VYPR

CVEs

31,174 total · page 558 of 624

  • CVE-2014-6436CriJan 12, 2018
    risk 0.70cvss 9.8epss 0.42

    Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices improperly manage sessions, which allows remote attackers to bypass authentication in opportunistic circumstances and execute arbitrary commands with administrator privileges by leveraging an existing web portal login.

  • CVE-2018-5377CriJan 12, 2018
    risk 0.64cvss 9.8epss 0.02

    Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the archiver\index.php action parameter.

  • CVE-2018-5347CriJan 12, 2018
    risk 0.71cvss 9.8epss 0.54

    Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTelemetry and getLogs functions in views.py because .psp URLs are handled by the fastcgi.server component and shell metacharacters are mishandled.

  • CVE-2018-0007CriJan 10, 2018
    risk 0.64cvss 9.8epss 0.02

    An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an improper boundary check condition allowing a memory corruption to occur, leading to a…

  • CVE-2018-0001CriJan 10, 2018
    risk 0.64cvss 9.8epss 0.06

    A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. Affected releases are Juniper Networks Junos OS:…

  • CVE-2017-11079CriJan 10, 2018
    risk 0.64cvss 9.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing sparse image, uninitialized heap memory can potentially be flashed due to the lack of validation of sparse image block header size.

  • CVE-2017-17946CriJan 10, 2018
    risk 0.64cvss 9.8epss 0.03

    A buffer overflow in Handy Password 4.9.3 allows remote attackers to execute arbitrary code via a long "Title name" field in "mail box" data that is mishandled in an "Open from mail box" action.

  • CVE-2017-17485CriJan 10, 2018
    risk 0.61cvss 9.8epss 0.50

    FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the…

  • CVE-2017-16740CriJan 9, 2018
    risk 0.66cvss 10.0epss 0.07

    A Buffer Overflow issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution.

  • CVE-2017-1670CriJan 9, 2018
    risk 0.64cvss 9.8epss 0.02

    IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 133637.

  • CVE-2018-5211CriJan 9, 2018
    risk 0.67cvss 9.8epss 0.02

    PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist.

  • CVE-2017-18025CriJan 9, 2018
    risk 0.64cvss 9.8epss 0.03

    cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the username field, as demonstrated by a username beginning with "admin|" to use the '|' metacharacter.

  • CVE-2017-7997CriJan 8, 2018
    risk 0.68cvss 9.8epss 0.19

    Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the (1) show_prn parameter to webapp/users/prnow.jsp or show_month parameter to (2) webapp/users/blhistory.jsp or (3) webapp/users/prhistory.jsp.

  • CVE-2017-15883CriJan 8, 2018
    risk 0.64cvss 9.8epss 0.02

    Sitefinity 5.1, 5.2, 5.3, 5.4, 6.x, 7.x, 8.x, 9.x, and 10.x allow remote attackers to bypass authentication and consequently cause a denial of service on load balanced sites or gain privileges via vectors related to weak cryptography.

  • CVE-2015-2320CriJan 8, 2018
    risk 0.57cvss 9.8epss 0.04

    The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback.

  • CVE-2014-5334CriJan 8, 2018
    risk 0.64cvss 9.8epss 0.05

    FreeNAS before 9.3-M3 has a blank admin password, which allows remote attackers to gain root privileges by leveraging a WebGui login.

  • CVE-2014-5071CriJan 8, 2018
    risk 0.64cvss 9.8epss 0.02

    SQL injection vulnerability in the checkPassword function in Symmetricom s350i 2.70.15 allows remote attackers to execute arbitrary SQL commands via vectors involving a username.

  • CVE-2014-4972CriJan 8, 2018
    risk 0.64cvss 9.8epss 0.05

    Unrestricted file upload vulnerability in the Gravity Upload Ajax plugin 1.1 and earlier for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file under…

  • CVE-2017-5971CriJan 8, 2018
    risk 0.64cvss 9.8epss 0.02

    SQL injection vulnerability in NewsBee CMS allow remote attackers to execute arbitrary SQL commands.

  • CVE-2018-5267CriJan 8, 2018
    risk 0.64cvss 9.8epss 0.03

    Cobham Sea Tel 121 build 222701 devices allow remote attackers to bypass authentication via a direct request to MenuDealerGx.html, MenuDealer.html, MenuEuNCGx.html, MenuEuNC.html, MenuSysGx.html, or MenuSys.html.

  • CVE-2018-5208CriJan 6, 2018
    risk 0.64cvss 9.8epss 0.02

    In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings.

  • CVE-2018-5206CriJan 6, 2018
    risk 0.64cvss 9.8epss 0.02

    When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer.

  • CVE-2017-18021CriJan 5, 2018
    risk 0.64cvss 9.8epss 0.02

    It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates possibly predictable and enumerable passwords. This only applies to the QtPass GUI.

  • CVE-2017-15548CriJan 5, 2018
    risk 0.64cvss 9.8epss 0.05

    An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication…

  • CVE-2014-8579CriJan 5, 2018
    risk 0.64cvss 9.8epss 0.02

    TRENDnet TEW-823DRU devices with firmware before 1.00b36 have a hardcoded password of kcodeskcodes for the root account, which makes it easier for remote attackers to obtain access via an FTP session.

  • CVE-2017-16724CriJan 5, 2018
    risk 0.64cvss 9.8epss 0.03

    A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple instances of a vulnerability that allows too much data to be written to a location on the stack.

  • CVE-2017-16720CriJan 5, 2018
    risk 0.71cvss 9.8epss 0.50

    A Path Traversal issue was discovered in WebAccess versions 8.3.2 and earlier. An attacker has access to files within the directory structure of the target device.

  • CVE-2017-16716CriJan 5, 2018
    risk 0.67cvss 9.8epss 0.06

    A SQL Injection issue was discovered in WebAccess versions prior to 8.3. WebAccess does not properly sanitize its inputs for SQL commands.

  • CVE-2014-7862CriJan 4, 2018
    risk 0.73cvss 9.8epss 0.81

    The DCPluginServelet servlet in ManageEngine Desktop Central and Desktop Central MSP before build 90109 allows remote attackers to create administrator accounts via an addPlugInUser action.

  • CVE-2017-15714CriJan 4, 2018
    risk 0.64cvss 9.8epss 0.03

    The BIRT plugin in Apache OFBiz 16.11.01 to 16.11.03 does not escape user input property passed. This allows for code injection by passing that code through the URL. For example by appending this code "__format=%27;alert(%27xss%27)" to the URL an alert window would execute.

  • CVE-2018-0104CriJan 4, 2018
    risk 0.63cvss 9.6epss 0.04

    A vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow a remote attacker to execute arbitrary code on the system of a targeted user. The attacker could exploit this vulnerability by sending the user a link or email…

  • CVE-2017-8046CriJan 4, 2018
    risk 0.73cvss 9.8epss 0.74

    Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), versions prior to 3.0.1 (Kay SR1) and Spring Boot versions prior to 1.5.9, 2.0 M6 can use specially crafted JSON data to run arbitrary Java code.

  • CVE-2017-1000487CriJan 3, 2018
    risk 0.57cvss 9.8epss 0.07

    Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.

  • CVE-2017-1000486CriKEVJan 3, 2018
    risk 0.86cvss 9.8epss 0.94

    Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution

  • CVE-2017-1000471CriJan 3, 2018
    risk 0.64cvss 9.8epss 0.09

    EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a NULL pointer dereference in the CGI handler resulting in memory corruption or denial of service.

  • CVE-2017-1000469CriJan 3, 2018
    risk 0.57cvss 9.8epss 0.06

    Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user.

  • CVE-2017-1000480CriJan 3, 2018
    risk 0.64cvss 9.8epss 0.03

    Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name.

  • CVE-2017-1000501CriJan 3, 2018
    risk 0.00cvss 9.8epss 0.04

    Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.

  • CVE-2017-1000497CriJan 3, 2018
    risk 0.64cvss 9.8epss 0.03

    Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution

  • CVE-2017-18017CriJan 3, 2018
    risk 0.04cvss 9.8epss 0.53

    The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the…

  • CVE-2017-1000493CriJan 3, 2018
    risk 0.00cvss 9.8epss 0.02

    Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover

  • CVE-2017-1000437CriJan 2, 2018
    risk 0.64cvss 9.8epss 0.04

    Creolabs Gravity 1.0 contains a stack based buffer overflow in the operator_string_add function, resulting in remote code execution.

  • CVE-2017-1000430CriJan 2, 2018
    risk 0.57cvss 9.8epss 0.02

    rust-base64 version <= 0.5.1 is vulnerable to a buffer overflow when calculating the size of a buffer to use when encoding base64 using the 'encode_config_buf' and 'encode_config' functions

  • CVE-2017-1000423CriJan 2, 2018
    risk 0.00cvss 9.8epss 0.02

    b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's setup.

  • CVE-2017-1000421CriJan 2, 2018
    risk 0.64cvss 9.8epss 0.03

    Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function resulting potential code execution

  • CVE-2017-1000458CriJan 2, 2018
    risk 0.00cvss 9.8epss 0.02

    Bro before Bro v2.5.2 is vulnerable to an out of bounds write in the ContentLine analyzer allowing remote attackers to cause a denial of service (crash) and possibly other exploitation.

  • CVE-2017-1000453CriJan 2, 2018
    risk 0.64cvss 9.8epss 0.02

    CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code execution.

  • CVE-2017-17098CriJan 2, 2018
    risk 0.67cvss 9.8epss 0.07

    The writeLog function in fn_common.php in gps-server.net GPS Tracking Software (self hosted) through 3.0 allows remote attackers to inject arbitrary PHP code via a crafted request that is mishandled during admin log viewing, as demonstrated by <?php system($_GET[cmd]); ?> in a…

  • CVE-2017-17097CriJan 2, 2018
    risk 0.67cvss 9.8epss 0.07

    gps-server.net GPS Tracking Software (self hosted) 2.x has a password reset procedure that immediately resets passwords upon an unauthenticated request, and then sends e-mail with a predictable (date-based) password to the admin, which makes it easier for remote attackers to…

  • CVE-2017-1000444CriJan 2, 2018
    risk 0.00cvss 9.8epss 0.03

    Eleix Openhacker version 0.1.47 is vulnerable to an SQL injection in the account registration and login component resulting in information disclosure and remote code execution