The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date |
---|---|---|---|
CVE-2018-7507 | WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffer where a value larger than the buffer can be read from a file into the buffer, causing the buffer to be overwritten, which may allow remote code execution or cause the application to crash. | MEDIUM | May 5, 2018 |
CVE-2018-7494 | WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length stack buffer where a value larger than the buffer can be read from a file into the buffer, causing the buffer to be overwritten, which may allow remote code execution or cause the application to crash. | MEDIUM | May 5, 2018 |
CVE-2018-7509 | WPLSoft in Delta Electronics versions 2.45.0 and prior writes data from a file outside the bounds of the intended buffer space, which could cause memory corruption or may allow remote code execution. | MEDIUM | May 5, 2018 |
CVE-2019-12161 | WPO WebPageTest 19.04 allows SSRF because ValidateURL in www/runtest.php does not consider octal encoding of IP addresses (such as 0300.0250 as a replacement for 192.168). | MEDIUM | May 21, 2019 |
CVE-2021-3332 | WPS Hide Login 1.6.1 allows remote attackers to bypass a protection mechanism via post_password. | HIGH | Mar 1, 2021 |
CVE-2022-26511 | WPS Presentation 11.8.0.5745 insecurely load d3dx9_41.dll when opening .pps files(\'current directory type\' DLL loading). | MEDIUM | Mar 17, 2022 |
CVE-2018-7546 | wpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 allows remote attackers to cause a denial of service via a crafted pdf file. | MEDIUM | Jul 18, 2018 |
CVE-2022-24934 | wpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 allows remote code execution by modifying HKEY_CURRENT_USER in the registry. | HIGH | Mar 24, 2022 |
CVE-2024-3054 | WPvivid Backup & Migration Plugin for WordPress is vulnerable to PHAR Deserialization in all versions up to, and including, 0.9.99 via deserialization of untrusted input at the wpvividstg_get_custom_exclude_path_free action. This is due to the plugin not providing sufficient path validation on the tree_node[node][id] parameter. This makes it possible for authenticated attackers, with admin-level access and above, to call files using a PHAR wrapper that will deserialize the data and call arbitrary PHP Objects. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | -- | Apr 12, 2024 |
CVE-2017-14530 | WP_Admin_UI in the Crony Cronjob Manager plugin before 0.4.7 for WordPress has CSRF via the name parameter in an action=manage&do=create operation, as demonstrated by inserting XSS sequences. | MEDIUM | Sep 17, 2017 |
CVE-2019-20041 | wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript: substring. | HIGH | Jan 8, 2020 |
CVE-2021-20738 | WRC-1167FS-W, WRC-1167FS-B, and WRC-1167FSA all versions allow an unauthenticated network-adjacent attacker to obtain sensitive information via unspecified vectors. | LOW | Jul 7, 2021 |
CVE-2021-20739 | WRC-300FEBK, WRC-F300NF, WRC-733FEBK, WRH-300RD, WRH-300BK, WRH-300SV, WRH-300WH, WRH-H300WH, WRH-H300BK, WRH-300BK-S, and WRH-300WH-S all versions allows an unauthenticated network-adjacent attacker to execute an arbitrary OS command via unspecified vectors. | MEDIUM | Jul 10, 2021 |
CVE-2024-29225 | WRC-X3200GST3-B v1.25 and earlier, and WRC-G01-W v1.24 and earlier allow a network-adjacent unauthenticated attacker to obtain the configuration file containing sensitive information by sending a specially crafted request. | -- | Apr 4, 2024 |
CVE-2018-8804 | WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file. | MEDIUM | Mar 27, 2018 |
CVE-2017-17501 | WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file. | MEDIUM | Dec 10, 2017 |
CVE-2020-25674 | WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times, attempting to pass invalid colormap data to the event logger. The patch replaces the hardcoded 256 value with a call to MagickMin() to ensure the proper value is used. This could impact application availability when a specially crafted input file is processed by ImageMagick. This flaw affects ImageMagick versions prior to 7.0.8-68. | MEDIUM | Dec 10, 2020 |
CVE-2020-27761 | WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to `ssize_t` instead to avoid this issue. Red Hat Product Security marked the Severity as Low because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to ImageMagick 7.0.9-0. | MEDIUM | Dec 3, 2020 |
CVE-2017-17498 | WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. | MEDIUM | Dec 10, 2017 |
CVE-2013-0096 | Writer in Microsoft Windows Essentials 2011 and 2012 allows remote attackers to bypass proxy settings and overwrite arbitrary files via crafted URL parameters, aka Windows Essentials Improper URI Handling Vulnerability. | Medium | May 15, 2013 |
CVE-2021-37909 | WriteRegistry function in TSSServiSign component does not filter and verify users’ input, remote attackers can rewrite to the registry without permissions thus perform hijack attacks to execute arbitrary code. | -- | Sep 15, 2021 |
CVE-2019-15141 | WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597. | Medium | Aug 22, 2019 |
CVE-2020-1885 | Writing to an unprivileged file from a privileged OVRRedir.exe process in Oculus Desktop before 1.44.0.32849 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file. | MEDIUM | Apr 9, 2020 |
CVE-2008-4944 | writtercontrol in cdcontrol 1.90 allows local users to overwrite arbitrary files via a symlink attack on /tmp/v-recorder*-out temporary files. | Medium | Nov 6, 2008 |
CVE-2020-14097 | Wrong nginx configuration, causing specific paths to be downloaded without authorization. This affects Xiaomi router AX6 ROM version < 1.0.18. | MEDIUM | Jan 14, 2021 |
CVE-2019-2257 | Wrong permissions in configuration file can lead to unauthorized permission in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 615/16/SD 415, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 855, SDA660, SDM660, SDX20, SDX24 | HIGH | Jun 17, 2019 |
CVE-2019-14001 | Wrong public key usage from existing oem_keystore for hash generation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, QM215, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDX20 | MEDIUM | Apr 16, 2020 |
CVE-2021-29467 | Wrongthink is an encrypted peer-to-peer chat program. A user could check their fingerprint into the service and enter a script to run arbitrary JavaScript on the site. No workarounds exist, but a patch exists in version 2.4.1. | MEDIUM | Apr 22, 2021 |
CVE-2021-21387 | Wrongthink peer-to-peer, end-to-end encrypted messenger with PeerJS and Axolotl ratchet. In wrongthink from version 2.0.0 and before 2.3.0 there was a set of vulnerabilities causing inadequate encryption strength. Part of the secret identity key was disclosed by the fingerprint used for connection. Additionally, the safety number was improperly calculated. It was computed using part of one of the public identity keys instead of being derived from both public identity keys. This caused issues in computing safety numbers which would potentially be exploitable in the real world. Additionally there was inadequate encryption strength due to use of 1024-bit DSA keys. These issues are all fixed in version 2.3.0. | MEDIUM | Mar 19, 2021 |
CVE-2008-3269 | WRPCServer.exe in WinSoftMagic WinRemotePC (WRPC) Lite 2008 and Full 2008 allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet to TCP port 4321. | Medium | Jul 25, 2008 |
CVE-2016-10542 | ws is a simple to use, blazing fast and thoroughly tested websocket client, server and console for node.js, up-to-date against RFC-6455. By sending an overly long websocket payload to a `ws` server, it is possible to crash the node process. This affects ws 1.1.0 and earlier. | MEDIUM | May 31, 2018 |
CVE-2021-32640 | ws is an open source WebSocket client and server library for Node.js. A specially crafted value of the `Sec-Websocket-Protocol` header can be used to significantly slow down a ws server. The vulnerability has been fixed in ws@7.4.6 (https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff). In vulnerable versions of ws, the issue can be mitigated by reducing the maximum allowed length of the request headers using the [`--max-http-header-size=size`](https://nodejs.org/api/cli.html#cli_max_http_header_size_size) and/or the [`maxHeaderSize`](https://nodejs.org/api/http.html#http_http_createserver_options_requestlistener) options. | MEDIUM | May 25, 2021 |
CVE-2008-7137 | WS-Proxy in Eye-Fi 1.1.2 allows remote attackers to cause a denial of service (crash) via an empty query string to port 59278 and other unspecified vectors. | Medium | Sep 2, 2009 |
CVE-2021-3845 | ws-scrcpy is vulnerable to External Control of File Name or Path | MEDIUM | Jan 4, 2022 |
CVE-2017-9426 | ws.php in the Facetag extension 0.0.3 for Piwigo allows SQL injection via the imageId parameter in a facetag.changeTag or facetag.listTags action. | HIGH | Feb 25, 2018 |
CVE-2020-9230 | WS5800-10 version 10.0.3.25 has a denial of service vulnerability. Due to improper verification of specific message, an attacker may exploit this vulnerability to cause specific function to become abnormal. | LOW | Oct 16, 2020 |
CVE-2011-1483 | wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterprise BRMS Platform 5.1.0; and JBoss Enterprise Web Platform 5.1.1 does not properly handle recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted request containing an XML document with a DOCTYPE declaration and a large number of nested entity references, a similar issue to CVE-2003-1564. | Medium | Jul 29, 2013 |
CVE-2022-41905 | WsgiDAV is a generic and extendable WebDAV server based on WSGI. Implementations using this library with directory browsing enabled may be susceptible to Cross Site Scripting (XSS) attacks. This issue has been patched, users can upgrade to version 4.1.0. As a workaround, set `dir_browser.enable = False` in the configuration. | -- | Nov 11, 2022 |
CVE-2011-3820 | WSN Software 6.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/prestart.php and certain other files. | Medium | Sep 26, 2011 |
CVE-2020-13226 | WSO2 API Manager 3.0.0 does not properly restrict outbound network access from a Publisher node, opening up the possibility of SSRF to this node\'s entire intranet. | HIGH | May 21, 2020 |
CVE-2020-17454 | WSO2 API Manager 3.1.0 and earlier has reflected XSS on the publisher component\'s admin interface. More precisely, it is possible to inject an XSS payload into the owner POST parameter, which does not filter user inputs. By putting an XSS payload in place of a valid Owner Name, a modal box appears that writes an error message concatenated to the injected payload (without any form of data encoding). This can also be exploited via CSRF. | MEDIUM | Oct 22, 2020 |
CVE-2017-14651 | WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath parameter. | LOW | Sep 21, 2017 |
CVE-2020-25516 | WSO2 Enterprise Integrator 6.6.0 or earlier contains a stored cross-site scripting (XSS) vulnerability in BPMN explorer tasks. | LOW | Oct 29, 2020 |
CVE-2020-11885 | WSO2 Enterprise Integrator through 6.6.0 has an XXE vulnerability where a user (with admin console access) can use the XML validator to make unintended network invocations such as SSRF via an uploaded file. | MEDIUM | Apr 17, 2020 |
CVE-2018-8716 | WSO2 Identity Server before 5.5.0 has XSS via the dashboard, allowing attacks by low-privileged attackers. | LOW | Apr 25, 2018 |
CVE-2019-18882 | WSO2 IS as Key Manager 5.7.0 allows stored XSS in download-userinfo.jag because Content-Type is mishandled. | MEDIUM | Nov 12, 2019 |
CVE-2019-18881 | WSO2 IS as Key Manager 5.7.0 allows unauthenticated reflected XSS in the dashboard user profile. | MEDIUM | Nov 12, 2019 |
CVE-2020-17453 | WSO2 Management Console through 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter. | MEDIUM | Apr 5, 2021 |
CVE-2009-0504 | WSPolicy in the Web Services component in IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.1 does not properly recognize the IDAssertion.isUsed binding property, which allows local users to discover a password by reading a SOAP message. | Low | Feb 18, 2009 |
CVE-2021-20731 | WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allow an attacker to execute arbitrary OS commands with root privileges via unspecified vectors. | HIGH | Jun 9, 2021 |