VYPR

...

by GitHub

CVEs (8)

  • CVE-2018-18075CriOct 9, 2018
    risk 0.64cvss 9.8epss 0.02

    WikidForum 2.20 has SQL Injection via the rpc.php parent_post_id or num_records parameter, or the index.php?action=search select_sort parameter.

  • CVE-2017-18215CriMar 5, 2018
    risk 0.64cvss 9.8epss 0.02

    xvpng.c in xv 3.10a has memory corruption (out-of-bounds write) when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value.

  • CVE-2026-44451CriMay 26, 2026
    risk 0.60cvss 9.3epss 0.00

    Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX via Sucrase and evaluates it with new Function, shadowing dangerous globals (fetch, window, eval, etc.) with undefined. A static source validator…

  • CVE-2018-18735HigOct 29, 2018
    risk 0.57cvss 8.8epss 0.01

    A CSRF issue was discovered in admin/Index/tiquan in catfish blog 2.0.33.

  • CVE-2018-10778HigMay 7, 2018
    risk 0.51cvss 7.8epss 0.01

    Read access violation in the III_dequantize_sample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact, a different vulnerability than CVE-2017-9872 and…

  • CVE-2024-42018HigOct 11, 2024
    risk 0.50cvss 7.7epss 0.00

    An issue was discovered in Atos Eviden SMC xScale before 1.6.6. During initialization of nodes, some configuration parameters are retrieved from management nodes. These parameters embed credentials whose integrity and confidentiality may be important to the security of the HPC…

  • CVE-2018-12025HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    The transferFrom function of a smart contract implementation for FuturXE (FXE), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized transfer of digital assets because of a logic error. The developer messed up with the boolean judgment - if the input value is…

  • CVE-2025-1595MedFeb 23, 2025
    risk 0.35cvss 5.3epss 0.01

    A vulnerability has been found in Anhui Xufan Information Technology EasyCVR up to 2.7.0 and classified as problematic. This vulnerability affects unknown code of the file /api/v1/getbaseconfig. The manipulation leads to information disclosure. The attack can be initiated…