VYPR

CVEs

30,288 total · page 541 of 606

  • CVE-2017-1000480CriJan 3, 2018
    risk 0.64cvss 9.8epss 0.03

    Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name.

  • CVE-2017-1000501CriJan 3, 2018
    risk 0.00cvss 9.8epss 0.04

    Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.

  • CVE-2017-1000497CriJan 3, 2018
    risk 0.64cvss 9.8epss 0.03

    Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution

  • CVE-2017-18017CriJan 3, 2018
    risk 0.04cvss 9.8epss 0.52

    The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the…

  • CVE-2017-1000493CriJan 3, 2018
    risk 0.00cvss 9.8epss 0.02

    Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover

  • CVE-2017-1000437CriJan 2, 2018
    risk 0.64cvss 9.8epss 0.04

    Creolabs Gravity 1.0 contains a stack based buffer overflow in the operator_string_add function, resulting in remote code execution.

  • CVE-2017-1000430CriJan 2, 2018
    risk 0.57cvss 9.8epss 0.02

    rust-base64 version <= 0.5.1 is vulnerable to a buffer overflow when calculating the size of a buffer to use when encoding base64 using the 'encode_config_buf' and 'encode_config' functions

  • CVE-2017-1000423CriJan 2, 2018
    risk 0.00cvss 9.8epss 0.02

    b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's setup.

  • CVE-2017-1000421CriJan 2, 2018
    risk 0.64cvss 9.8epss 0.03

    Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function resulting potential code execution

  • CVE-2017-1000458CriJan 2, 2018
    risk 0.00cvss 9.8epss 0.02

    Bro before Bro v2.5.2 is vulnerable to an out of bounds write in the ContentLine analyzer allowing remote attackers to cause a denial of service (crash) and possibly other exploitation.

  • CVE-2017-1000453CriJan 2, 2018
    risk 0.64cvss 9.8epss 0.02

    CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code execution.

  • CVE-2017-17098CriJan 2, 2018
    risk 0.67cvss 9.8epss 0.07

    The writeLog function in fn_common.php in gps-server.net GPS Tracking Software (self hosted) through 3.0 allows remote attackers to inject arbitrary PHP code via a crafted request that is mishandled during admin log viewing, as demonstrated by <?php system($_GET[cmd]); ?> in a…

  • CVE-2017-17097CriJan 2, 2018
    risk 0.67cvss 9.8epss 0.07

    gps-server.net GPS Tracking Software (self hosted) 2.x has a password reset procedure that immediately resets passwords upon an unauthenticated request, and then sends e-mail with a predictable (date-based) password to the admin, which makes it easier for remote attackers to…

  • CVE-2017-1000444CriJan 2, 2018
    risk 0.00cvss 9.8epss 0.03

    Eleix Openhacker version 0.1.47 is vulnerable to an SQL injection in the account registration and login component resulting in information disclosure and remote code execution

  • CVE-2018-3813CriJan 1, 2018
    risk 0.64cvss 9.8epss 0.01

    getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control, as demonstrated by reading the AVI_USER_ID and AVI_USER_PASSWORD fields via a direct request.

  • CVE-2018-3811CriJan 1, 2018
    risk 0.70cvss 9.8epss 0.43

    SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords() function in smartgooglecode.php did not use prepared statements…

  • CVE-2018-3810CriJan 1, 2018
    risk 0.74cvss 9.8epss 0.91

    Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The…

  • CVE-2017-18001CriDec 31, 2017
    risk 0.68cvss 9.8epss 0.14

    Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI.

  • CVE-2017-17992CriDec 30, 2017
    risk 0.64cvss 9.8epss 0.02

    Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action.

  • CVE-2014-9515CriDec 29, 2017
    risk 0.57cvss 9.8epss 0.06

    Dozer improperly uses a reflection-based approach to type conversion, which might allow remote attackers to execute arbitrary code via a crafted serialized object.

  • CVE-2014-3630CriDec 29, 2017
    risk 0.64cvss 9.8epss 0.03

    XML external entity (XXE) vulnerability in the Java XML processing functionality in Play before 2.2.6 and 2.3.x before 2.3.5 might allow remote attackers to read arbitrary files, cause a denial of service, or have unspecified other impact via crafted XML data.

  • CVE-2014-0121CriDec 29, 2017
    risk 0.57cvss 9.8epss 0.04

    The admin terminal in Hawt.io does not require authentication, which allows remote attackers to execute arbitrary commands via the k parameter.

  • CVE-2017-17974CriDec 29, 2017
    risk 0.64cvss 9.8epss 0.02

    BA SYSTEMS BAS Web on BAS920 devices (with Firmware 01.01.00*, HTTPserv 00002, and Script 02.*) and ISC2000 devices allows remote attackers to obtain sensitive information via a request for isc/get_sid_js.aspx or isc/get_sid.aspx, as demonstrated by obtaining administrative…

  • CVE-2017-17968CriDec 29, 2017
    risk 0.70cvss 9.8epss 0.39

    A buffer overflow vulnerability in NetTransport.exe in NetTransport Download Manager 2.96L and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long HTTP response.

  • CVE-2014-4914CriDec 29, 2017
    risk 0.64cvss 9.8epss 0.02

    The Zend_Db_Select::order function in Zend Framework before 1.12.7 does not properly handle parentheses, which allows remote attackers to conduct SQL injection attacks via unspecified vectors.

  • CVE-2017-17959CriDec 28, 2017
    risk 0.64cvss 9.8epss 0.01

    PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the seller-view.php usid parameter.

  • CVE-2017-17957CriDec 28, 2017
    risk 0.64cvss 9.8epss 0.01

    PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter.

  • CVE-2017-17951CriDec 28, 2017
    risk 0.64cvss 9.8epss 0.01

    PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter.

  • CVE-2017-5641CriDec 28, 2017
    risk 0.58cvss 9.8epss 0.21

    Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types…

  • CVE-2017-17932CriDec 28, 2017
    risk 0.71cvss 9.8epss 0.53

    A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on the victim machine/computer via a long string to TCP port 888.

  • CVE-2014-8389CriDec 28, 2017
    risk 0.68cvss 9.8epss 0.50

    cgi-bin/mft/wireless_mft.cgi in AirLive BU-2015 with firmware 1.03.18 16.06.2014, AirLive BU-3026 with firmware 1.43 21.08.2014, AirLive MD-3025 with firmware 1.81 21.08.2014, AirLive WL-2000CAM with firmware LM.1.6.18 14.10.2011, and AirLive POE-200CAM v2 with firmware…

  • CVE-2015-7669CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.07

    Multiple directory traversal vulnerabilities in (1) includes/MapImportCSV2.php and (2) includes/MapImportCSV.php in the Easy2Map plugin before 1.3.0 for WordPress allow remote attackers to include and execute arbitrary files via the csvfile parameter related to "upload file…

  • CVE-2015-6237CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.02

    The RPC service in Tripwire (formerly nCircle) IP360 VnE Manager 7.2.2 before 7.2.6 allows remote attackers to bypass authentication and (1) enumerate users, (2) reset passwords, or (3) manipulate IP filter restrictions via crafted "privileged commands."

  • CVE-2017-9944CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.03

    A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions < V2.03. The integrated web server (port 80/tcp) of the affected devices could allow an unauthenticated remote attacker to perform administrative operations over the network.

  • CVE-2017-17931CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.01

    PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter.

  • CVE-2017-17928CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.01

    PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter.

  • CVE-2017-17906CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.01

    PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter.

  • CVE-2017-17900CriDec 27, 2017
    risk 0.57cvss 9.8epss 0.02

    SQL injection vulnerability in fourn/index.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the socid parameter.

  • CVE-2017-17899CriDec 27, 2017
    risk 0.57cvss 9.8epss 0.02

    SQL injection vulnerability in adherents/subscription/info.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the rowid parameter.

  • CVE-2017-17897CriDec 27, 2017
    risk 0.57cvss 9.8epss 0.02

    SQL injection vulnerability in comm/multiprix.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.

  • CVE-2017-17895CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.01

    Readymade Job Site Script has SQL Injection via the location_name array parameter to the /job URI.

  • CVE-2017-17892CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.01

    Readymade Video Sharing Script has SQL Injection via the viewsubs.php chnlid parameter or the search_video.php search parameter.

  • CVE-2017-17878CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters are truncated because of the default use of DES (aka the CONFIG_FEATURE_DEFAULT_PASSWD_ALGO="des" setting).

  • CVE-2017-17877CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered in Valve Steam Link build 643. When the SSH daemon is enabled for local development, the device is publicly available via IPv6 TCP port 22 over the internet (with stateless address autoconfiguration) by default, which makes it easier for remote attackers…

  • CVE-2017-17875CriDec 27, 2017
    risk 0.67cvss 9.8epss 0.03

    The JEXTN FAQ Pro extension 4.0.0 for Joomla! has SQL Injection via the id parameter in a view=category action.

  • CVE-2017-17873CriDec 27, 2017
    risk 0.67cvss 9.8epss 0.03

    Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI.

  • CVE-2017-17872CriDec 27, 2017
    risk 0.67cvss 9.8epss 0.03

    The JEXTN Video Gallery extension 3.0.5 for Joomla! has SQL Injection via the id parameter in a view=category action.

  • CVE-2017-17871CriDec 27, 2017
    risk 0.67cvss 9.8epss 0.03

    The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter.

  • CVE-2017-17870CriDec 27, 2017
    risk 0.67cvss 9.8epss 0.03

    The JBuildozer extension 1.4.1 for Joomla! has SQL Injection via the appid parameter in an entriessearch action.

  • CVE-2017-17849CriDec 27, 2017
    risk 0.68cvss 9.8epss 0.19

    A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long response.