CVE-2021-21744

The CVE-2021-21744 issue in ZTE MF971R is a pre-auth configuration file control vulnerability in the web API goform_get_cmd_process path. An unauthenticated attacker can trigger config_entry overwrite by passing a cmd value not in the predefined list, triggering config_update() to write a 0 flag,...

FUSE - A Penetration Testing Tool For Finding File Upload Bugs

FUSE is a penetration testing system designed to identify Unrestricted Executable File Upload UEFU vulnerabilities. The details of the testing strategy is in our paper, "FUSE: Finding File Upload Bugs via Penetration Testing", which appeared in NDSS 2020. To see how to configure and execute FUSE,...

IBM Sterling B2B Integrator Information Disclosure Vulnerability (CNVD-2021-78440)

IBM Sterling B2B Integrator is a transaction engine, a set of components that run the processes you define and manage based on your business needs. IBM Sterling B2B Integrator versions 5.2.0.0-5.2.6.54, 6.0.0.0-6.0.0.6, 6.0.1.0-6.0. 3.4, and 6.1.0.0-6.1.0.3 versions are vulnerable to information...

Path Traversal

Apache HTTP Server is vulnerable to path traversal attacks. An attacker could use a path traversal attack to map URLs to the files outside of the document root are not protected by the “require all denied” directive in the Apache configuration file...

IBM Sterling B2B Integrator 信息泄露漏洞

IBM Sterling B2B Integrator is a transaction engine, a set of components that run the processes you define and manage based on your business needs. IBM Sterling B2B Integrator versions 5.2.0.0-5.2.6.54, 6.0.0.0-6.0.0.6, 6.0.1.0-6.0. 3.4, and 6.1.0.0-6.1.0.3 versions are vulnerable to information...

CVE-2021-41092

Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file typically /.docker/config.json listing a credsStore or credHelpers that could not be...

CVE-2021-41092

Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file typically /.docker/config.json listing a credsStore or credHelpers that could not be...

CVE-2021-41092 Docker CLI leaks private registry credentials to registry-1.docker.io

Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file typically /.docker/config.json listing a credsStore or credHelpers that could not be...

PT-2021-15141 · Google · Slo Generator

Name of the Vulnerable Software and Affected Versions: SLO Generator versions prior to the version including https://github.com/google/slo-generator/pull/173 Description: The SLO generator has an issue where it allows for the loading of YAML files. If these files are crafted in a specific format,...

CVE-2021-33693

SAP Cloud Connector, version - 2.0, allows an authenticated administrator to modify a configuration file to inject malicious codes that could potentially lead to OS command execution...

CVE-2021-33693

SAP Cloud Connector, version - 2.0, allows an authenticated administrator to modify a configuration file to inject malicious codes that could potentially lead to OS command execution...

Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai

Exploit Title: Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai Date: 2021-09-11 Exploit Author: Abhiram V Vendor Homepage: https://parl.ai/ Software Link: https://github.com/facebookresearch/ParlAI Version: 1.1.0 Tested on: Linux CVE: CVE-2021-24040 References :...

The vulnerability of the OpenVPN Connect software lies in its shortcomings regarding system library calls. This allows a hacker to execute arbitrary code with the same level of privileges as the main OpenVPN process.

The vulnerability of the OpenVPN Connect software is related to deficiencies in the mechanism for calling system libraries. Exploiting this vulnerability allows an attacker to execute arbitrary code with the same level of privileges as the main OpenVPN process, using the OpenSSL configuration fil...

Design/Logic Flaw

An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software...

ROS-2-1468

2.1468 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

CVE-2020-15939

An improper access control vulnerability CWE-284 in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an authenticated, unprivileged attacker to download the device configuration file via the recovery URL...

CVE-2020-15939

FortiSandbox contains an improper access control vulnerability (CWE-284) that affects versions 3.2.1 and below and 3.1.4 and below. An authenticated, unprivileged attacker could download the device configuration file via the recovery URL. This CVE is supported by multiple sources (NVD entry CVE-2...

CVE-2020-15939

An improper access control vulnerability CWE-284 in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an authenticated, unprivileged attacker to download the device configuration file via the recovery URL...

ISC BIND Winsock API Vulnerability (CVE-2013-6230) - Windows

ISC BIND is prone to a vulnerability in the Winsock API. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

Command Injection in Simiki

Command Injection in Simiki v1.6.2.1 and prior allows remote attackers to execute arbitrary system commands via line 64 of the component 'simiki/blob/master/simiki/config.py'...