VYPR

CVEs

31,173 total · page 581 of 624

  • CVE-2017-3222CriJul 22, 2017
    risk 0.64cvss 9.8epss 0.07

    Hard-coded credentials in AmosConnect 8 allow remote attackers to gain full administrative privileges, including the ability to execute commands on the Microsoft Windows host platform with SYSTEM privileges by abusing AmosConnect Task Manager.

  • CVE-2017-3221CriJul 22, 2017
    risk 0.64cvss 9.8epss 0.04

    Blind SQL injection in Inmarsat AmosConnect 8 login form allows remote attackers to access user credentials, including user names and passwords.

  • CVE-2017-2277CriJul 22, 2017
    risk 0.59cvss 9.1epss 0.01

    WG-C10 v3.0.79 and earlier allows an attacker to bypass access restrictions to obtain or alter information stored in the external storage connected to the product via unspecified vectors.

  • CVE-2017-2126CriJul 22, 2017
    risk 0.64cvss 9.8epss 0.04

    WAPM-1166D firmware Ver.1.2.7 and earlier, WAPM-APG600H firmware Ver.1.16.1 and earlier allows remote attackers to bypass authentication and access the configuration interface via unspecified vectors.

  • CVE-2017-7540CriJul 21, 2017
    risk 0.64cvss 9.8epss 0.02

    rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation.

  • CVE-2017-7480CriJul 21, 2017
    risk 0.64cvss 9.8epss 0.02

    rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential remote code execution.

  • CVE-2017-11519CriJul 21, 2017
    risk 0.64cvss 9.8epss 0.03

    passwd_recovery.lua on the TP-Link Archer C9(UN)_V2_160517 allows an attacker to reset the admin password by leveraging a predictable random number generator seed. This is fixed in C9(UN)_V2_170511.

  • CVE-2017-11517CriJul 21, 2017
    risk 0.69cvss 9.8epss 0.29

    Stack-based buffer overflow in GCoreServer.exe in the server in Geutebrueck Gcore 1.3.8.42 and 1.4.2.37 allows remote attackers to execute arbitrary code via a long URI in a GET request.

  • CVE-2015-3886CriJul 21, 2017
    risk 0.57cvss 9.8epss 0.02

    libinfinity before 0.6.6-1 does not validate expired SSL certificates, which allows remote attackers to have unspecified impact via unknown vectors.

  • CVE-2017-9980CriJul 21, 2017
    risk 0.64cvss 9.8epss 0.02

    In Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, the "PING" (aka tag_ipPing) feature within the web interface allows performing command injection, via the "pip" parameter.

  • CVE-2017-9932CriJul 21, 2017
    risk 0.64cvss 9.8epss 0.01

    Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb has a default password of admin for the admin account.

  • CVE-2017-11502CriJul 20, 2017
    risk 0.67cvss 9.8epss 0.07

    Technicolor DPC3928AD DOCSIS devices allow remote attackers to read arbitrary files via a request starting with "GET /../" on TCP port 4321.

  • CVE-2017-11495CriJul 20, 2017
    risk 0.64cvss 9.8epss 0.03

    PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow unauthenticated remote code execution via a request to an unspecified ASP script; alternatively, the attacker can leverage unauthenticated access to this script to trigger a reboot via an ifType=reboot action.

  • CVE-2017-7062CriJul 20, 2017
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Contacts" component. A buffer overflow allows remote attackers to execute…

  • CVE-2017-6532CriJul 20, 2017
    risk 0.64cvss 9.8epss 0.01

    Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 have cleartext credentials in /mib.db.

  • CVE-2017-6531CriJul 20, 2017
    risk 0.64cvss 9.8epss 0.02

    On Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20, the backup/restore feature lacks access control, related to ReadFile.cgi and LoadCfgFile.

  • CVE-2017-6530CriJul 20, 2017
    risk 0.64cvss 9.8epss 0.01

    Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 do not check password.shtml authorization, leading to Arbitrary password change.

  • CVE-2017-9785CriJul 20, 2017
    risk 0.64cvss 9.8epss 0.03

    Csrf.cs in NancyFX Nancy before 1.4.4 and 2.x before 2.0-dangermouse has Remote Code Execution via Deserialization of JSON data in a CSRF Cookie.

  • CVE-2017-6316CriKEVJul 20, 2017
    risk 0.85cvss 9.8epss 0.73

    Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge (the former name of NetScaler SD-WAN) devices, the cookie name was CAKEPHP rather than CGISESSID.

  • CVE-2017-11474CriJul 20, 2017
    risk 0.64cvss 9.8epss 0.01

    GLPI before 9.1.5.1 has SQL Injection in the $crit variable in inc/computer_softwareversion.class.php, exploitable via ajax/common.tabs.php.

  • CVE-2017-11471CriJul 20, 2017
    risk 0.67cvss 9.8epss 0.01

    IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter.

  • CVE-2017-11470CriJul 20, 2017
    risk 0.67cvss 9.8epss 0.01

    IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter.

  • CVE-2017-11467CriJul 20, 2017
    risk 0.73cvss 9.8epss 0.73

    OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request.

  • CVE-2017-11465CriJul 19, 2017
    risk 0.64cvss 9.8epss 0.02

    The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial of service (invalid write or read) or possibly have unspecified other impact via a crafted Ruby script, related to the parser_tokadd_utf8 function in parse.y. NOTE: this might have…

  • CVE-2017-7977CriJul 19, 2017
    risk 0.64cvss 9.8epss 0.02

    The Screensavercc component in eLux RP before 5.5.0 allows attackers to bypass intended configuration restrictions and execute arbitrary commands with root privileges by inserting commands in a local configuration dialog in the control panel.

  • CVE-2016-6798CriJul 19, 2017
    risk 0.57cvss 9.8epss 0.04

    In the XSS Protection API module before 1.0.12 in Apache Sling, the method XSS.getValidXML() uses an insecure SAX parser to validate the input string, which allows for XXE attacks in all scripts which use this method to validate user input, potentially allowing an attacker to…

  • CVE-2017-11445CriJul 19, 2017
    risk 0.64cvss 9.8epss 0.01

    Subrion CMS before 4.1.6 has a SQL injection vulnerability in /front/actions.php via the $_POST array.

  • CVE-2017-11444CriJul 19, 2017
    risk 0.65cvss 9.8epss 0.13

    Subrion CMS before 4.1.5.10 has a SQL injection vulnerability in /front/search.php via the $_GET array.

  • CVE-2017-11436CriJul 19, 2017
    risk 0.64cvss 9.8epss 0.02

    D-Link DIR-615 before v20.12PTb04 has a second admin account with a 0x1 BACKDOOR value, which might allow remote attackers to obtain access via a TELNET connection.

  • CVE-2017-11435CriJul 19, 2017
    risk 0.68cvss 9.8epss 0.10

    The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability via specially crafted requests to the management console. The bug is exploitable remotely when the router is configured to expose the management console. The router is not validating…

  • CVE-2017-11420CriJul 18, 2017
    risk 0.64cvss 9.8epss 0.06

    Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U,…

  • CVE-2017-11419CriJul 18, 2017
    risk 0.64cvss 9.8epss 0.01

    Fiyo CMS 2.0.7 has SQL injection in /apps/app_article/controller/editor.php via $_POST['id'] and $_POST['art_title'].

  • CVE-2017-11418CriJul 18, 2017
    risk 0.64cvss 9.8epss 0.01

    Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/article_list.php via $_GET['cat'], $_GET['user'], $_GET['level'], and $_GET['iSortCol_'.$i].

  • CVE-2017-11417CriJul 18, 2017
    risk 0.64cvss 9.8epss 0.01

    Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/article_status.php via $_GET['id'].

  • CVE-2017-11416CriJul 18, 2017
    risk 0.64cvss 9.8epss 0.01

    Fiyo CMS 2.0.7 has SQL injection in /apps/app_comment/controller/insert.php via the name parameter.

  • CVE-2017-11415CriJul 18, 2017
    risk 0.64cvss 9.8epss 0.01

    Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/sys_article.php via $_POST['parent_id'], $_POST['desc'], $_POST['keys'], and $_POST['level'].

  • CVE-2017-11414CriJul 18, 2017
    risk 0.64cvss 9.8epss 0.01

    Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_comment/sys_comment.php via $_POST['comment'], $_POST['name'], $_POST['web'], $_POST['email'], $_POST['status'], $_POST['id'], and $_REQUEST['id'].

  • CVE-2017-11413CriJul 18, 2017
    risk 0.64cvss 9.8epss 0.01

    Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/comment_status.php via $_GET['id'].

  • CVE-2017-11412CriJul 18, 2017
    risk 0.64cvss 9.8epss 0.01

    Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_comment/controller/comment_status.php via $_GET['id'].

  • CVE-2017-9811CriJul 17, 2017
    risk 0.68cvss 9.8epss 0.10

    The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). By abusing the quarantine read and write operations, it is possible to elevate the privileges to root.

  • CVE-2017-10984CriJul 17, 2017
    risk 0.65cvss 9.8epss 0.18

    An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow in data2vp_wimax()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.

  • CVE-2017-10979CriJul 17, 2017
    risk 0.65cvss 9.8epss 0.22

    An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overflow in rad_coalesce()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.

  • CVE-2017-8011CriJul 17, 2017
    risk 0.65cvss 9.8epss 0.14

    EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with default passwords for…

  • CVE-2017-7673CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.02

    Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registration and forget password dialogs and auth forms missing brute force protection.

  • CVE-2017-7664CriJul 17, 2017
    risk 0.65cvss 10.0epss 0.02

    Uploaded XML documents were not correctly validated in Apache OpenMeetings 3.1.0.

  • CVE-2017-2349CriJul 17, 2017
    risk 0.65cvss 9.9epss 0.02

    A command injection vulnerability in the IDP feature of Juniper Networks Junos OS on SRX series devices potentially allows a user with login access to the device to execute shell commands and elevate privileges. Affected releases are Juniper Networks Junos OS 12.1X44 prior to…

  • CVE-2017-2345CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.04

    On Junos OS devices with SNMP enabled, a network based attacker with unfiltered access to the RE can cause the Junos OS snmpd daemon to crash and restart by sending a crafted SNMP packet. Repeated crashes of the snmpd daemon can result in a partial denial of service condition.…

  • CVE-2017-2343CriJul 17, 2017
    risk 0.65cvss 10.0epss 0.03

    The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to provide simple integration of user profiles on top of the existing firewall polices. As part of an internal security review of the UserFW services…

  • CVE-2017-2336CriJul 17, 2017
    risk 0.62cvss 9.6epss 0.01

    A reflected cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a network based attacker to inject HTML/JavaScript content into the management session of other users including the administrator. This…

  • CVE-2017-11362CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.03

    In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ext/intl/msgformat/msgformat_parse.c does not restrict the locale length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact…