CVE-2020-25013

JetBrains ToolBox before version 1.18 is vulnerable to a Denial of Service attack via a browser protocol handler...

PT-2020-17638 · Rust · Lever

Name of the Vulnerable Software and Affected Versions: lever crate versions prior to 0.1.1 Description: The issue concerns the implementation of the Send and Sync traits for all types T by AtomicBox, which is designed for use across threads. This implementation allows non-Send types, such as Rc,...

CVE-2020-27402

The HK1 Box S905X3 TV Box contains a vulnerability that allows a local unprivileged user to escalate to root using the /system/xbin/su binary via a serial port UART connection or using adb...

CVE-2020-27402

The HK1 Box S905X3 TV Box contains a vulnerability that allows a local unprivileged user to escalate to root using the /system/xbin/su binary via a serial port UART connection or using adb...

Design/Logic Flaw

The HK1 Box S905X3 TV Box contains a vulnerability that allows a local unprivileged user to escalate to root using the /system/xbin/su binary via a serial port UART connection or using adb...

CVE-2020-27402

The CVE-2020-27402 entry concerns the HK1 Box S905X3 TV Box, where a local unprivileged user can escalate to root by abusing the /system/xbin/su binary over a serial UART connection or via adb. The connected documents confirm the vulnerability vector is local (no user interaction required) and re...

CVE-2020-27402

The HK1 Box S905X3 TV Box contains a vulnerability that allows a local unprivileged user to escalate to root using the /system/xbin/su binary via a serial port UART connection or using adb...

Monitorr 1.7.6m Remote Code Execution

!/usr/bin/python -- coding: UTF-8 -- Exploit Title: Monitorr 1.7.6m - Remote Code Execution Unauthenticated Date: September 12, 2020 Exploit Author: Lyhin's Lab Detailed Bug Description:...

January 23, 2020—KB4534321 (OS Build 17763.1012)

January 23, 2020—KB4534321 OS Build 17763.1012 For more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article. Highlights Updates an issue with Windows Mixed Reality that occurs after upgrading to a n...

CVE-2020-26887

FRITZ!OS before 7.21 on FRITZ!Box devices allows a bypass of a DNS Rebinding protection mechanism...

Authentication flaw

FRITZ!OS before 7.21 on FRITZ!Box devices allows a bypass of a DNS Rebinding protection mechanism...

CVE-2020-26887

CVE-2020-26887 affects FRITZ!Box devices running FRITZ!OS 7.20 and earlier. The issue is a DNS Rebinding protection bypass in FRITZ!Box DNS processing, allowing DNS responses that could reach local network IPs to bypass protection. Affected product: FRITZ!Box (examples include 7490; may include o...

Cross site request forgery (csrf)

WSO2 API Manager 3.1.0 and earlier has reflected XSS on the "publisher" component's admin interface. More precisely, it is possible to inject an XSS payload into the owner POST parameter, which does not filter user inputs. By putting an XSS payload in place of a valid Owner Name, a modal box...

AVM Fritz!Box Security Bypass Vulnerability

The AVM Fritz!Box is a wireless router from the German company AVM. A security vulnerability exists in FRITZ!Box version 7.20 and prior versions, which stems from suffering a DNS rebinding protection bypass vulnerability. No detailed vulnerability details are currently available...

AVM FRITZ!Box DNS Rebinding Protection Bypass (CVE-2020-26887)

Multiple AVM FRITZ!Box devices are prone to a DNS rebinding protection bypass. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

AVM FRITZ!Box < 7.20 'Beyond Kr00k' Information Disclosure Vulnerability

Multiple AVM FRITZ!Box devices are prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

AVM FRITZ!Box TCP SACK PANIC - Kernel Vulnerabilities

Multiple AVM FRITZ!Box devices are prone to multiple Denial of Service vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

FRITZ!Box 7.20 DNS Rebinding Protection Bypass

Advisory: FRITZ!Box DNS Rebinding Protection Bypass RedTeam Pentesting discovered a vulnerability in FRITZ!Box router devices which allows to resolve DNS answers that point to IP addresses in the private local network, despite the DNS rebinding protection mechanism. Details ======= Product:...

FRITZ!Box 7.20 DNS Rebinding Protection Bypass Vulnerability

FRITZ!Box DNS Rebinding Protection Bypass RedTeam Pentesting discovered a vulnerability in FRITZ!Box router devices which allows to resolve DNS answers that point to IP addresses in the private local network, despite the DNS rebinding protection mechanism. Details ======= Product: FRITZ!Box 7490...

iptvboxkorea.com Cross Site Scripting vulnerability OBB-1413380

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...