version 11.4.1 and earlier, Adobe InDesign Server 11.0.0 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2016-7866CriDec 15, 2016
    risk 0.68cvss 9.8epss 0.16

    Adobe Animate versions 15.2.1.95 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2016-7856CriDec 15, 2016
    risk 0.64cvss 9.8epss 0.04

    Adobe DNG Converter versions 9.7 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2014-8241CriDec 14, 2016
    risk 0.64cvss 9.8epss 0.03

    XRegion in TigerVNC allows remote VNC servers to cause a denial of service (NULL pointer dereference) by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052.

  • CVE-2016-1000156CriDec 14, 2016
    risk 0.64cvss 9.8epss 0.03

    Mailcwp remote file upload vulnerability incomplete fix v1.100

  • CVE-2016-7953CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.03

    Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string.

  • CVE-2016-7951CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.02

    Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks.

  • CVE-2016-7950CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.03

    The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths.

  • CVE-2016-7949CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.04

    Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.

  • CVE-2016-7948CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.04

    X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.

  • CVE-2016-7947CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.04

    Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.

  • CVE-2016-7944CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.03

    Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.

  • CVE-2016-7943CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.04

    The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations.

  • CVE-2016-7942CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.04

    The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.

  • CVE-2016-5407CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.05

    The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data.

  • CVE-2016-4322CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.05

    BMC BladeLogic Server Automation (BSA) before 8.7 Patch 3 allows remote attackers to bypass authentication and consequently read arbitrary files or possibly have unspecified other impact by leveraging a "logic flaw" in the authentication process.

  • CVE-2015-5073CriDec 13, 2016
    risk 0.60cvss 9.1epss 0.08

    Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular…

  • CVE-2015-3210CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.09

    Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^(?P=B)((?P=B)(?J:(?Pc)(?Pa(?P=B)))>WGXCREDITS)/, a different vulnerability than CVE-2015-8384.

  • CVE-2016-6520CriDec 13, 2016
    risk 0.59cvss 9.1epss 0.04

    Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact via vectors related to pixel cache morphology.

  • CVE-2016-5841CriDec 13, 2016
    risk 0.65cvss 9.8epss 0.13

    Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable.

  • CVE-2016-5691CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.05

    The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue.

  • CVE-2016-5690CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.05

    The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.

  • CVE-2016-5689CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.05

    The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.

  • CVE-2016-5687CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.05

    The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read.

  • CVE-2016-9427CriDec 12, 2016
    risk 0.64cvss 9.8epss 0.04

    Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation.

  • CVE-2016-9866CriDec 11, 2016
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in phpMyAdmin. When the arg_separator is different from its default & value, the CSRF token was not properly stripped from the return URL of the preference import action. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x…

  • CVE-2016-9865CriDec 11, 2016
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in phpMyAdmin. Due to a bug in serialized string parsing, it was possible to bypass the protection offered by PMA_safeUnserialize() function. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18)…

  • CVE-2016-9849CriDec 11, 2016
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in phpMyAdmin. It is possible to bypass AllowRoot restriction ($cfg['Servers'][$i]['AllowRoot']) and deny rules for username by using Null Byte in the username. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions…

  • CVE-2016-6629CriDec 11, 2016
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in phpMyAdmin involving the $cfg['ArbitraryServerRegexp'] configuration directive. An attacker could reuse certain cookie values in a way of bypassing the servers defined by ArbitraryServerRegexp. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior…

  • CVE-2016-6620CriDec 11, 2016
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in phpMyAdmin. Some data is passed to the PHP unserialize() function without verification that it's valid serialized data. The unserialization can result in code execution because of the interaction with object instantiation and autoloading. All 4.6.x…

  • CVE-2016-9832CriDec 10, 2016
    risk 0.65cvss 9.9epss 0.04

    PricewaterhouseCoopers (PwC) ACE-ABAP 8.10.304 for SAP Security allows remote authenticated users to conduct ABAP injection attacks and execute arbitrary code via (1) SAPGUI or (2) Internet Communication Framework (ICF) over HTTP or HTTPS, as demonstrated by WEBGUI or Report.

  • CVE-2016-6501CriDec 9, 2016
    risk 0.64cvss 9.8epss 0.04

    JFrog Artifactory before 4.11 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning.

  • CVE-2016-6496CriDec 9, 2016
    risk 0.64cvss 9.8epss 0.05

    The LDAP directory connector in Atlassian Crowd before 2.8.8 and 2.9.x before 2.9.5 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning.

  • CVE-2016-9013CriDec 9, 2016
    risk 0.57cvss 9.8epss 0.05

    Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging…

  • CVE-2016-6829CriDec 9, 2016
    risk 0.64cvss 9.8epss 0.02

    The trove service user in (1) Openstack deployment (aka crowbar-openstack) and (2) Trove Barclamp (aka barclamp-trove and crowbar-barclamp-trove) in the Crowbar Framework has a default password, which makes it easier for remote attackers to obtain access via unspecified vectors.

  • CVE-2016-9836CriDec 5, 2016
    risk 0.64cvss 9.8epss 0.02

    The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the `.php6`, `.php7`, `.phtml`, and `.phpt`…

  • CVE-2016-9835CriDec 5, 2016
    risk 0.64cvss 9.8epss 0.04

    Directory traversal vulnerability in file "jcss.php" in Zikula 1.3.x before 1.3.11 and 1.4.x before 1.4.4 on Windows allows a remote attacker to launch a PHP object injection by uploading a serialized file.

  • CVE-2016-9157CriDec 5, 2016
    risk 0.64cvss 9.8epss 0.03

    A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to cause a Denial of Service condition and potentially lead to unauthenticated remote code execution by sending specially crafted packets to port 19234/TCP.

  • CVE-2016-9796CriDec 3, 2016
    risk 0.68cvss 9.8epss 0.13

    Alcatel-Lucent OmniVista 8770 2.0 through 3.0 exposes different ORBs interfaces, which can be queried using the GIOP protocol on TCP port 30024. An attacker can bypass authentication, and OmniVista invokes methods (AddJobSet, AddJob, and ExecuteNow) that can be used to run…

  • CVE-2016-2944CriNov 30, 2016
    risk 0.64cvss 9.8epss 0.02

    IBM BigFix Remote Control before 9.1.3 does not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach.

  • CVE-2016-9481CriNov 29, 2016
    risk 0.64cvss 9.8epss 0.02

    In framework/modules/core/controllers/expCommentController.php of Exponent CMS 2.4.0, content_id input is passed into showComments. The method showComments is defined in the expCommentControllercontroller with the parameter '$this->params['content_id']' used directly in SQL.…

  • CVE-2016-9480CriNov 29, 2016
    risk 0.59cvss 9.1epss 0.03

    libdwarf 2016-10-21 allows context-dependent attackers to obtain sensitive information or cause a denial of service by using the "malformed dwarf file" approach, related to a "Heap Buffer Over-read" issue affecting the dwarf_util.c component, aka DW201611-006.

  • CVE-2016-9555CriNov 28, 2016
    risk 0.64cvss 9.8epss 0.09

    The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted…

  • CVE-2016-6725CriNov 25, 2016
    risk 0.64cvss 9.8epss 0.03

    A remote code execution vulnerability in the Qualcomm crypto driver in Android before 2016-11-05 could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the…