VYPR

CVEs

31,174 total · page 569 of 624

  • CVE-2014-9733CriOct 17, 2017
    risk 0.64cvss 9.8epss 0.01

    nw.js before 0.11.5 can simulate user input events in a normal frame, which allows remote attackers to have unspecified impact via unknown vectors.

  • CVE-2014-9487CriOct 17, 2017
    risk 0.64cvss 9.8epss 0.02

    The getid3 library in MediaWiki before 1.24.1, 1.23.8, 1.22.15 and 1.19.23 allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack. NOTE: Related to CVE-2014-2053.

  • CVE-2017-9367CriOct 16, 2017
    risk 0.64cvss 9.8epss 0.02

    A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request.

  • CVE-2015-7687CriOct 16, 2017
    risk 0.64cvss 9.8epss 0.04

    Use-after-free vulnerability in OpenSMTPD before 5.7.2 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving req_ca_vrfy_smtp and req_ca_vrfy_mta.

  • CVE-2015-4650CriOct 16, 2017
    risk 0.64cvss 9.8epss 0.06

    Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to gain shell access and execute arbitrary code with root privileges via unspecified vectors.

  • CVE-2015-2780CriOct 16, 2017
    risk 0.68cvss 9.8epss 0.15

    Unrestricted file upload vulnerability in Berta CMS allows remote attackers to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.

  • CVE-2017-15295CriOct 16, 2017
    risk 0.64cvss 9.8epss 0.02

    Xpress Server in SAP POS does not require authentication for read/write/delete file access. This is SAP Security Note 2520064.

  • CVE-2017-15293CriOct 16, 2017
    risk 0.64cvss 9.8epss 0.04

    Xpress Server in SAP POS does not require authentication for file read and erase operations, daemon shutdown, terminal read operations, or certain attacks on credentials. This is SAP Security Note 2520064.

  • CVE-2017-14952CriOct 16, 2017
    risk 0.64cvss 9.8epss 0.05

    Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue.

  • CVE-2014-9148CriOct 16, 2017
    risk 0.68cvss 9.8epss 0.11

    Fiyo CMS 2.0.1.8 allows remote attackers to bypass intended access restrictions and execute the (1) "Install and Update" or (2) Backup super administrator function via the view parameter in a direct request to fiyo/dapur.

  • CVE-2014-8621CriOct 16, 2017
    risk 0.64cvss 9.8epss 0.03

    SQL injection vulnerability in the Store Locator plugin 2.3 through 3.11 for WordPress allows remote attackers to execute arbitrary SQL commands via the sl_custom_field parameter to sl-xml.php.

  • CVE-2014-3702CriOct 16, 2017
    risk 0.59cvss 9.1epss 0.02

    Directory traversal vulnerability in eNovance eDeploy allows remote attackers to create arbitrary directories and files and consequently cause a denial of service (resource consumption) via a .. (dot dot) the session parameter.

  • CVE-2017-15376CriOct 16, 2017
    risk 0.64cvss 9.8epss 0.04

    The TELNET service in Mobatek MobaXterm 10.4 does not require authentication, which allows remote attackers to execute arbitrary commands via TCP port 23.

  • CVE-2017-15373CriOct 16, 2017
    risk 0.64cvss 9.8epss 0.02

    E-Sic 1.0 allows SQL injection via the q parameter to esiclivre/restrito/inc/lkpcep.php (aka the search private area).

  • CVE-2017-15304CriOct 15, 2017
    risk 0.64cvss 9.8epss 0.01

    /bin/login.php in the Web Panel on the Airtame HDMI dongle with firmware before 3.0 allows an attacker to set his own session id via a "Cookie: PHPSESSID=" header. This can be used to achieve persistent access to the admin panel even after an admin password change.

  • CVE-2017-12629CriOct 14, 2017
    risk 0.67cvss 9.8epss 0.92

    Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note…

  • CVE-2017-10622CriOct 13, 2017
    risk 0.64cvss 9.8epss 0.05

    An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user. This issue only affects Junos Space Network Management Platform 17.1R1 without Patch v1…

  • CVE-2017-10615CriOct 13, 2017
    risk 0.64cvss 9.8epss 0.02

    A vulnerability in the pluggable authentication module (PAM) of Juniper Networks Junos OS may allow an unauthenticated network based attacker to potentially execute arbitrary code or crash daemons such as telnetd or sshd that make use of PAM. Affected Juniper Networks Junos OS…

  • CVE-2016-1265CriOct 13, 2017
    risk 0.64cvss 9.8epss 0.02

    A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross site request forgery (CSRF), default authentication credentials, information leak and command…

  • CVE-2017-11771CriOct 13, 2017
    risk 0.69cvss 9.8epss 0.64

    The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when…

  • CVE-2016-5791CriOct 13, 2017
    risk 0.64cvss 9.8epss 0.02

    An Improper Authentication issue was discovered in JanTek JTC-200, all versions. The improper authentication could provide an undocumented BusyBox Linux shell accessible over the TELNET service without any authentication.

  • CVE-2016-8736CriOct 12, 2017
    risk 0.64cvss 9.8epss 0.05

    Apache OpenMeetings before 3.1.2 is vulnerable to Remote Code Execution via RMI deserialization attack.

  • CVE-2017-5791CriOct 11, 2017
    risk 0.69cvss 9.8epss 0.69

    The doFilter method in UrlAccessController in HPE Intelligent Management Center (iMC) PLAT 7.2 E0403P06 allows remote bypass of authentication via unspecified strings in a URI.

  • CVE-2017-5789CriOct 11, 2017
    risk 0.65cvss 9.8epss 0.18

    HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow.

  • CVE-2017-14003CriOct 11, 2017
    risk 0.64cvss 9.8epss 0.03

    An Authentication Bypass by Spoofing issue was discovered in LAVA Ether-Serial Link (ESL) running firmware versions 6.01.00/29.03.2007 and prior versions. An improper authentication vulnerability has been identified, which, if exploited, would allow an attacker with the same IP…

  • CVE-2017-0903CriOct 11, 2017
    risk 0.58cvss 9.8epss 0.16

    RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution.

  • CVE-2017-15220CriOct 11, 2017
    risk 0.67cvss 9.8epss 0.07

    Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring. This allows remote attackers to execute arbitrary code.

  • CVE-2013-6924CriOct 11, 2017
    risk 0.68cvss 9.8epss 0.15

    Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow remote attackers to execute arbitrary commands via shell metacharacters in the ip parameter to backupmgt/getAlias.php.

  • CVE-2017-15226CriOct 10, 2017
    risk 0.64cvss 9.8epss 0.02

    Zyxel NBG6716 V1.00(AAKG.9)C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call.

  • CVE-2017-8994CriOct 10, 2017
    risk 0.64cvss 9.8epss 0.10

    A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely.

  • CVE-2008-7315CriOct 10, 2017
    risk 0.64cvss 9.8epss 0.03

    UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands.

  • CVE-2017-13706CriOct 10, 2017
    risk 0.65cvss 9.9epss 0.02

    XML external entity (XXE) vulnerability in the import package functionality of the deployment module in Lansweeper before 6.0.100.67 allows remote authenticated users to obtain sensitive information, cause a denial of service, conduct server-side request forgery (SSRF) attacks,…

  • CVE-2017-12861CriOct 10, 2017
    risk 0.64cvss 9.8epss 0.03

    The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.All Epson projectors supporting the "EasyMP"…

  • CVE-2017-12860CriOct 10, 2017
    risk 0.64cvss 9.8epss 0.03

    The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.In addition to the password, each projector…

  • CVE-2017-14980CriOct 10, 2017
    risk 0.68cvss 9.8epss 0.22

    Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login.

  • CVE-2014-9474CriOct 10, 2017
    risk 0.64cvss 9.8epss 0.04

    Buffer overflow in the mpfr_strtofr function in GNU MPFR before 3.1.2-p11 allows context-dependent attackers to have unspecified impact via vectors related to incorrect documentation for mpn_set_str.

  • CVE-2014-0030CriOct 10, 2017
    risk 0.68cvss 9.8epss 0.17

    The XML-RPC protocol support in Apache Roller before 5.0.3 allows attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.

  • CVE-2015-2147CriOct 6, 2017
    risk 0.67cvss 9.8epss 0.02

    Multiple SQL injection vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to execute arbitrary SQL commands via unspecified parameters.

  • CVE-2015-2146CriOct 6, 2017
    risk 0.64cvss 9.8epss 0.01

    Multiple SQL injection vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to project.php, the (2) group_id parameter to group.php, the (3) status_id parameter to status.php, the (4)…

  • CVE-2017-13069CriOct 6, 2017
    risk 0.64cvss 9.8epss 0.02

    QNAP discovered a number of command injection vulnerabilities found in Music Station versions 4.8.6 (for QTS 4.2.x), 5.0.7 (for QTS 4.3.x), and earlier. If exploited, these vulnerabilities may allow a remote attacker to run arbitrary commands on the NAS.

  • CVE-2017-15047CriOct 6, 2017
    risk 0.64cvss 9.8epss 0.02

    The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows attackers to cause a denial of service (out-of-bounds array index and application crash) or possibly have unspecified other impact by leveraging "limited access to the machine."

  • CVE-2017-14089CriOct 6, 2017
    risk 0.67cvss 9.8epss 0.10

    An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan server to target cgiShowClientAdm.exe and cause memory corruption issues.

  • CVE-2017-15041CriOct 5, 2017
    risk 0.57cvss 9.8epss 0.09

    Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points to a Git repository. If the Subversion repository…

  • CVE-2016-8937CriOct 5, 2017
    risk 0.64cvss 9.8epss 0.02

    The IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) default authentication protocol is vulnerable to a brute force attack due to disclosing too much information during authentication. An attacker could gain user or administrative access to the TSM server. IBM…

  • CVE-2017-15032CriOct 5, 2017
    risk 0.64cvss 9.8epss 0.02

    ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.

  • CVE-2017-14000CriOct 5, 2017
    risk 0.61cvss 9.4epss 0.02

    An Improper Authentication issue was discovered in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access the application without authenticating.

  • CVE-2017-13995CriOct 5, 2017
    risk 0.65cvss 10.0epss 0.02

    An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webserver does not properly authenticate users, which may allow a malicious attacker to access sensitive information such as HMI pages or modify PLC…

  • CVE-2017-1000116CriOct 5, 2017
    risk 0.64cvss 9.8epss 0.06

    Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.

  • CVE-2017-12149CriKEVOct 4, 2017
    risk 0.92cvss 9.8epss 0.91

    In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization and thus allowing an attacker to execute…

  • CVE-2017-14491CriOct 4, 2017
    risk 0.73cvss 9.8epss 0.85

    Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.