What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-02-04 07:15:13 | CVE-2020-13586 (lien direct) | A memory corruption vulnerability exists in the Excel Document SST Record 0x00fc functionality of SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014). A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | Vulnerability Guideline | ||
|
2021-02-03 17:15:16 | CVE-2021-25275 (lien direct) | SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login details from that file, including the login name and its associated password. Then, the credentials can be used to get database owner access to the SWNetPerfMon.DB database. This gives access to the data collected by SolarWinds applications, and leads to admin access to the applications by inserting or changing authentication data stored in the Accounts table of the database. | Guideline | ||
|
2021-02-03 16:15:15 | CVE-2021-25770 (lien direct) | In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution. | Guideline | ||
|
2021-02-03 16:15:14 | CVE-2021-25758 (lien direct) | In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace model could lead to code execution. | Guideline | ||
|
2021-02-03 16:15:13 | CVE-2020-28895 (lien direct) | In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption. | Guideline | ||
|
2021-02-03 00:15:17 | CVE-2021-0365 (lien direct) | In display driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05454782. | Guideline | ||
|
2021-02-03 00:15:16 | CVE-2021-0362 (lien direct) | In aee, there is a possible memory corruption due to a stack buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05457070. | Guideline | ||
|
2021-02-03 00:15:16 | CVE-2021-0359 (lien direct) | In netdiag, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05442011. | Guideline | ||
|
2021-02-03 00:15:16 | CVE-2021-0360 (lien direct) | In netdiag, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05442006. | Guideline | ||
|
2021-02-03 00:15:16 | CVE-2021-0361 (lien direct) | In kisd, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05449968. | Guideline | ||
|
2021-02-03 00:15:16 | CVE-2021-0364 (lien direct) | In mobile_log_d, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05458478; Issue ID: ALPS05458503. | Guideline | ||
|
2021-02-03 00:15:16 | CVE-2021-0363 (lien direct) | In mobile_log_d, there is a possible command injection due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05458478. | Guideline | ||
|
2021-02-03 00:15:15 | CVE-2021-0356 (lien direct) | In netdiag, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05442014. | Guideline | ||
|
2021-02-03 00:15:15 | CVE-2021-0358 (lien direct) | In netdiag, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05442022. | Guideline | ||
|
2021-02-03 00:15:15 | CVE-2021-0357 (lien direct) | In netdiag, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05442002. | Guideline | ||
|
2021-02-03 00:15:15 | CVE-2021-0353 (lien direct) | In kisd, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05425247. | Guideline | ||
|
2021-02-03 00:15:15 | CVE-2021-0355 (lien direct) | In kisd, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05425581. | Guideline | ||
|
2021-02-03 00:15:15 | CVE-2021-0354 (lien direct) | In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05431161. | Guideline | ||
|
2021-02-03 00:15:14 | CVE-2021-0352 (lien direct) | In RT regmap driver, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05453809. | Guideline | ||
|
2021-02-02 22:15:12 | CVE-2021-21293 (lien direct) | blaze is a Scala library for building asynchronous pipelines, with a focus on network IO. All servers running blaze-core before version 0.14.15 are affected by a vulnerability in which unbounded connection acceptance leads to file handle exhaustion. Blaze, accepts connections unconditionally on a dedicated thread pool. This has the net effect of amplifying degradation in services that are unable to handle their current request load, since incoming connections are still accepted and added to an unbounded queue. Each connection allocates a socket handle, which drains a scarce OS resource. This can also confound higher level circuit breakers which work based on detecting failed connections. The vast majority of affected users are using it as part of http4s-blaze-server | Vulnerability Guideline | ||
|
2021-02-02 22:15:12 | CVE-2021-21294 (lien direct) | Http4s (http4s-blaze-server) is a minimal, idiomatic Scala interface for HTTP services. Http4s before versions 0.21.17, 0.22.0-M2, and 1.0.0-M14 have a vulnerability which can lead to a denial-of-service. Blaze-core, a library underlying http4s-blaze-server, accepts connections unboundedly on its selector pool. This has the net effect of amplifying degradation in services that are unable to handle their current request load, since incoming connections are still accepted and added to an unbounded queue. Each connection allocates a socket handle, which drains a scarce OS resource. This can also confound higher level circuit breakers which work based on detecting failed connections. http4s provides a general "MaxActiveRequests" middleware mechanism for limiting open connections, but it is enforced inside the Blaze accept loop, after the connection is accepted and the socket opened. Thus, the limit only prevents the number of connections which can be simultaneously processed, not the number of connections which can be held open. In 0.21.17, 0.22.0-M2, and 1.0.0-M14, a new "maxConnections" property, with a default value of 1024, has been added to the `BlazeServerBuilder`. Setting the value to a negative number restores unbounded behavior, but is strongly disrecommended. The NIO2 backend does not respect `maxConnections`. Its use is now deprecated in http4s-0.21, and the option is removed altogether starting in http4s-0.22. There are several possible workarounds described in the refrenced GitHub Advisory GHSA-xhv5-w9c5-2r2w. | Vulnerability Guideline | ★★★ | |
|
2021-02-02 19:15:14 | CVE-2021-25912 (lien direct) | Prototype pollution vulnerability in 'dotty' versions 0.0.1 through 0.1.0 allows attackers to cause a denial of service and may lead to remote code execution. | Vulnerability Guideline | ||
|
2021-02-02 13:15:12 | CVE-2020-25506 (lien direct) | D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi component, which can lead to remote arbitrary code execution. | Guideline | ||
|
2021-02-02 11:15:13 | CVE-2020-28495 (lien direct) | This affects the package total.js before 3.4.7. The set function can be used to set a value into the object according to the path. However the keys of the path being set are not properly sanitized, leading to a prototype pollution vulnerability. The impact depends on the application. In some cases it is possible to achieve Denial of service (DoS), Remote Code Execution or Property Injection. | Guideline | ||
|
2021-02-01 16:15:12 | CVE-2020-13562 (lien direct) | A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnaerability in the phpGACL template action parameter. | Vulnerability Guideline | ★★★ | |
|
2021-02-01 16:15:12 | CVE-2020-13563 (lien direct) | A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnerability in the phpGACL template group_id parameter. | Vulnerability Guideline | ★★★★ | |
|
2021-02-01 16:15:12 | CVE-2020-13564 (lien direct) | A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnerability in the phpGACL template acl_id parameter. | Vulnerability Guideline | ||
|
2021-02-01 14:15:12 | CVE-2020-28194 (lien direct) | Variable underflow exists in accel-ppp radius/packet.c when receiving a RADIUS vendor-specific attribute with length field is less than 2. It has an impact only when the attacker controls the RADIUS server, which can lead to arbitrary code execution. | Guideline | ||
|
2021-01-30 05:15:12 | CVE-2020-15568 (lien direct) | TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with (for example) OS commands in the opt parameter. | Vulnerability Guideline | ||
|
2021-01-28 19:15:13 | CVE-2021-25647 (lien direct) | Mobile application "Testes de Codigo" v11.3 and prior allows stored XSS by injecting a payload in the "feedback" message field causing it to be stored in the remote database and leading to its execution on client devices when loading the "feedback list", either by accessing the website directly or using the mobile application. | Guideline | ||
|
2021-01-28 13:15:11 | CVE-2020-13569 (lien direct) | A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request can lead to the execution of arbitrary requests in the context of the victim. An attacker can send an HTTP request to trigger this vulnerability. | Vulnerability Guideline | ||
|
2021-01-27 17:15:13 | CVE-2020-4865 (lien direct) | IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190741. | Vulnerability Guideline | ||
|
2021-01-27 17:15:12 | CVE-2020-4855 (lien direct) | IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190457. | Vulnerability Guideline | ||
|
2021-01-27 17:15:12 | CVE-2020-4787 (lien direct) | IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 189224. | Guideline | ||
|
2021-01-27 17:15:11 | CVE-2020-4786 (lien direct) | IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 189221. | Guideline | ||
|
2021-01-27 17:15:11 | CVE-2020-4524 (lien direct) | IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182434. | Vulnerability Guideline | ||
|
2021-01-27 13:15:13 | CVE-2020-4820 (lien direct) | IBM Cloud Pak for Security (CP4S) 1.4.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | Vulnerability Guideline | ||
|
2021-01-26 22:15:12 | CVE-2021-1071 (lien direct) | NVIDIA Tegra kernel in Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, all L4T versions prior to r32.5, contains a vulnerability in the INA3221 driver in which improper access control may lead to unauthorized users gaining access to system power usage data, which may lead to information disclosure. | Vulnerability Guideline | ||
|
2021-01-26 22:15:12 | CVE-2021-1070 (lien direct) | NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied, which may lead to an unprivileged user being able to modify system device tree files, leading to denial of service. | Vulnerability Guideline | ||
|
2021-01-26 20:15:12 | CVE-2021-3308 (lien direct) | An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will leak any vectors used by the MSI(-X) entries that the guest might had enabled, and hence will lead to vector exhaustion on the system, not allowing further PCI pass through devices to work properly. HVM guests with PCI pass through devices can mount a Denial of Service (DoS) attack affecting the pass through of PCI devices to other guests or the hardware domain. In the latter case, this would affect the entire host. | Guideline | ||
|
2021-01-26 19:15:12 | CVE-2020-13582 (lien direct) | A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. | Vulnerability Guideline | ||
|
2021-01-26 19:15:12 | CVE-2020-27274 (lien direct) | Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233). | Guideline | ||
|
2021-01-26 18:16:22 | CVE-2021-25908 (lien direct) | An issue was discovered in the fil-ocl crate through 2021-01-04 for Rust. From can lead to a double free. | Guideline | ||
|
2021-01-26 18:16:22 | CVE-2021-25904 (lien direct) | An issue was discovered in the av-data crate before 0.3.0 for Rust. A raw pointer is dereferenced, leading to a read of an arbitrary memory address, sometimes causing a segfault. | Guideline | ||
|
2021-01-26 18:16:22 | CVE-2021-25901 (lien direct) | An issue was discovered in the lazy-init crate through 2021-01-17 for Rust. Lazy lacks a Send bound, leading to a data race. | Guideline | ||
|
2021-01-26 18:16:19 | CVE-2021-22873 (lien direct) | Revive Adserver before 5.1.0 is vulnerable to open redirects via the `dest`, `oadest`, and/or `ct0` parameters of the lg.php and ck.php delivery scripts. Such open redirects had previously been available by design to allow third party ad servers to track such metrics when delivering ads. However, third party click tracking via redirects is not a viable option anymore, leading to such open redirect functionality being removed and reclassified as a vulnerability. | Guideline | ||
|
2021-01-26 18:16:19 | CVE-2021-22871 (lien direct) | Revive Adserver before 5.1.0 permits any user with a manager account to store possibly malicious content in the URL website property, which is then displayed unsanitized in the affiliate-preview.php tag generation screen, leading to a persistent cross-site scripting (XSS) vulnerability. | Guideline | ||
|
2021-01-26 18:16:18 | CVE-2021-21723 (lien direct) | Some ZTE products have a DoS vulnerability. Due to the improper handling of memory release in some specific scenarios, a remote attacker can trigger the vulnerability by performing a series of operations, resulting in memory leak, which may eventually lead to device denial of service. This affects: ZXR10 9904, ZXR10 9908, ZXR10 9916, ZXR10 9904-S, ZXR10 9908-S; all versions up to V1.01.10.B12. | Vulnerability Guideline | ||
|
2021-01-26 18:15:57 | CVE-2020-36229 (lien direct) | A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. | Guideline | ||
|
2021-01-26 18:15:57 | CVE-2020-36230 (lien direct) | A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. | Guideline |
To see everything:
Our RSS (filtrered)
