VYPR

CVEs

31,174 total · page 566 of 624

  • CVE-2017-16634CriNov 10, 2017
    risk 0.64cvss 9.8epss 0.04

    In Joomla! before 3.8.2, a bug allowed third parties to bypass a user's 2-factor authentication method.

  • CVE-2017-16562CriNov 10, 2017
    risk 0.69cvss 9.8epss 0.27

    The UserPro plugin before 4.9.17.1 for WordPress, when used on a site with the "admin" username, allows remote attackers to bypass authentication and obtain administrative access via a "true" value for the up_auto_log parameter in the QUERY_STRING to the default URI.

  • CVE-2017-11309CriNov 10, 2017
    risk 0.66cvss 9.6epss 0.09

    Buffer overflow in the SoftConsole client in Avaya IP Office before 10.1.1 allows remote servers to execute arbitrary code via a long response.

  • CVE-2015-7501CriNov 9, 2017
    risk 0.70cvss 9.8epss 0.83

    Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform…

  • CVE-2015-3933CriNov 8, 2017
    risk 0.67cvss 9.8epss 0.04

    Multiple SQL injection vulnerabilities in inc/lib/User.class.php in MetalGenix GeniXCMS before 0.0.3-patch allow remote attackers to execute arbitrary SQL commands via the (1) email parameter or (2) userid parameter to register.php.

  • CVE-2017-16618CriNov 8, 2017
    risk 0.57cvss 9.8epss 0.04

    An exploitable vulnerability exists in the YAML loading functionality of util.py in OwlMixin before 2.0.0a12. A "Load YAML" string or file (aka load_yaml or load_yamlf) can execute arbitrary Python commands resulting in command execution because load is used where safe_load…

  • CVE-2017-16616CriNov 8, 2017
    risk 0.57cvss 9.8epss 0.04

    An exploitable vulnerability exists in the YAML parsing functionality in the YAMLParser method in Interfaces.py in PyAnyAPI before 0.6.1. A YAML parser can execute arbitrary Python commands resulting in command execution because load is used where safe_load should have been…

  • CVE-2017-16615CriNov 8, 2017
    risk 0.57cvss 9.8epss 0.03

    An exploitable vulnerability exists in the YAML parsing functionality in the parse_yaml_query method in parser.py in MLAlchemy before 0.2.2. When processing YAML-Based queries for data, a YAML parser can execute arbitrary Python commands resulting in command execution because…

  • CVE-2017-16561CriNov 7, 2017
    risk 0.64cvss 9.8epss 0.01

    /view/friend_profile.php in Ingenious School Management System 2.3.0 is vulnerable to Boolean-based and Time-based SQL injection in the 'friend_index' parameter of a GET request.

  • CVE-2016-0872CriNov 7, 2017
    risk 0.64cvss 9.8epss 0.01

    A Plaintext Storage of a Password issue was discovered in Kabona AB WebDatorCentral (WDC) versions prior to Version 3.4.0. WDC stores password credentials in plaintext.

  • CVE-2008-7319CriNov 7, 2017
    risk 0.64cvss 9.8epss 0.06

    The Net::Ping::External extension through 0.15 for Perl does not properly sanitize arguments (e.g., invalid hostnames) containing shell metacharacters before use of backticks in External.pm, allowing for shell command injection and arbitrary command execution if untrusted input…

  • CVE-2017-2922CriNov 7, 2017
    risk 0.64cvss 9.8epss 0.03

    An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers which leads to a use-after-free vulnerability which can be…

  • CVE-2017-2921CriNov 7, 2017
    risk 0.64cvss 9.8epss 0.02

    An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause an integer overflow, leading to a heap buffer overflow and resulting in denial of service and potential remote…

  • CVE-2017-2894CriNov 7, 2017
    risk 0.66cvss 9.8epss 0.31

    An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially…

  • CVE-2017-2892CriNov 7, 2017
    risk 0.64cvss 9.8epss 0.02

    An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT packet can cause an arbitrary out-of-bounds memory read and write potentially resulting in information disclosure, denial of…

  • CVE-2017-2891CriNov 7, 2017
    risk 0.64cvss 9.8epss 0.03

    An exploitable use-after-free vulnerability exists in the HTTP server implementation of Cesanta Mongoose 6.8. An ordinary HTTP POST request with a CGI target can cause a reuse of previously freed pointer potentially resulting in remote code execution. An attacker needs to send…

  • CVE-2017-2864CriNov 7, 2017
    risk 0.64cvss 9.8epss 0.02

    An exploitable vulnerability exists in the generation of authentication token functionality of Circle with Disney. Specially crafted network packets can cause a valid authentication token to be returned to the attacker resulting in authentication bypass. An attacker can send a…

  • CVE-2017-12085CriNov 7, 2017
    risk 0.59cvss 9.0epss 0.02

    An exploitable routing vulnerability exists in the Circle with Disney cloud infrastructure. A specially crafted packet can make the Circle cloud route a packet to any arbitrary Circle device. An attacker needs network connectivity to the Internet to trigger this vulnerability.

  • CVE-2017-15887CriNov 7, 2017
    risk 0.64cvss 9.8epss 0.02

    An improper restriction of excessive authentication attempts vulnerability in /principals in Synology CardDAV Server before 6.0.7-0085 allows remote attackers to obtain user credentials via a brute-force attack.

  • CVE-2017-16638CriNov 6, 2017
    risk 0.64cvss 9.8epss 0.01

    The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to gain root privileges by creating a hard link in a directory on which "chown" is called recursively by the OpenRC service script.

  • CVE-2017-16548CriNov 6, 2017
    risk 0.64cvss 9.8epss 0.05

    The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified…

  • CVE-2017-16543CriNov 5, 2017
    risk 0.67cvss 9.8epss 0.06

    Zoho ManageEngine Applications Manager 13 before build 13500 allows SQL injection via GraphicalView.do, as demonstrated by a crafted viewProps yCanvas field or viewid parameter.

  • CVE-2017-1000171CriNov 3, 2017
    risk 0.64cvss 9.8epss 0.01

    Mahara Mobile before 1.2.1 is vulnerable to passwords being sent to the Mahara access log in plain text.

  • CVE-2017-1000154CriNov 3, 2017
    risk 0.64cvss 9.8epss 0.01

    Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to some authentication methods, which do not use Mahara's built-in login form, still allowing users to log in even if their institution was expired or suspended.

  • CVE-2017-1000153CriNov 3, 2017
    risk 0.64cvss 9.8epss 0.01

    Mahara 15.04 before 15.04.10 and 15.10 before 15.10.6 and 16.04 before 16.04.4 are vulnerable to incorrect access control after the password reset link is sent via email and then user changes default email, Mahara fails to invalidate old link.Consequently the link in email can…

  • CVE-2017-1000152CriNov 3, 2017
    risk 0.64cvss 9.8epss 0.01

    Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 running PHP 5.3 are vulnerable to one user being logged in as another user on a separate computer as the same session ID is served. This situation can occur when a user takes an action that forces another user to be logged out…

  • CVE-2017-16523CriNov 3, 2017
    risk 0.64cvss 9.8epss 0.04

    MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices have a zyad1234 password for the zyad1234 account, which is equivalent to root and undocumented.

  • CVE-2017-11767CriNov 2, 2017
    risk 0.57cvss 9.8epss 0.10

    ChakraCore allows an attacker to gain the same user rights as the current user, due to the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

  • CVE-2017-16510CriNov 2, 2017
    risk 0.57cvss 9.8epss 0.08

    WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi) in plugins and themes, as demonstrated by a "double prepare" approach, a different vulnerability than CVE-2017-14723.

  • CVE-2017-1000121CriNov 1, 2017
    risk 0.64cvss 9.8epss 0.01

    The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect…

  • CVE-2017-1000245CriNov 1, 2017
    risk 0.64cvss 9.8epss 0.01

    The SSH Plugin stores credentials which allow jobs to access remote servers via the SSH protocol. User passwords and passphrases for encrypted SSH keys are stored in plaintext in a configuration file.

  • CVE-2017-14027CriNov 1, 2017
    risk 0.64cvss 9.8epss 0.03

    A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC…

  • CVE-2017-14021CriNov 1, 2017
    risk 0.64cvss 9.8epss 0.02

    A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d,…

  • CVE-2017-15535CriNov 1, 2017
    risk 0.59cvss 9.1epss 0.02

    MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors (aka wire protocol compression), which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify…

  • CVE-2017-14375CriNov 1, 2017
    risk 0.64cvss 9.8epss 0.05

    EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management (eManagement) versions prior to and including…

  • CVE-2017-1000257CriOct 31, 2017
    risk 0.60cvss 9.1epss 0.06

    An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data…

  • CVE-2017-14356CriOct 31, 2017
    risk 0.64cvss 9.8epss 0.02

    An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow SQL injection.

  • CVE-2017-15993CriOct 31, 2017
    risk 0.67cvss 9.8epss 0.03

    Zomato Clone Script allows SQL Injection via the restaurant-menu.php resid parameter.

  • CVE-2017-15992CriOct 31, 2017
    risk 0.67cvss 9.8epss 0.03

    Website Broker Script allows SQL Injection via the 'status_id' Parameter to status_list.php.

  • CVE-2017-15991CriOct 31, 2017
    risk 0.67cvss 9.8epss 0.03

    Vastal I-Tech Agent Zone (aka The Real Estate Script) allows SQL Injection in searchCommercial.php via the property_type, city, or posted_by parameter, or searchResidential.php via the property_type, city, or bedroom parameter, a different vulnerability than CVE-2008-3951,…

  • CVE-2017-15990CriOct 31, 2017
    risk 0.67cvss 9.8epss 0.08

    Php Inventory & Invoice Management System allows Arbitrary File Upload via dashboard/edit_myaccountdetail/.

  • CVE-2017-15989CriOct 31, 2017
    risk 0.67cvss 9.8epss 0.03

    Online Exam Test Application allows SQL Injection via the resources.php sort parameter in a category action.

  • CVE-2017-15988CriOct 31, 2017
    risk 0.67cvss 9.8epss 0.03

    Nice PHP FAQ Script allows SQL Injection via the index.php nice_theme parameter, a different vulnerability than CVE-2008-6525.

  • CVE-2017-15987CriOct 31, 2017
    risk 0.67cvss 9.8epss 0.02

    Fake Magazine Cover Script allows SQL Injection via the rate.php value parameter or the content.php id parameter.

  • CVE-2017-15986CriOct 31, 2017
    risk 0.67cvss 9.8epss 0.03

    CPA Lead Reward Script allows SQL Injection via the username parameter.

  • CVE-2017-15985CriOct 31, 2017
    risk 0.67cvss 9.8epss 0.03

    Basic B2B Script allows SQL Injection via the product_view1.php pid or id parameter.

  • CVE-2017-15984CriOct 31, 2017
    risk 0.67cvss 9.8epss 0.03

    Creative Management System (CMS) Lite 1.4 allows SQL Injection via the S parameter to index.php.

  • CVE-2017-15983CriOct 31, 2017
    risk 0.67cvss 9.8epss 0.03

    MyMagazine Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing.

  • CVE-2017-15982CriOct 31, 2017
    risk 0.67cvss 9.8epss 0.03

    Dynamic News Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing.

  • CVE-2017-15981CriOct 31, 2017
    risk 0.67cvss 9.8epss 0.03

    Responsive Newspaper Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing.