VYPR

CVEs

31,277 total · page 555 of 626

  • CVE-2017-5821CriFeb 15, 2018
    risk 0.65cvss 9.8epss 0.17

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

  • CVE-2017-5820CriFeb 15, 2018
    risk 0.65cvss 9.8epss 0.19

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

  • CVE-2017-5819CriFeb 15, 2018
    risk 0.65cvss 9.8epss 0.19

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

  • CVE-2017-5817CriFeb 15, 2018
    risk 0.73cvss 9.8epss 0.83

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

  • CVE-2017-5816CriFeb 15, 2018
    risk 0.74cvss 9.8epss 0.86

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

  • CVE-2017-5815CriFeb 15, 2018
    risk 0.69cvss 9.8epss 0.34

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

  • CVE-2017-5814CriFeb 15, 2018
    risk 0.64cvss 9.8epss 0.09

    A remote sql injection authentication bypass in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.

  • CVE-2017-5810CriFeb 15, 2018
    risk 0.64cvss 9.8epss 0.05

    A remote sql injection vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.

  • CVE-2017-5807CriFeb 15, 2018
    risk 0.65cvss 9.8epss 0.22

    A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.

  • CVE-2017-5806CriFeb 15, 2018
    risk 0.66cvss 9.8epss 0.23

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.

  • CVE-2017-5805CriFeb 15, 2018
    risk 0.66cvss 9.8epss 0.23

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.

  • CVE-2017-5804CriFeb 15, 2018
    risk 0.66cvss 9.8epss 0.23

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.

  • CVE-2017-5802CriFeb 15, 2018
    risk 0.64cvss 9.8epss 0.02

    A Remote Gain Privileged Access vulnerability in HPE Vertica Analytics Platform version v4.1 and later was found.

  • CVE-2017-5792CriFeb 15, 2018
    risk 0.69cvss 9.8epss 0.35

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.

  • CVE-2017-5790CriFeb 15, 2018
    risk 0.65cvss 9.8epss 0.18

    A remote deserialization of untrusted data vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found.

  • CVE-2017-12561CriFeb 15, 2018
    risk 0.66cvss 9.8epss 0.31

    A remote code execution vulnerability in HPE intelligent Management Center (iMC) PLAT version Plat 7.3 E0504P4 and earlier was found.

  • CVE-2017-12558CriFeb 15, 2018
    risk 0.67cvss 9.8epss 0.38

    A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.

  • CVE-2017-12557CriFeb 15, 2018
    risk 0.73cvss 9.8epss 0.80

    A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.

  • CVE-2017-12556CriFeb 15, 2018
    risk 0.67cvss 9.8epss 0.38

    A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.

  • CVE-2017-12542CriFeb 15, 2018
    risk 0.76cvss 10.0epss 0.99

    A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found.

  • CVE-2016-8519CriFeb 15, 2018
    risk 0.66cvss 9.8epss 0.28

    A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found.

  • CVE-2016-8512CriFeb 15, 2018
    risk 0.64cvss 9.8epss 0.06

    A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found.

  • CVE-2016-8511CriFeb 15, 2018
    risk 0.65cvss 9.8epss 0.16

    A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java Deserialization version v9.1x, v9.2x, v10.00, v10.00.01, v10.00.02, v10.10, v10.11, v10.11.01, v10.20 was found.

  • CVE-2011-4973CriFeb 15, 2018
    risk 0.64cvss 9.8epss 0.01

    Authentication bypass vulnerability in mod_nss 1.0.8 allows remote attackers to assume the identity of a valid user by using their certificate and entering 'password' as the password.

  • CVE-2018-7054CriFeb 15, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits. NOTE: this issue exists because of an incomplete fix for CVE-2017-7191.

  • CVE-2018-7053CriFeb 15, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when SASL messages are received in an unexpected order.

  • CVE-2017-17301CriFeb 15, 2018
    risk 0.64cvss 9.8epss 0.01

    Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01,…

  • CVE-2018-5440CriFeb 15, 2018
    risk 0.64cvss 9.8epss 0.03

    A Stack-based Buffer Overflow issue was discovered in 3S-Smart CODESYS Web Server. Specifically: all Microsoft Windows (also WinCE) based CODESYS web servers running stand-alone Version 2.3, or as part of the CODESYS runtime system running prior to Version V1.1.9.19. A crafted…

  • CVE-2018-7039CriFeb 14, 2018
    risk 0.64cvss 9.8epss 0.01

    CCN-lite 2.0.0 Beta allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because the ccnl_ndntlv_prependBlob function in ccnl-pkt-ndntlv.c can be called with wrong arguments. Specifically, there is an incorrect integer…

  • CVE-2017-18187CriFeb 14, 2018
    risk 0.00cvss 9.8epss 0.03

    In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c.

  • CVE-2018-1287CriFeb 14, 2018
    risk 0.64cvss 9.8epss 0.03

    In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI based), jmeter server binds RMI Registry to wildcard host. This could allow an attacker to get Access to JMeterEngine and send unauthorized code.

  • CVE-2018-5459CriFeb 13, 2018
    risk 0.64cvss 9.8epss 0.03

    An Improper Authentication issue was discovered in WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X and 2.4.X. An attacker can execute different unauthenticated remote operations because of the CoDeSys Runtime application, which is available via network by default on Port…

  • CVE-2018-6953CriFeb 13, 2018
    risk 0.64cvss 9.8epss 0.02

    In CCN-lite 2, the Parser of NDNTLV does not verify whether a certain component's length field matches the actual component length, which has a resultant buffer overflow and out-of-bounds memory accesses.

  • CVE-2018-1383CriFeb 13, 2018
    risk 0.59cvss 9.1epss 0.03

    A software logic bug creates a vulnerability in an AIX 6.1, 7.1, and 7.2 daemon which could allow a user with root privileges on one system, to obtain root access on another machine. IBM X-force ID: 138117.

  • CVE-2018-6948CriFeb 13, 2018
    risk 0.64cvss 9.8epss 0.02

    In CCN-lite 2, the function ccnl_prefix_to_str_detailed can cause a buffer overflow, when writing a prefix to the buffer buf. The maximal size of the prefix is CCNL_MAX_PREFIX_SIZE; the buffer has the size CCNL_MAX_PREFIX_SIZE. However, when NFN is enabled, additional characters…

  • CVE-2018-6928CriFeb 13, 2018
    risk 0.64cvss 9.8epss 0.02

    PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term.

  • CVE-2018-0488CriFeb 13, 2018
    risk 0.64cvss 9.8epss 0.05

    ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the truncated HMAC extension and CBC are used, allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption) via a crafted application packet within a TLS or DTLS session.

  • CVE-2018-0487CriFeb 13, 2018
    risk 0.64cvss 9.8epss 0.03

    ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session.

  • CVE-2018-6911CriFeb 13, 2018
    risk 0.68cvss 9.8epss 0.13

    The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess 8.3.0 allows remote attackers to execute arbitrary OS commands via a single argument (aka the command parameter).

  • CVE-2018-6292CriFeb 13, 2018
    risk 0.64cvss 9.8epss 0.04

    Remote Code Execution in Saperion Web Client version 7.5.2 83166.

  • CVE-2018-1297CriFeb 13, 2018
    risk 0.65cvss 9.8epss 0.10

    When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code.

  • CVE-2017-13229CriFeb 12, 2018
    risk 0.64cvss 9.8epss 0.02

    A remote code execution vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68160703.

  • CVE-2018-6893CriFeb 12, 2018
    risk 0.64cvss 9.8epss 0.03

    controllers/member/Api.php in dayrui FineCms 5.2.0 has SQL Injection: a request with s=member,c=api,m=checktitle, and the parameter 'module' with a SQL statement, lacks effective filtering.

  • CVE-2018-6863CriFeb 12, 2018
    risk 0.64cvss 9.8epss 0.02

    SQL Injection exists in PHP Scripts Mall Select Your College Script 2.0.2 via a Login Parameter.

  • CVE-2018-6892CriFeb 11, 2018
    risk 0.74cvss 9.8epss 0.94

    An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the…

  • CVE-2017-18174CriFeb 11, 2018
    risk 0.00cvss 9.8epss 0.03

    In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free.

  • CVE-2018-1000060CriFeb 9, 2018
    risk 0.00cvss 9.8epss 0.02

    Sensu, Inc. Sensu Core version Before 1.2.0 & before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b contains a CWE-522 vulnerability in Sensu::Utilities.redact_sensitive() that can result in sensitive configuration data (e.g. passwords) may be logged in clear-text. This attack…

  • CVE-2018-1000059CriFeb 9, 2018
    risk 0.64cvss 9.8epss 0.02

    ValidFormBuilder version 4.5.4 contains a PHP Object Injection vulnerability in Valid Form unserialize method that can result in Possible to execute unauthorised system commands remotely and disclose file contents in file system.

  • CVE-2018-1000044CriFeb 9, 2018
    risk 0.64cvss 9.8epss 0.02

    Security Onion Solutions Squert version 1.1.1 through 1.6.7 contains a SQL Injection vulnerability in .inc/callback.php that can result in execution of SQL commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the sensors…

  • CVE-2018-1000043CriFeb 9, 2018
    risk 0.64cvss 9.8epss 0.04

    Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be…