VYPR

CVEs

31,174 total · page 559 of 624

  • CVE-2018-3813CriJan 1, 2018
    risk 0.64cvss 9.8epss 0.01

    getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control, as demonstrated by reading the AVI_USER_ID and AVI_USER_PASSWORD fields via a direct request.

  • CVE-2018-3811CriJan 1, 2018
    risk 0.70cvss 9.8epss 0.43

    SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords() function in smartgooglecode.php did not use prepared statements…

  • CVE-2018-3810CriJan 1, 2018
    risk 0.74cvss 9.8epss 0.91

    Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The…

  • CVE-2017-18001CriDec 31, 2017
    risk 0.68cvss 9.8epss 0.14

    Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI.

  • CVE-2017-17992CriDec 30, 2017
    risk 0.64cvss 9.8epss 0.02

    Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action.

  • CVE-2014-9515CriDec 29, 2017
    risk 0.57cvss 9.8epss 0.06

    Dozer improperly uses a reflection-based approach to type conversion, which might allow remote attackers to execute arbitrary code via a crafted serialized object.

  • CVE-2014-3630CriDec 29, 2017
    risk 0.64cvss 9.8epss 0.03

    XML external entity (XXE) vulnerability in the Java XML processing functionality in Play before 2.2.6 and 2.3.x before 2.3.5 might allow remote attackers to read arbitrary files, cause a denial of service, or have unspecified other impact via crafted XML data.

  • CVE-2014-0121CriDec 29, 2017
    risk 0.57cvss 9.8epss 0.04

    The admin terminal in Hawt.io does not require authentication, which allows remote attackers to execute arbitrary commands via the k parameter.

  • CVE-2017-17974CriDec 29, 2017
    risk 0.64cvss 9.8epss 0.02

    BA SYSTEMS BAS Web on BAS920 devices (with Firmware 01.01.00*, HTTPserv 00002, and Script 02.*) and ISC2000 devices allows remote attackers to obtain sensitive information via a request for isc/get_sid_js.aspx or isc/get_sid.aspx, as demonstrated by obtaining administrative…

  • CVE-2017-17968CriDec 29, 2017
    risk 0.70cvss 9.8epss 0.40

    A buffer overflow vulnerability in NetTransport.exe in NetTransport Download Manager 2.96L and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long HTTP response.

  • CVE-2014-4914CriDec 29, 2017
    risk 0.64cvss 9.8epss 0.02

    The Zend_Db_Select::order function in Zend Framework before 1.12.7 does not properly handle parentheses, which allows remote attackers to conduct SQL injection attacks via unspecified vectors.

  • CVE-2017-17959CriDec 28, 2017
    risk 0.64cvss 9.8epss 0.01

    PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the seller-view.php usid parameter.

  • CVE-2017-17957CriDec 28, 2017
    risk 0.64cvss 9.8epss 0.01

    PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter.

  • CVE-2017-17951CriDec 28, 2017
    risk 0.64cvss 9.8epss 0.01

    PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter.

  • CVE-2017-5641CriDec 28, 2017
    risk 0.58cvss 9.8epss 0.21

    Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types…

  • CVE-2017-17932CriDec 28, 2017
    risk 0.71cvss 9.8epss 0.54

    A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on the victim machine/computer via a long string to TCP port 888.

  • CVE-2014-8389CriDec 28, 2017
    risk 0.68cvss 9.8epss 0.51

    cgi-bin/mft/wireless_mft.cgi in AirLive BU-2015 with firmware 1.03.18 16.06.2014, AirLive BU-3026 with firmware 1.43 21.08.2014, AirLive MD-3025 with firmware 1.81 21.08.2014, AirLive WL-2000CAM with firmware LM.1.6.18 14.10.2011, and AirLive POE-200CAM v2 with firmware…

  • CVE-2015-7669CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.07

    Multiple directory traversal vulnerabilities in (1) includes/MapImportCSV2.php and (2) includes/MapImportCSV.php in the Easy2Map plugin before 1.3.0 for WordPress allow remote attackers to include and execute arbitrary files via the csvfile parameter related to "upload file…

  • CVE-2015-6237CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.02

    The RPC service in Tripwire (formerly nCircle) IP360 VnE Manager 7.2.2 before 7.2.6 allows remote attackers to bypass authentication and (1) enumerate users, (2) reset passwords, or (3) manipulate IP filter restrictions via crafted "privileged commands."

  • CVE-2017-9944CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.03

    A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions < V2.03. The integrated web server (port 80/tcp) of the affected devices could allow an unauthenticated remote attacker to perform administrative operations over the network.

  • CVE-2017-17931CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.01

    PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter.

  • CVE-2017-17928CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.01

    PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter.

  • CVE-2017-17906CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.01

    PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter.

  • CVE-2017-17900CriDec 27, 2017
    risk 0.57cvss 9.8epss 0.02

    SQL injection vulnerability in fourn/index.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the socid parameter.

  • CVE-2017-17899CriDec 27, 2017
    risk 0.57cvss 9.8epss 0.02

    SQL injection vulnerability in adherents/subscription/info.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the rowid parameter.

  • CVE-2017-17897CriDec 27, 2017
    risk 0.57cvss 9.8epss 0.02

    SQL injection vulnerability in comm/multiprix.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.

  • CVE-2017-17895CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.01

    Readymade Job Site Script has SQL Injection via the location_name array parameter to the /job URI.

  • CVE-2017-17892CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.01

    Readymade Video Sharing Script has SQL Injection via the viewsubs.php chnlid parameter or the search_video.php search parameter.

  • CVE-2017-17878CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters are truncated because of the default use of DES (aka the CONFIG_FEATURE_DEFAULT_PASSWD_ALGO="des" setting).

  • CVE-2017-17877CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered in Valve Steam Link build 643. When the SSH daemon is enabled for local development, the device is publicly available via IPv6 TCP port 22 over the internet (with stateless address autoconfiguration) by default, which makes it easier for remote attackers…

  • CVE-2017-17875CriDec 27, 2017
    risk 0.67cvss 9.8epss 0.03

    The JEXTN FAQ Pro extension 4.0.0 for Joomla! has SQL Injection via the id parameter in a view=category action.

  • CVE-2017-17873CriDec 27, 2017
    risk 0.67cvss 9.8epss 0.03

    Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI.

  • CVE-2017-17872CriDec 27, 2017
    risk 0.67cvss 9.8epss 0.03

    The JEXTN Video Gallery extension 3.0.5 for Joomla! has SQL Injection via the id parameter in a view=category action.

  • CVE-2017-17871CriDec 27, 2017
    risk 0.67cvss 9.8epss 0.03

    The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter.

  • CVE-2017-17870CriDec 27, 2017
    risk 0.67cvss 9.8epss 0.03

    The JBuildozer extension 1.4.1 for Joomla! has SQL Injection via the appid parameter in an entriessearch action.

  • CVE-2017-17849CriDec 27, 2017
    risk 0.68cvss 9.8epss 0.19

    A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long response.

  • CVE-2017-16727CriDec 22, 2017
    risk 0.59cvss 9.1epss 0.02

    A Credentials Management issue was discovered in Moxa NPort W2150A versions prior to 1.11, and NPort W2250A versions prior to 1.11. The default password is empty on the device. An unauthorized user can access the device without a password. An unauthorized user has the ability to…

  • CVE-2017-17033CriDec 21, 2017
    risk 0.64cvss 9.8epss 0.04

    A buffer overflow vulnerability in password function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.

  • CVE-2017-17032CriDec 21, 2017
    risk 0.64cvss 9.8epss 0.03

    A buffer overflow vulnerability in password function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.

  • CVE-2017-17031CriDec 21, 2017
    risk 0.64cvss 9.8epss 0.03

    A buffer overflow vulnerability in password function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.

  • CVE-2017-17030CriDec 21, 2017
    risk 0.64cvss 9.8epss 0.03

    A buffer overflow vulnerability in login function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.

  • CVE-2017-17029CriDec 21, 2017
    risk 0.64cvss 9.8epss 0.03

    A buffer overflow vulnerability in login function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.

  • CVE-2017-17028CriDec 21, 2017
    risk 0.64cvss 9.8epss 0.03

    A buffer overflow vulnerability in external device function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.

  • CVE-2017-17027CriDec 21, 2017
    risk 0.64cvss 9.8epss 0.03

    A buffer overflow vulnerability in FTP service in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.

  • CVE-2015-7224CriDec 21, 2017
    risk 0.64cvss 9.8epss 0.02

    puppetlabs-mysql 3.1.0 through 3.6.0 allow remote attackers to bypass authentication by leveraging creation of a database account without a password when a 'mysql_user' user parameter contains a host with a netmask.

  • CVE-2017-17411CriDec 21, 2017
    risk 0.74cvss 9.8epss 0.88

    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management portal. The issue lies in the lack of proper…

  • CVE-2017-17821CriDec 21, 2017
    risk 0.64cvss 9.8epss 0.01

    WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because it calls the FastBitVectorWordOwner::resizeSlow function (in…

  • CVE-2012-2576CriDec 20, 2017
    risk 0.71cvss 9.8epss 0.59

    SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler before 5.1.2, and SolarWinds Backup Profiler before 5.1.2 allows remote attackers to execute arbitrary SQL commands via the loginName field.

  • CVE-2017-6094CriDec 20, 2017
    risk 0.64cvss 9.8epss 0.01

    CPEs used by subscribers on the access network receive their individual configuration settings from a central GAPS instance. A CPE identifies itself by the MAC address of its WAN interface and a certain "chk" value (48bit) derived from the MAC. The algorithm used to compute the…

  • CVE-2017-16725CriDec 20, 2017
    risk 0.64cvss 9.8epss 0.09

    A Stack-based Buffer Overflow issue was discovered in Xiongmai Technology IP Cameras and DVRs using the NetSurveillance Web interface. The stack-based buffer overflow vulnerability has been identified, which may allow an attacker to execute code remotely or crash the device.…