VIR Vulnerability Intelligence Relay

Search

Found 4,840 results in 625ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2017-15644 high 8.6 9.6 EXP webmin 9y ago SSRF exists in Webmin 1.850 via the PATH_INFO to tunnel/link.cgi, as demonstrated by a GET request for tunnel/link.cgi/http://INTRANET-IP:8000.
CVE-2017-15643 high 7.4 8.4 EXP ikarussecurity 9y ago An active network attacker (MiTM) can achieve remote code execution on a machine that runs IKARUS Anti Virus 2.16.7. IKARUS AV for Windows uses cleartext HTTP for updates along with a CRC32 checksum …
CVE-2017-10366 critical 9.8 10.0 EXP oracle 9y ago Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Performance Monitor). Supported versions that are affected are 8.54, 8.55 and 8.56. Ea…
CVE-2017-10309 high 7.1 8.1 EXPFIX sles rheldebian debian oracleredhatnetapp 9y ago Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthentic…
CVE-2017-12579 high 7.8 8.8 EXP hashicorp 9y ago An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 4.0.24 and earlier allows a non-root user to obtain a root shell.
CVE-2017-14322 critical 9.8 10.0 EXP interspire 9y ago The function in charge to check whether the user is already logged in init.php in Interspire Email Marketer (IEM) prior to 6.1.6 allows remote attackers to bypass authentication and obtain administra…
CVE-2015-7715 high 8.8 9.8 EXP realtyna 9y ago Cross-site request forgery (CSRF) vulnerability in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allows remote attackers to hijack the authentication of administrators for requests th…
CVE-2015-7714 high 7.2 8.2 EXP realtyna 9y ago Multiple SQL injection vulnerabilities in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allow remote administrators to execute arbitrary SQL commands via the (1) id, (2) copy_field in…
CVE-2017-15595 high 8.8 9.8 EXPFIX slesdebian debian 9y ago An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via…
CVE-2017-15579 critical 9.8 10.0 EXP phpsugar 9y ago In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aa_pages_per_page cookie in a playlist action to watch.php.
CVE-2017-15578 high 8.8 9.8 EXP phpsugar 9y ago In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via the image parameter to admin/edit_category.php.
CVE-2014-9118 high 8.8 9.8 EXP 9y ago The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd.
CVE-2014-8357 high 8.8 9.8 EXP 9y ago backupsettings.html in the web administrative portal in Zhone zNID GPON 2426A before S3.0.501 places a session key in a URL, which allows remote attackers to obtain arbitrary user passwords via the s…
CVE-2017-15221 high 7.8 8.8 EXP asx_to_mp3_converter_project 9y ago ASX to MP3 converter 3.1.3.7.2010.11.05 has a buffer overflow via a crafted M3U file, a related issue to CVE-2009-1324.
CVE-2015-2780 critical 9.8 10.0 EXP berta 9y ago Unrestricted file upload vulnerability in Berta CMS allows remote attackers to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct re…
CVE-2014-9148 critical 9.8 10.0 EXP fiyo 9y ago Fiyo CMS 2.0.1.8 allows remote attackers to bypass intended access restrictions and execute the (1) "Install and Update" or (2) Backup super administrator function via the view parameter in a direct …
CVE-2014-9147 high 7.5 8.5 EXP fiyo 9y ago Fiyo CMS 2.0.1.8 allows remote attackers to obtain sensitive information via a direct request to the database backup file in .backup/.
CVE-2017-12629 critical 9.8 10.0 EXPFIX debian debianubuntu ubuntu rhel apacheredhat 9y ago Remote code execution occurs in Apache Solr
CVE-2017-15276 high 8.8 9.8 EXP opentext 9y ago OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Ser…
CVE-2017-15013 high 8.8 9.8 EXP opentext 9y ago OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Ser…
CVE-2017-15012 high 8.8 9.8 EXP opentext 9y ago OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 does not properly validate the input of the PUT_FILE RPC-command, which allows any authenticated user to hijack…
CVE-2017-11811 high 7.5 8.5 EXP windows windows microsoft 9y ago ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the s…
CVE-2017-11810 high 7.5 8.5 EXP windows windows microsoft 9y ago Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 201…
CVE-2017-11809 high 7.5 8.5 EXP windows windows microsoft 9y ago ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the s…
CVE-2017-11802 high 7.5 8.5 EXP windows windows microsoft 9y ago ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the s…
CVE-2017-11799 high 7.5 8.5 EXP windows windows microsoft 9y ago ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the s…
CVE-2017-11793 high 7.5 8.5 EXP windows windows microsoft 9y ago Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 201…
CVE-2017-15220 critical 9.8 10.0 EXP flexense 9y ago Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring. This allows remote attackers to execute arbitrary cod…
CVE-2013-6924 critical 9.8 10.0 EXP 9y ago Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow remote attackers to execute arbitrary commands via shell metacharacters in the ip parameter to backupmgt/getAlias.php.
CVE-2017-15236 high 7.5 8.5 EXP 9y ago Tiandy IP cameras 5.56.17.120 do not properly restrict a certain proprietary protocol, which allows remote attackers to read settings via a crafted request to TCP port 3001, as demonstrated by config…
CVE-2017-15235 high 7.5 8.5 EXPFIX debian debian horde 9y ago The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact fi…
CVE-2015-2856 high 7.5 8.5 EXP accellion 9y ago Directory traversal vulnerability in the template function in function.inc in Accellion File Transfer Appliance devices before FTA_9_11_210 allows remote attackers to read arbitrary files via a .. (d…
CVE-2017-5637 high 7.5 8.5 EXPFIX debian debian apache 9y ago Uncontrolled Resource Consumption in Apache ZooKeeper
CVE-2017-14980 critical 9.8 10.0 EXP flexense 9y ago Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login.
CVE-2014-0030 critical 9.8 10.0 EXP apache 9y ago The XML-RPC protocol support in Apache Roller before 5.0.3 allows attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.
CVE-2015-2673 high 8.8 9.8 EXP wpeasycart 9y ago The ec_ajax_update_option and ec_ajax_clear_all_taxrates functions in inc/admin/admin_ajax_functions.php in the WP EasyCart plugin 1.1.30 through 3.0.20 for WordPress allow remote attackers to gain a…
CVE-2015-2147 critical 9.8 10.0 EXP phpbugtracker_project 9y ago Multiple SQL injection vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to execute arbitrary SQL commands via unspecified parameters.
CVE-2015-2143 high 8.8 9.8 EXP phpbugtracker_project 9y ago Multiple cross-site request forgery (CSRF) vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to hijack the authentication of users for requests that cause an unspecifi…
CVE-2015-2142 high 8.0 9.0 EXP phpbugtracker_project 9y ago Multiple cross-site request forgery (CSRF) vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote authenticated users to (1) hijack the authentication of users for requests that caus…
CVE-2017-13068 high 7.5 8.5 EXP qnap 9y ago QNAP has already patched this vulnerability. This security concern allows a remote attacker to perform an SQL injection on the application and obtain Helpdesk application information. A remote attack…
CVE-2017-14089 critical 9.8 10.0 EXP trendmicro 9y ago An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan server to target cgiShowClientAdm.exe and ca…
CVE-2017-14087 high 7.5 8.5 EXP trendmicro 9y ago A Host Header Injection vulnerability in Trend Micro OfficeScan XG (12.0) may allow an attacker to spoof a particular Host header, allowing the attacker to render arbitrary links that point to a mali…
CVE-2017-14086 high 7.5 8.5 EXP trendmicro 9y ago Pre-authorization Start Remote Process vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to start the fcgiOfcDDA.exe executabl…
CVE-2017-14084 high 8.1 9.1 EXP trendmicro 9y ago A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 11.0 and XG may allow attackers to execute arbitrary code on vulnerable installations.
CVE-2017-14083 high 7.5 8.5 EXP trendmicro 9y ago A vulnerability in Trend Micro OfficeScan 11.0 and XG allows remote unauthenticated users who can access the system to download the OfficeScan encryption file.
CVE-2017-15035 high 7.5 8.5 EXP emtec 9y ago EmTec PyroBatchFTP before 3.18 allows remote servers to cause a denial of service (application crash).
CVE-2017-1000119 high 7.2 8.2 EXP octobercms 9y ago October CMS PHP Code Execution
CVE-2017-1000117 high 8.8 9.8 EXPFIX arch arch slesdebian debian git-scm 9y ago A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Suc…
CVE-2017-1000112 high 7.0 8.0 EXPFIX slesarch archdebian debian 9y ago Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two…
CVE-2017-14491 critical 9.8 10.0 EXPFIX arch arch slesdebian debian thekelleyssusenvidia 9y ago multiple issues in dnsmasq
CVE-2017-6090 high 8.8 9.8 EXP phpcollab 9y ago Unrestricted file upload vulnerability in clients/editclient.php in PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable exte…
CVE-2017-6089 critical 9.8 10.0 EXP phpcollab 9y ago SQL injection vulnerability in PhpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) project or id parameters to topics/deletetopics.php; the (2) id parame…
CVE-2017-14848 high 8.8 9.8 EXP dasinfomedia 9y ago WPHRM Human Resource Management System for WordPress 1.0 allows SQL Injection via the employee_id parameter.
CVE-2017-14758 high 8.8 9.8 EXP opentext 9y ago OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to SQL Injection: /xAdmin/html/cm_doclist_view_uc.…
CVE-2017-14757 high 8.8 9.8 EXP opentext 9y ago OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to SQL Injection: /xDashboard/html/jobhistory/down…
CVE-2017-14496 high 7.5 8.5 EXPFIX arch archdebian debianubuntu ubuntu thekelleys 9y ago multiple issues in dnsmasq
CVE-2017-14495 high 7.5 8.5 EXPFIX arch arch slesdebian debian thekelleys 9y ago multiple issues in dnsmasq
CVE-2017-14493 critical 9.8 10.0 EXPFIX arch arch slesdebian debian thekelleys 9y ago multiple issues in dnsmasq
CVE-2017-14492 critical 9.8 10.0 EXPFIX arch arch slesdebian debian thekelleys 9y ago multiple issues in dnsmasq
CVE-2017-11322 high 8.2 9.2 EXP ucopia 9y ago The chroothole_client executable in UCOPIA Wireless Appliance before 5.1.8 allows remote attackers to gain root privileges via a dollar sign ($) metacharacter in the argument to chroothole_client.
CVE-2017-11321 high 7.2 8.2 EXP ucopia 9y ago The restricted shell interface in UCOPIA Wireless Appliance before 5.1.8 allows remote authenticated users to gain 'admin' privileges via shell metacharacters in the less command.
CVE-2015-7358 high 7.8 8.8 EXP ciphershedidrixtruecrypt 9y ago The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, does not properly validate drive letter symbolic links, which …
CVE-2017-14738 critical 9.8 10.0 EXP filerun 9y ago FileRun (version 2017.09.18 and below) suffers from a remote SQL injection vulnerability due to a failure to sanitize input in the metafield parameter inside the metasearch module (under the search f…
CVE-2017-14702 critical 9.8 10.0 EXP branaghgroup 9y ago ERS Data System 1.8.1.0 allows remote attackers to execute arbitrary code, related to "com.branaghgroup.ecers.update.UpdateRequest" object deserialization.
CVE-2017-14507 critical 9.8 10.0 EXP shindiristudio 9y ago Multiple SQL injection vulnerabilities in the Content Timeline plugin 4.4.2 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) timeline parameter in content_timeline_c…
CVE-2017-14847 high 8.8 9.8 EXP dasinfomedia 9y ago Mojoomla WPAMS Apartment Management System for WordPress allows SQL Injection via the id parameter.
CVE-2017-14846 high 8.8 9.8 EXP dasinfomedia 9y ago Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter.
CVE-2017-14845 high 8.8 9.8 EXP dasinfomedia 9y ago Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter.
CVE-2017-14844 high 8.8 9.8 EXP dasinfomedia 9y ago Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter.
CVE-2017-14843 high 8.8 9.8 EXP dasinfomedia 9y ago Mojoomla School Management System for WordPress allows SQL Injection via the id parameter.
CVE-2017-14842 high 8.8 9.8 EXP dasinfomedia 9y ago Mojoomla SMSmaster Multipurpose SMS Gateway for WordPress allows SQL Injection via the id parameter.
CVE-2017-14840 high 8.8 9.8 EXP teamworktec 9y ago TeamWork TicketPlus allows Arbitrary File Upload in updateProfile.
CVE-2017-14839 high 8.8 9.8 EXP teamworktec 9y ago TeamWork Photo Fusion allows Arbitrary File Upload in changeAvatar and changeCover.
CVE-2017-14838 high 8.8 9.8 EXP teamworktec 9y ago TeamWork Job Links allows Arbitrary File Upload in profileChange and coverChange.
CVE-2017-11120 critical 9.8 10.0 EXPFIX macos macos 9y ago On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2…
CVE-2015-8249 critical 9.8 10.0 EXP manageengine 9y ago The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote attackers to upload and execute arbitrary files via the ConnectionId parameter.
CVE-2015-3643 high 7.8 8.8 EXP ubuntu ubuntu usb-creator_project 9y ago usb-creator before 0.2.38.3ubuntu0.1 on Ubuntu 12.04 LTS, before 0.2.56.3ubuntu0.1 on Ubuntu 14.04 LTS, before 0.2.62ubuntu0.3 on Ubuntu 14.10, and before 0.2.67ubuntu0.1 on Ubuntu 15.04 allows local…
CVE-2015-1336 high 7.8 8.8 EXPFIX debian debianubuntu ubuntu man-db_project 9y ago The daily mandb cleanup job in Man-db before 2.7.6.1-1 as packaged in Ubuntu and Debian allows local users with access to the man account to gain privileges via vectors involving insecure chown use.
CVE-2017-14704 high 8.8 9.8 EXP claydip 9y ago Multiple unrestricted file upload vulnerabilities in the (1) imageSubmit and (2) proof_submit functions in Claydip Laravel Airbnb Clone 1.0 allow remote authenticated users to execute arbitrary code …
CVE-2017-13129 high 8.0 9.0 EXP zkteco 9y ago Cross-site request forgery (CSRF) vulnerability in ZKTeco ZKTime Web 2.0.1.12280 allows remote authenticated users to hijack the authentication of administrators for requests that add administrators …
CVE-2017-14703 critical 9.8 10.0 EXP cashbackcomparisonscript 9y ago SQL injection vulnerability in Cash Back Comparison Script 1.0 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to search/.
CVE-2014-0997 high 7.5 8.5 EXP 9y ago WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and poten…
CVE-2015-7293 high 8.8 9.8 EXP plonezope 9y ago Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Management Interface 4.3.7 and earlier, and Plone before 5.x.
CVE-2015-4669 high 7.8 8.8 EXP xceedium 9y ago The MySQL "root" user in Xsuite 2.x does not have a password set, which allows local users to access databases on the system.
CVE-2015-4667 critical 9.8 10.0 EXP xceedium 9y ago Multiple hardcoded credentials in Xsuite 2.x.
CVE-2017-14627 high 7.8 8.8 EXP cyberlink 9y ago Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow remote attackers to execute arbitrary code via the (1) author (inside the INFORMATION tag), (2) name (inside the INFORMATION tag), (3) a…
CVE-2017-14706 critical 9.8 10.0 EXP denyall 9y ago DenyAll WAF before 6.4.1 allows unauthenticated remote attackers to obtain authentication information by making a typeOf=debug request to /webservices/download/index.php, and then reading the iToken …
CVE-2017-14680 high 7.5 8.5 EXP zkteco 9y ago ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain sensitive employee metadata via a direct request for a PDF document.
CVE-2017-12930 critical 9.8 10.0 EXP tecnovision 9y ago SQL Injection in the admin interface in TecnoVISION DLX Spot Player4 version >1.5.10 allows remote unauthenticated users to access the web interface as administrator via a crafted password.
CVE-2017-12929 high 8.8 9.8 EXP tecnovision 9y ago Arbitrary File Upload in resource.php of TecnoVISION DLX Spot Player4 version >1.5.10 allows remote authenticated users to upload arbitrary files leading to Remote Command Execution.
CVE-2017-12611 critical 9.8 10.0 EXP apache 9y ago Apache Struts 2.0.1 uses an unintentional expression in a Freemarker tag instead of string literal
CVE-2017-7924 high 7.5 8.5 EXP 9y ago An Improper Input Validation issue was discovered in Rockwell Automation MicroLogix 1100 controllers 1763-L16BWA, 1763-L16AWA, 1763-L16BBB, and 1763-L16DWD. A remote, unauthenticated attacker could s…
CVE-2015-4075 high 8.1 9.1 EXP helpdeskpro 9y ago The Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to write to arbitrary .ini files via a crafted language.save task.
CVE-2015-4074 high 7.5 8.5 EXP helpdesk_pro_project 9y ago Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter in a ticket.download…
CVE-2015-4073 critical 9.8 10.0 EXP helpdesk_pro_project 9y ago Multiple SQL injection vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) ticket_code or (2) email parameter or (…
CVE-2017-8770 high 7.5 8.5 EXP 9y ago There is LFD (local file disclosure) on BE126 WIFI repeater 1.0 devices that allows attackers to read the entire filesystem on the device via a crafted getpage parameter.
CVE-2015-4685 high 7.0 8.0 EXP polycom 9y ago Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users with access to the plcm account to gain privileges via a script in /var/polycom/cma/upgrade/scripts, related to a sudo m…
CVE-2015-4683 critical 9.8 10.0 EXP polycom 9y ago Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows attackers to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters wit…
CVE-2015-4681 high 7.8 8.8 EXP polycom 9y ago Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified impact via vectors related to weak passwords.
CVE-2014-8686 critical 9.8 10.0 EXP codeigniter 9y ago CodeIgniter before 2.2.0 makes it easier for attackers to decode session cookies by leveraging fallback to a custom XOR-based encryption scheme when the Mcrypt extension for PHP is not available.