hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range.

...

Design/Logic Flaw

In solidus before versions 2.8.6, 2.9.6, and 2.10.2, there is an bility to change order address without triggering address validations. This vulnerability allows a malicious customer to craft request data with parameters that allow changing the address of the current order without changing the...

CVE-2020-15109

Summary: CVE-2020-15109 affects Solidus before 2.8.6, 2.9.6, and 2.10.2, enabling a malicious customer to change the current order’s address via crafted checkout data without updating shipment costs, impacting stores with at least two shipping zones and varying zone costs. Root cause: the checkou...

Radancy: [mijn.werkenbijdefensie.nl] Denial of service occurs due to lack of email length confirmation

Creating an account on https://mijn.werkenbijdefensie.nl/profielaanmaken/ could be done with a very long emailaddress. A max email address length validation check has been implemented as per RFC the maximum length allowed for an email address is 255 characters. However, we don't validate email...

SAP Fiori Input Validation Error Vulnerability

SAP Fiori, a user experience UX design system for SAP applications from SAP, Germany, provides designers and developers with a set of tools and guidelines to quickly develop applications for any platform, delivering a consistent, innovative experience for creators and users. An input validation...

DEBIAN-CVE-2020-13765

romcopy in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation...

UBUNTU-CVE-2020-13765

romcopy in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation...

CVE-2020-13765

romcopy in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation...

CVE-2020-13765

romcopy in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation...

CVE-2020-13765

romcopy in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation...

Design/Logic Flaw

sdwpaddr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhciwrite operations. A guest OS user can crash the QEMU process...

Denial Of Service (DoS)

wpasupplicant is vulnerable to denial of service. The vulnerability exists as it allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF aka management frame protection...

ManageEngine Asset Explorer Windows Agent Remote Code Execution

XL-2020-003 - Asset Explorer Windows Agent - Remote Code Execution =============================================================================== Identifiers ------------------------------------------------- CVE-2020-8838 XL-20-003 CVSSv3 score ------------------------------------------------- 7...

libreoffice: Insufficient URL validation allowing LibreLogo script execution

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on...

FreeBSD bhyve code execution vulnerability

FreeBSD is a Unix-like operating system from the FreeBSD Foundation. bhyve is a virtual machine hypervisor used in it. A security vulnerability exists in the 'grub2-bhyve' port in versions of FreeBSD bhyve 525916 prior to 2020-02-12, which stems from the port failing to properly validate the...

CVE-2020-10565

grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command read or write by a guest through a grub2.cfg file. This allows an untrusted guest to perform arbitrary read or write operations in the context of the grub-bhy...

Design/Logic Flaw

grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command read or write by a guest through a grub2.cfg file. This allows an untrusted guest to perform arbitrary read or write operations in the context of the grub-bhy...

[SECURITY] [DSA 4611-1] opensmtpd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4611-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 29, 2020 https://www.debian.org/security/faq -...

OpenBSD OpenSMTPD Privilege Escalation / Code Execution

Qualys Security Advisory LPE and RCE in OpenSMTPD CVE-2020-7247 ============================================================================== Contents ============================================================================== Summary Analysis Exploitation Acknowledgments...

EulerOS Virtualization for ARM 64 3.0.5.0 : wpa_supplicant (EulerOS-SA-2020-1073)

According to the versions of the wpasupplicant package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - hostapd before 2.10 and wpasupplicant before 2.10 allow an incorrect indication of disconnection in certain...