What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-03-10 17:47:31 | CVE-2022-26103 (lien direct) | Under certain conditions, SAP NetWeaver (Real Time Messaging Framework) - version 7.50, allows an attacker to access information which could lead to information gathering for further exploits and attacks. | Guideline | ||
|
2022-03-10 17:45:08 | CVE-2022-21132 (lien direct) | Directory traversal vulnerability in pfSense-pkg-WireGuard pfSense-pkg-WireGuard 0.1.5 versions prior to 0.1.5_4 and pfSense-pkg-WireGuard 0.1.6 versions prior to 0.1.6_1 allows a remote authenticated attacker to lead a pfSense user to view a file outside the public folder. | Vulnerability Guideline | ||
|
2022-03-10 17:45:07 | CVE-2022-20060 (lien direct) | In preloader (usb), there is a possible permission bypass due to a missing proper image authentication. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06137462. | Guideline | ||
|
2022-03-10 17:45:07 | CVE-2022-20059 (lien direct) | In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160781. | Guideline | ||
|
2022-03-10 17:45:06 | CVE-2022-20057 (lien direct) | In btif, there is a possible memory corruption due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06271186; Issue ID: ALPS06271186. | Guideline | ||
|
2022-03-10 17:45:06 | CVE-2022-20058 (lien direct) | In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160485. | Guideline | ||
|
2022-03-10 17:45:05 | CVE-2022-20055 (lien direct) | In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160830. | Guideline | ||
|
2022-03-10 17:45:05 | CVE-2022-20054 (lien direct) | In ims service, there is a possible AT command injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219083; Issue ID: ALPS06219083. | Guideline | ||
|
2022-03-10 17:45:05 | CVE-2022-20056 (lien direct) | In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160820. | Guideline | ||
|
2022-03-10 17:45:04 | CVE-2022-20053 (lien direct) | In ims service, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219097; Issue ID: ALPS06219097. | Guideline | ||
|
2022-03-10 17:45:04 | CVE-2022-20051 (lien direct) | In ims service, there is a possible unexpected application behavior due to incorrect privilege assignment. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219127; Issue ID: ALPS06219127. | Guideline | ||
|
2022-03-10 17:45:03 | CVE-2022-20050 (lien direct) | In connsyslogger, there is a possible symbolic link following due to improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06335038; Issue ID: ALPS06335038. | Guideline | ||
|
2022-03-10 17:45:03 | CVE-2022-20049 (lien direct) | In vpu, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05954679; Issue ID: ALPS05954679. | Guideline | ||
|
2022-03-10 17:45:02 | CVE-2022-20047 (lien direct) | In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917489; Issue ID: ALPS05917489. | Guideline | ||
|
2022-03-10 17:45:02 | CVE-2022-20048 (lien direct) | In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917502; Issue ID: ALPS05917502. | Guideline | ||
|
2022-03-10 17:44:56 | CVE-2022-0618 (lien direct) | A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This vulnerability is caused by a logical error when parsing a HTTP/2 HEADERS or HTTP/2 PUSH_PROMISE frame where the frame contains padding information without any other data. This logical error caused confusion about the size of the frame, leading to a parsing error. This parsing error immediately crashes the entire process. Sending a HEADERS frame or PUSH_PROMISE frame with HTTP/2 padding information does not require any special permission, so any HTTP/2 connection peer may send such a frame. For clients, this means any server to which they connect may launch this attack. For servers, anyone they allow to connect to them may launch such an attack. The attack is low-effort: it takes very little resources to send an appropriately crafted frame. The impact on availability is high: receiving the frame immediately crashes the server, dropping all in-flight connections and causing the service to need to restart. It is straightforward for an attacker to repeatedly send appropriately crafted frames, so attackers require very few resources to achieve a substantial denial of service. The attack does not have any confidentiality or integrity risks in and of itself: swift-nio-http2 is parsing the frame in memory-safe code, so the crash is safe. However, sudden process crashes can lead to violations of invariants in services, so it is possible that this attack can be used to trigger an error condition that has confidentiality or integrity risks. The risk can be mitigated if untrusted peers can be prevented from communicating with the service. This mitigation is not available to many services. The issue is fixed by rewriting the parsing code to correctly handle the condition. The issue was found by automated fuzzing by oss-fuzz. | Vulnerability Guideline | ||
|
2022-03-10 17:44:56 | CVE-2022-0725 (lien direct) | A flaw was found in KeePass. The vulnerability occurs due to logging the plain text passwords in the system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs. | Vulnerability Guideline | ||
|
2022-03-10 17:44:55 | CVE-2022-0204 (lien direct) | A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service. | Vulnerability Guideline | ||
|
2022-03-10 17:43:17 | CVE-2021-40049 (lien direct) | There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization. | Vulnerability Guideline | ||
|
2022-03-10 17:42:37 | CVE-2021-34339 (lien direct) | Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file that causes a direct segmentation fault and leads to denial of service. | Guideline | ||
|
2022-03-10 17:42:37 | CVE-2021-34341 (lien direct) | Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service. | Vulnerability Guideline | ||
|
2022-03-10 17:42:37 | CVE-2021-34340 (lien direct) | Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in decompiler.c file that causes a direct segmentation fault and leads to denial of service. | Guideline | ||
|
2022-03-10 17:42:36 | CVE-2021-34338 (lien direct) | Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c file that causes a direct segmentation fault and leads to denial of service. | Guideline | ||
|
2022-03-10 15:15:10 | CVE-2022-0906 (lien direct) | Unrestricted file upload leads to stored XSS in GitHub repository microweber/microweber prior to 1.1.12. | Guideline | ||
|
2022-03-09 23:15:08 | CVE-2022-24745 (lien direct) | Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In affected versions guest sessions are shared between customers when HTTP cache is enabled. This can lead to inconsistent experiences for guest users. Setups with Varnish are not affected by this issue. This issue has been resolved in version 6.4.8.2. Users unable to upgrade should disable the HTTP Cache. | Guideline | ||
|
2022-03-08 20:15:07 | CVE-2022-24715 (lien direct) | Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, with access to the configuration, can create SSH resource files in unintended directories, leading to the execution of arbitrary code. This issue has been resolved in versions 2.8.6, 2.9.6 and 2.10 of Icinga Web 2. Users unable to upgrade should limit access to the Icinga Web 2 configuration. | Guideline | ||
|
2022-03-08 02:15:06 | CVE-2021-43944 (lien direct) | This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Server and Data Center allowed remote attackers with system administrator permissions to execute arbitrary code via Template Injection leading to Remote Code Execution (RCE) in the Email Templates feature. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3. | Guideline | ||
|
2022-03-07 09:15:09 | CVE-2022-0410 (lien direct) | The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.6 does not sanitise and escape the id parameter before using it in a SQL statement via the refUrlDetails AJAX action, available to any authenticated user, leading to a SQL injection | Guideline | ||
|
2022-03-07 09:15:09 | CVE-2022-0347 (lien direct) | The LoginPress | Custom Login Page Customizer WordPress plugin before 1.5.12 does not escape the redirect-page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting | Guideline | ||
|
2022-03-07 09:15:09 | CVE-2022-0349 (lien direct) | The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nx_id parameter before using it in a SQL statement, leading to an Unauthenticated Blind SQL Injection | Guideline | ||
|
2022-03-07 09:15:09 | CVE-2022-0429 (lien direct) | The WP Cerber Security, Anti-spam & Malware Scan WordPress plugin before 8.9.6 does not sanitise the $url variable before using it in an attribute in the Activity tab in the plugins dashboard, leading to an unauthenticated stored Cross-Site Scripting vulnerability. | Malware Guideline | ||
|
2022-03-07 09:15:09 | CVE-2022-0267 (lien direct) | The AdRotate WordPress plugin before 5.8.22 does not sanitise and escape the adrotate_action before using it in a SQL statement via the adrotate_request_action function available to admins, leading to a SQL injection | Guideline | ||
|
2022-03-07 09:15:09 | CVE-2022-0426 (lien direct) | The Product Feed PRO for WooCommerce WordPress plugin before 11.2.3 does not escape the rowCount parameter before outputting it back in an attribute via the woosea_categories_dropdown AJAX action (available to any authenticated user), leading to a Reflected Cross-Site Scripting | Guideline | ||
|
2022-03-07 09:15:09 | CVE-2022-0422 (lien direct) | The White Label CMS WordPress plugin before 2.2.9 does not sanitise and validate the wlcms[_login_custom_js] parameter before outputting it back in the response while previewing, leading to a Reflected Cross-Site Scripting issue | Guideline | ||
|
2022-03-07 09:15:08 | CVE-2021-25039 (lien direct) | The WordPress Multisite Content Copier/Updater WordPress plugin before 2.1.0 does not sanitise and escape the wmcc_content_type, wmcc_source_blog and wmcc_record_per_page parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues | Guideline | ||
|
2022-03-07 09:15:08 | CVE-2021-25038 (lien direct) | The WordPress Multisite User Sync/Unsync WordPress plugin before 2.1.2 does not sanitise and escape the wmus_source_blog and wmus_record_per_page parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues | Guideline | ||
|
2022-03-07 09:15:08 | CVE-2021-25087 (lien direct) | The Download Manager WordPress plugin before 3.2.35 does not have any authorisation checks in some of the REST API endpoints, allowing unauthenticated attackers to call them, which could lead to sensitive information disclosure, such as posts passwords (fixed in 3.2.24) and files Master Keys (fixed in 3.2.25). | Guideline | ||
|
2022-03-07 09:15:08 | CVE-2021-24953 (lien direct) | The Advanced iFrame WordPress plugin before 2022 does not sanitise and escape the ai_config_id parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue | Guideline | ||
|
2022-03-07 09:15:08 | CVE-2021-24824 (lien direct) | The [field] shortcode included with the Custom Content Shortcode WordPress plugin before 4.0.1, allows authenticated users with a role as low as contributor, to access arbitrary post metadata. This could lead to sensitive data disclosure, for example when used in combination with WooCommerce, the email address of orders can be retrieved | Guideline | ||
|
2022-03-07 09:15:08 | CVE-2022-0205 (lien direct) | The YOP Poll WordPress plugin before 6.3.5 does not sanitise and escape some of the settings (available to users with a role as low as author) before outputting them, leading to a Stored Cross-Site Scripting issue | Guideline | ||
|
2022-03-07 09:15:07 | CVE-2021-24778 (lien direct) | The test parameter of the xmlfeed in the Tradetracker-Store WordPress plugin before 4.6.60 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. | Guideline | ||
|
2022-03-07 09:15:07 | CVE-2021-24777 (lien direct) | The view submission functionality in the Hotscot Contact Form WordPress plugin before 1.3 makes a get request with the sub_id parameter which not sanitised, escaped or validated before inserting to a SQL statement, leading to an SQL injection. | Guideline | ||
|
2022-03-06 20:15:07 | CVE-2021-44749 (lien direct) | A vulnerability affecting F-Secure SAFE browser protection was discovered improper URL handling can be triggered to cause universal cross-site scripting through browsing protection in a SAFE web browser. User interaction is required prior to exploitation. A successful exploitation may lead to arbitrary code execution. | Vulnerability Guideline | ||
|
2022-03-04 21:15:09 | CVE-2021-43590 (lien direct) | Dell EMC Enterprise Storage Analytics for vRealize Operations, versions 4.0.1 to 6.2.1, contain a Plain-text password storage vulnerability. A local high privileged malicious user may potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | Guideline | ||
|
2022-03-04 20:15:07 | CVE-2022-23915 (lien direct) | The package weblate from 0 and before 4.11.1 are vulnerable to Remote Code Execution (RCE) via argument injection when using git or mercurial repositories. Authenticated users, can change the behavior of the application in an unintended way, leading to command execution. | Guideline | ||
|
2022-03-04 18:15:08 | CVE-2021-20319 (lien direct) | An improper signature verification vulnerability was found in coreos-installer. A specially crafted gzip installation image can bypass the image signature verification and as a consequence can lead to the installation of unsigned content. An attacker able to modify the original installation image can write arbitrary data, and achieve full access to the node being installed. | Vulnerability Guideline | ||
|
2022-03-04 18:15:08 | CVE-2021-3428 (lien direct) | A flaw was found in the Linux kernel. A denial of service problem is identified if an extent tree is corrupted in a crafted ext4 filesystem in fs/ext4/extents.c in ext4_es_cache_extent. Fabricating an integer overflow, A local attacker with a special user privilege may cause a system crash problem which can lead to an availability threat. | Guideline | ||
|
2022-03-04 18:15:08 | CVE-2022-23233 (lien direct) | StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS) of the Local Distribution Router (LDR) service. | Vulnerability Guideline | ||
|
2022-03-04 18:15:07 | CVE-2021-20303 (lien direct) | A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, leading to an out-of-bounds write on the heap. The greatest impact of this flaw is to application availability, with some potential impact to data integrity as well. | Guideline | ||
|
2022-03-04 16:15:10 | CVE-2021-46382 (lien direct) | Unauthenticated cross-site scripting (XSS) in Netgear WAC120 AC Access Point may lead to mulitple attacks like session hijacking even clipboard hijacking. | Guideline |
To see everything:
Our RSS (filtrered)
