VYPR

CVEs

31,173 total · page 582 of 624

  • CVE-2017-11354CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.01

    Fiyo CMS v2.0.7 has an SQL injection vulnerability in dapur/apps/app_article/sys_article.php via the name parameter in editing or adding a tag name.

  • CVE-2017-11349CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.02

    dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs or schedules, for purposes such as sending e-mail messages or making outbound connections to FTP servers for uploading data.

  • CVE-2017-11346CriJul 17, 2017
    risk 0.70cvss 9.8epss 0.43

    Zoho ManageEngine Desktop Central before build 100092 allows remote attackers to execute arbitrary code via vectors involving the upload of help desk videos.

  • CVE-2017-11329CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.01

    GLPI before 9.1.5 allows SQL injection via an ajax/getDropdownValue.php request with an entity_restrict parameter that is not a list of integers.

  • CVE-2017-10601CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.02

    A specific device configuration can result in a commit failure condition. When this occurs, a user is logged in without being prompted for a password while trying to login through console, ssh, ftp, telnet or su, etc., This issue relies upon a device configuration precondition…

  • CVE-2017-1000362CriJul 17, 2017
    risk 0.57cvss 9.8epss 0.02

    The re-key admin monitor was introduced in Jenkins 1.498 and re-encrypted all secrets in JENKINS_HOME with a new key. It also created a backup directory with all old secrets, and the key used to encrypt them. These backups were world-readable and not removed afterwards. Jenkins…

  • CVE-2017-1000081CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.03

    Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of applications (.oar) resulting in remote code execution.

  • CVE-2017-1000075CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.02

    Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the memcmp function

  • CVE-2017-1000074CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.02

    Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the string_repeat() function.

  • CVE-2017-1000073CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.03

    Creolabs Gravity version 1.0 is vulnerable to a heap overflow in an undisclosed component that can result in arbitrary code execution.

  • CVE-2017-1000072CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.02

    Creolabs Gravity version 1.0 is vulnerable to a Double Free in gravity_value resulting potentially leading to modification of unexpected memory locations

  • CVE-2017-1000060CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.03

    EyesOfNetwork (EON) 5.1 Unauthenticated SQL Injection in eonweb leading to remote root

  • CVE-2017-1000056CriJul 17, 2017
    risk 0.57cvss 9.8epss 0.02

    Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object.

  • CVE-2017-1000047CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.04

    rbenv (all current versions) is vulnerable to Directory Traversal in the specification of Ruby version resulting in arbitrary code execution

  • CVE-2017-1000044CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.02

    gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly when updating framebuffer which may lead to memory corruption when rendering

  • CVE-2017-1000039CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.03

    Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution

  • CVE-2017-1000037CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.06

    RVM automatically loads environment variables from files in $PWD resulting in command execution RVM vulnerable to command injection when automatically loading environment variables from files in $PWD RVM automatically executes hooks located in $PWD resulting in code execution…

  • CVE-2017-1000030CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.02

    Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access to the web-based…

  • CVE-2017-1000020CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.03

    SYN Flood or FIN Flood attack in ECos 1 and other versions embedded devices results in web Authentication Bypass. "eCos Embedded Web Servers used by Multiple Routers and Home devices, while sending SYN Flood or FIN Flood packets fails to validate and handle the packets and does…

  • CVE-2017-1000009CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.04

    Akeneo PIM CE and EE <1.6.6, <1.5.15, <1.4.28 are vulnerable to shell injection in the mass edition, resulting in remote execution.

  • CVE-2017-1000004CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.05

    ATutor version 2.2.1 and earlier are vulnerable to a SQL injection in the Assignment Dropbox, BasicLTI, Blog Post, Blog, Group Course Email, Course Alumni, Course Enrolment, Group Membership, Course unenrolment, Course Enrolment List Search, Glossary, Social Group Member Search,…

  • CVE-2017-1000003CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.02

    ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Social Application component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the…

  • CVE-2017-1000002CriJul 17, 2017
    risk 0.69cvss 9.8epss 0.31

    ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension check bypass in the Course component resulting in code execution. ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal vulnerability in the Course Icon component…

  • CVE-2017-0028CriJul 17, 2017
    risk 0.65cvss 9.8epss 0.19

    A remote code execution vulnerability exists when Microsoft scripting engine improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully…

  • CVE-2016-6793CriJul 17, 2017
    risk 0.60cvss 9.1epss 0.08

    The DiskFileItem class in Apache Wicket 6.x before 6.25.0 and 1.5.x before 1.5.17 allows remote attackers to cause a denial of service (infinite loop) and write to, move, and delete files with the permissions of DiskFileItem, and if running on a Java VM before 1.3.1, execute…

  • CVE-2017-9788CriJul 13, 2017
    risk 0.64cvss 9.1epss 0.57

    In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment…

  • CVE-2016-8964CriJul 13, 2017
    risk 0.64cvss 9.8epss 0.02

    IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 118853.

  • CVE-2017-11174CriJul 12, 2017
    risk 0.64cvss 9.8epss 0.01

    In install/page_dbsettings.php in the Core distribution of XOOPS 2.5.8.1, unfiltered data passed to CREATE and ALTER SQL queries caused SQL Injection in the database settings page, related to use of GBK in CHARACTER SET and COLLATE clauses.

  • CVE-2017-4053CriJul 12, 2017
    risk 0.64cvss 9.8epss 0.03

    Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to execute a command of their choice via a crafted HTTP request parameter.

  • CVE-2017-4052CriJul 12, 2017
    risk 0.64cvss 9.8epss 0.02

    Authentication Bypass vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to change or update any configuration settings, or gain administrator functionality via a crafted HTTP…

  • CVE-2017-11187CriJul 12, 2017
    risk 0.64cvss 9.8epss 0.01

    phpMyFAQ before 2.9.8 does not properly mitigate brute-force attacks that try many passwords in attempted logins quickly.

  • CVE-2017-11167CriJul 12, 2017
    risk 0.64cvss 9.8epss 0.02

    FineCMS 2.1.0 allows remote attackers to execute arbitrary PHP code by using a URL Manager "Add Site" action to enter this code after a ', sequence in a domain name, as demonstrated by the ',phpinfo() input value.

  • CVE-2016-8638CriJul 12, 2017
    risk 0.52cvss 9.1epss 0.02

    A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 before 1.0.3 was found that allows attacker to log out active sessions of other users. This issue is related to how it tracks sessions, and allows an unauthenticated attacker to view and…

  • CVE-2017-11165CriJul 12, 2017
    risk 0.72cvss 9.8epss 0.64

    dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and configuration information via a direct request for the /services/getFile.cmd?userfile=config.xml URI.

  • CVE-2017-8589CriJul 11, 2017
    risk 0.66cvss 9.8epss 0.26

    Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way that Windows Search handles objects in…

  • CVE-2017-7728CriJul 11, 2017
    risk 0.64cvss 9.8epss 0.03

    On iSmartAlarm cube devices, there is authentication bypass leading to remote execution of commands (e.g., setting the alarm on/off), related to incorrect cryptography.

  • CVE-2017-5640CriJul 10, 2017
    risk 0.64cvss 9.8epss 0.03

    It was noticed that a malicious process impersonating an Impala daemon in Apache Impala (incubating) 2.7.0 to 2.8.0 could cause Impala daemons to skip authentication checks when Kerberos is enabled (but TLS is not). If the malicious server responds with 'COMPLETE' before the…

  • CVE-2017-7175CriJul 10, 2017
    risk 0.68cvss 9.9epss 0.07

    NfSen before 1.3.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the customfmt parameter (aka the "Custom output format" field).

  • CVE-2017-9791CriKEVJul 10, 2017
    risk 0.80cvss 9.8epss 0.99

    The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.

  • CVE-2017-11147CriJul 10, 2017
    risk 0.60cvss 9.1epss 0.05

    In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c.

  • CVE-2017-11139CriJul 10, 2017
    risk 0.64cvss 9.8epss 0.03

    GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c.

  • CVE-2017-11125CriJul 10, 2017
    risk 0.64cvss 9.8epss 0.02

    libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c.

  • CVE-2017-11124CriJul 10, 2017
    risk 0.64cvss 9.8epss 0.02

    libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c.

  • CVE-2017-4976CriJul 9, 2017
    risk 0.64cvss 9.8epss 0.02

    EMC ESRS Policy Manager prior to 6.8 contains an undocumented account (OpenDS admin) with a default password. A remote attacker with the knowledge of the default password may login to the system and gain administrator privileges to the local LDAP directory server.

  • CVE-2017-7512CriJul 7, 2017
    risk 0.64cvss 9.8epss 0.02

    Red Hat 3scale (aka RH-3scale) API Management Platform (AMP) before 2.0.0 would permit creation of an access token without a client secret. An attacker could use this flaw to circumvent authentication controls and gain access to restricted APIs. NOTE: some sources have a typo in…

  • CVE-2017-9629CriJul 7, 2017
    risk 0.64cvss 9.8epss 0.10

    A Stack-Based Buffer Overflow issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The stack-based buffer overflow vulnerability has been identified, which may allow a remote attacker to execute arbitrary code in the context…

  • CVE-2017-1000082CriJul 7, 2017
    risk 0.64cvss 9.8epss 0.04

    systemd v233 and earlier fails to safely parse usernames starting with a numeric digit (e.g. "0day"), running the service in question with root privileges rather than the user intended.

  • CVE-2017-10966CriJul 7, 2017
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in Irssi before 1.0.4. While updating the internal nick list, Irssi could incorrectly use the GHashTable interface and free the nick while updating it. This would then result in use-after-free conditions on each access of the hash table.

  • CVE-2017-10965CriJul 7, 2017
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer.

  • CVE-2017-2237CriJul 7, 2017
    risk 0.64cvss 9.8epss 0.02

    Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.