VYPR

CVEs

31,174 total · page 570 of 624

  • CVE-2017-12822CriOct 4, 2017
    risk 0.64cvss 9.9epss 0.01

    Remote enabling and disabling admin interface in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to new attack vectors.

  • CVE-2017-12821CriOct 4, 2017
    risk 0.64cvss 9.8epss 0.03

    Memory corruption in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 might cause remote code execution.

  • CVE-2017-12819CriOct 4, 2017
    risk 0.64cvss 9.8epss 0.01

    Remote manipulations with language pack updater lead to NTLM-relay attack for system user in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55.

  • CVE-2017-12166CriOct 4, 2017
    risk 0.64cvss 9.8epss 0.04

    OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution.

  • CVE-2017-0829CriOct 4, 2017
    risk 0.64cvss 9.8epss 0.01

    An elevation of privilege vulnerability in the Motorola bootloader. Product: Android. Versions: Android kernel. Android ID: A-62345044.

  • CVE-2017-0828CriOct 4, 2017
    risk 0.64cvss 9.8epss 0.01

    An elevation of privilege vulnerability in the Huawei bootloader. Product: Android. Versions: Android kernel. Android ID: A-34622855.

  • CVE-2017-0824CriOct 4, 2017
    risk 0.64cvss 9.8epss 0.01

    An elevation of privilege vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37622847. References: B-V2017063001.

  • CVE-2017-0822CriOct 4, 2017
    risk 0.64cvss 9.8epss 0.01

    An elevation of privilege vulnerability in the Android system (camera). Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63787722.

  • CVE-2017-0807CriOct 4, 2017
    risk 0.64cvss 9.8epss 0.02

    An elevation of privilege vulnerability in the Android framework (ui framework). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35056974.

  • CVE-2017-8021CriOct 3, 2017
    risk 0.64cvss 9.8epss 0.02

    EMC Elastic Cloud Storage (ECS) before 3.1 is affected by an undocumented account vulnerability that could potentially be leveraged by malicious users to compromise the affected system.

  • CVE-2017-6089CriOct 3, 2017
    risk 0.67cvss 9.8epss 0.03

    SQL injection vulnerability in PhpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) project or id parameters to topics/deletetopics.php; the (2) id parameter to bookmarks/deletebookmarks.php; or the (3) id parameter to…

  • CVE-2017-14759CriOct 3, 2017
    risk 0.64cvss 9.8epss 0.01

    OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to an XML External Entity vulnerability: /xFramework/services/QuickDoc.QuickDocHttpSoap11Endpoint/. An unauthenticated user is…

  • CVE-2017-14493CriOct 3, 2017
    risk 0.73cvss 9.8epss 0.84

    Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.

  • CVE-2017-14492CriOct 3, 2017
    risk 0.74cvss 9.8epss 0.93

    Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.

  • CVE-2017-13997CriOct 3, 2017
    risk 0.64cvss 9.8epss 0.05

    A Missing Authentication for Critical Function issue was discovered in Schneider Electric InduSoft Web Studio v8.0 SP2 or prior, and InTouch Machine Edition v8.0 SP2 or prior. InduSoft Web Studio provides the capability for an HMI client to trigger script execution on the server…

  • CVE-2017-12639CriOct 3, 2017
    risk 0.64cvss 9.8epss 0.03

    Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote attackers to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETRE or ETCTERARED.

  • CVE-2017-12638CriOct 3, 2017
    risk 0.64cvss 9.8epss 0.03

    Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote attackers to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETBL or ETCETERABLUE.

  • CVE-2017-12620CriOct 3, 2017
    risk 0.64cvss 9.8epss 0.03

    When loading models or dictionaries that contain XML it is possible to perform an XXE attack, since Apache OpenNLP is a library, this only affects applications that load models or dictionaries from untrusted sources. The versions 1.5.0 to 1.5.3, 1.6.0, 1.7.0 to 1.7.2, 1.8.0 to…

  • CVE-2017-11497CriOct 3, 2017
    risk 0.64cvss 9.8epss 0.05

    Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via language packs containing filenames longer than 1024 characters.

  • CVE-2017-11496CriOct 3, 2017
    risk 0.64cvss 9.8epss 0.05

    Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via malformed ASN.1 streams in V2C and similar input files.

  • CVE-2015-7841CriOct 3, 2017
    risk 0.64cvss 9.8epss 0.02

    The login page of the server on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2…

  • CVE-2017-14942CriSep 30, 2017
    risk 0.69cvss 9.8epss 0.61

    Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie.

  • CVE-2017-14738CriSep 30, 2017
    risk 0.67cvss 9.8epss 0.03

    FileRun (version 2017.09.18 and below) suffers from a remote SQL injection vulnerability due to a failure to sanitize input in the metafield parameter inside the metasearch module (under the search function).

  • CVE-2017-14702CriSep 30, 2017
    risk 0.67cvss 9.8epss 0.08

    ERS Data System 1.8.1.0 allows remote attackers to execute arbitrary code, related to "com.branaghgroup.ecers.update.UpdateRequest" object deserialization.

  • CVE-2017-14351CriSep 30, 2017
    risk 0.64cvss 9.8epss 0.04

    A potential security vulnerability has been identified in HP UCMDB Configuration Manager versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.23. These vulnerabilities could be remotely exploited to allow code execution.

  • CVE-2017-14350CriSep 30, 2017
    risk 0.64cvss 9.8epss 0.07

    A potential security vulnerability has been identified in HPE Application Performance Management (BSM) Platform versions 9.26, 9.30, 9.40. The vulnerability could be remotely exploited to allow code execution.

  • CVE-2017-14349CriSep 30, 2017
    risk 0.64cvss 9.8epss 0.03

    An authentication vulnerability in HPE SiteScope product versions 11.2x and 11.3x, allows read-only accounts to view all SiteScope interfaces and monitors, potentially exposing sensitive data.

  • CVE-2017-13983CriSep 30, 2017
    risk 0.64cvss 9.8epss 0.06

    An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to bypass authentication.

  • CVE-2016-10512CriSep 30, 2017
    risk 0.64cvss 9.8epss 0.02

    MultiTech FaxFinder before 4.1.2 stores Passwords unencrypted for maintaining the test connectivity function of its LDAP configuration. These credentials are retrieved by the system when the LDAP configuration page is opened and are embedded directly into the HTML source code in…

  • CVE-2017-7552CriSep 29, 2017
    risk 0.64cvss 9.8epss 0.01

    A flaw was discovered in the file editor of millicore, affecting versions before 3.19.0 and 4.x before 4.5.0, which allows files to be executed as well as created. An attacker could use this flaw to compromise other users or teams projects stored in source control management of…

  • CVE-2017-14507CriSep 29, 2017
    risk 0.67cvss 9.8epss 0.05

    Multiple SQL injection vulnerabilities in the Content Timeline plugin 4.4.2 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) timeline parameter in content_timeline_class.php; or the id parameter to (2) pages/content_timeline_edit.php or (3)…

  • CVE-2017-12240CriKEVSep 29, 2017
    risk 0.77cvss 9.8epss 0.14

    The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system…

  • CVE-2017-12236CriSep 29, 2017
    risk 0.64cvss 9.8epss 0.03

    A vulnerability in the implementation of the Locator/ID Separation Protocol (LISP) in Cisco IOS XE 3.2 through 16.5 could allow an unauthenticated, remote attacker using an x tunnel router to bypass authentication checks performed when registering an Endpoint Identifier (EID) to…

  • CVE-2017-12229CriSep 29, 2017
    risk 0.64cvss 9.8epss 0.05

    A vulnerability in the REST API of the web-based user interface (web UI) of Cisco IOS XE 3.1 through 16.5 could allow an unauthenticated, remote attacker to bypass authentication to the REST API of the web UI of the affected software. The vulnerability is due to insufficient…

  • CVE-2017-12814CriSep 28, 2017
    risk 0.64cvss 9.8epss 0.07

    Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 on Windows allows attackers to execute arbitrary code via a long environment variable.

  • CVE-2017-12621CriSep 28, 2017
    risk 0.64cvss 9.8epss 0.09

    During Jelly (xml) file parsing with Apache Xerces, if a custom doctype entity is declared with a "SYSTEM" entity with a URL and that entity is used in the body of the Jelly file, during parser instantiation the parser will attempt to connect to said URL. This could lead to XML…

  • CVE-2017-11121CriSep 28, 2017
    risk 0.64cvss 9.8epss 0.03

    On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205.

  • CVE-2017-11120CriSep 28, 2017
    risk 0.67cvss 9.8epss 0.09

    On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2017061204.

  • CVE-2017-10932CriSep 28, 2017
    risk 0.64cvss 9.8epss 0.04

    All versions prior to V12.17.20 of the ZTE Microwave NR8000 series products - NR8120, NR8120A, NR8120, NR8150, NR8250, NR8000 TR and NR8950 are the applications of C/S architecture using the Java RMI service in which the servers use the Apache Commons Collections (ACC) library…

  • CVE-2015-8249CriSep 28, 2017
    risk 0.73cvss 9.8epss 0.74

    The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote attackers to upload and execute arbitrary files via the ConnectionId parameter.

  • CVE-2017-14760CriSep 27, 2017
    risk 0.64cvss 9.8epss 0.02

    SQL Injection exists in /includes/event-management/index.php in the event-espresso-free (aka Event Espresso Lite) plugin v3.1.37.12.L for WordPress via the recurrence_id parameter to /wp-admin/admin.php.

  • CVE-2015-7670CriSep 26, 2017
    risk 0.64cvss 9.8epss 0.03

    Multiple SQL injection vulnerabilities in includes/update.php in the Support Ticket System plugin before 1.2.1 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) id parameter.

  • CVE-2015-7390CriSep 26, 2017
    risk 0.64cvss 9.8epss 0.02

    SQL injection vulnerability in TestLink before 1.9.14 allows remote attackers to execute arbitrary SQL commands via the apikey parameter to lnl.php.

  • CVE-2017-14703CriSep 26, 2017
    risk 0.67cvss 9.8epss 0.02

    SQL injection vulnerability in Cash Back Comparison Script 1.0 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to search/.

  • CVE-2017-9957CriSep 26, 2017
    risk 0.64cvss 9.8epss 0.02

    A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the web service contains a hidden system account with a hardcoded password. An attacker can use this information to log into the system with high-privilege credentials.

  • CVE-2017-7974CriSep 26, 2017
    risk 0.64cvss 9.8epss 0.05

    A path traversal information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can execute arbitrary code and exfiltrate files.

  • CVE-2017-7973CriSep 26, 2017
    risk 0.64cvss 9.8epss 0.01

    A SQL injection vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can use calls to various paths allowing performance of arbitrary SQL commands against the underlying database.

  • CVE-2015-8707CriSep 26, 2017
    risk 0.64cvss 9.8epss 0.01

    Password reset tokens in Magento CE before 1.9.2.2, and Magento EE before 1.14.2.2 are passed via a GET request and not canceled after use, which allows remote attackers to obtain user passwords via a crafted external service with access to the referrer field.

  • CVE-2015-7544CriSep 25, 2017
    risk 0.59cvss 9.1epss 0.03

    redhat-support-plugin-rhev in Red Hat Enterprise Virtualization Manager (aka RHEV Manager) before 3.6 allows remote authenticated users with the SuperUser role on any Entity to execute arbitrary commands on any host in the RHEV environment.

  • CVE-2015-7510CriSep 25, 2017
    risk 0.57cvss 9.8epss 0.04

    Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd.