CVE-2021-26724

OS Command Injection vulnerability when changing date settings or hostname using web GUI of Nozomi Networks Guardian and CMC allows authenticated administrators to perform remote code execution. This issue affects: Nozomi Networks Guardian 20.0.7.3 version 20.0.7.3 and prior versions. Nozomi...

CVE-2020-25846 CHANGING Inc. NHIServiSignAdapter Windows Versions - Information Leakage -2

The digest generation function of NHIServiSignAdapter has not been verified for source file path, which leads to the SMB request being redirected to a malicious host, resulting in the leakage of user's credential...

CVE-2020-25845 CHANGING Inc. NHIServiSignAdapter Windows Versions - Information Leakage -1

Multiple functions of NHIServiSignAdapter failed to verify the users’ file path, which leads to the SMB request being redirected to a malicious host, resulting in the leakage of user's credential...

CVE-2020-14369

This release fixes a Cross Site Request Forgery vulnerability was found in Red Hat CloudForms which forces end users to execute unwanted actions on a web application in which the user is currently authenticated. An attacker can make a forgery HTTP request to the server by crafting custom flash fi...

Cross site request forgery (csrf)

This release fixes a Cross Site Request Forgery vulnerability was found in Red Hat CloudForms which forces end users to execute unwanted actions on a web application in which the user is currently authenticated. An attacker can make a forgery HTTP request to the server by crafting custom flash fi...

Privilege escalation

BinaryNights ForkLift 3.x before 3.4 has a local privilege escalation vulnerability because the privileged helper tool implements an XPC interface that allows file operations to any process copy, move, delete as root and changing permissions...

asterisk -- Outbound INVITE loop on challenge with different nonce

The Asterisk project reports: If Asterisk is challenged on an outbound INVITE and the nonce is changed in each response, Asterisk will continually send INVITEs in a loop. This causes Asterisk to consume more and more memory since the transaction will never terminate even if the call is hung up,...

Siemens Polarion Subversion Webclient

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Polarion Subversion Webclient Vulnerabilities: Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS, Cross-site Request Forgery CSRF 2. RISK EVALUATION...

CVE-2020-14369

This release fixes a Cross Site Request Forgery vulnerability was found in Red Hat CloudForms which forces end users to execute unwanted actions on a web application in which the user is currently authenticated. An attacker can make a forgery HTTP request to the server by crafting custom flash fi...

Design/Logic Flaw

In Textpattern 4.5.7, an unprivileged author can change an article's markup setting...

SUSE SLED15 / SLES15 Security Update : java-11-openjdk (SUSE-SU-2020:2143-1)

This update for java-11-openjdk fixes the following issues : Update to upstream tag jdk-11.0.8+10 July 2020 CPU, bsc1174157 - Security fixes : + JDK-8230613: Better ASCII conversions + JDK-8231800: Better listing of arrays + JDK-8232014: Expand DTD support + JDK-8233234: Better Zip Naming +...

RHEL 7 : openstack-keystone (RHSA-2020:3096)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3096 advisory. The OpenStack Identity service keystone authenticates and authorizes OpenStack users by keeping track of users and their permitted activitie...

Using DAST to Expand DevOps Security Coverage

The state of application security is constantly evolving with changing web architectures and approaches. These changes are making security teams employ a wider range of techniques and toolsets to find vulnerabilities within their applications. Web and mobile applications each present their own...

CVE-2020-11682

Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. A RequestVerificationToken is set by the web interface, and included in requests sent by web interface. However, this token is not verified by the application: the token can be removed from all requests and the request...

Cross site request forgery (csrf)

Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. A RequestVerificationToken is set by the web interface, and included in requests sent by web interface. However, this token is not verified by the application: the token can be removed from all requests and the request...

Rockstar Games: Referer Leakge in language changer may lead to FB token theft.

In this report, the researcher identified a CSRF vulnerability in the language changing function on https://www.rockstargames.com/GTAOnline/ that could be combined with other vulnerabilities to result in sensitive token theft such as Oauth tokens. This vulnerability would be triggered when changi...

Friday Squid Blogging: Color-Changing Properties of the Opalescent Inshore Squid

Interesting stuff. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...

The vulnerability of the kscreen utility for supporting multiple monitor configurations in the Astra Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the kscreen utility for supporting multiple monitors in the Astra Linux operating system is related to scaling errors when changing screen resolutions. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

Friday Squid Blogging: Why Mexican Jumbo Squid Populations Have Declined

A group of scientists conclude that it's shifting weather patterns and ocean conditions. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...

Webmin 1.920 password_change.cgi Backdoor Exploit

This Metasploit module exploits a backdoor in Webmin versions 1.890 through 1.920. Only the SourceForge downloads were backdoored, but they are listed as official downloads on the project's site. Unknown attackers inserted Perl qx statements into the build server's source code on two separate...