CVE-2021-39316

The Zoomsounds plugin = 6.45 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the dzsapdownload action using directory traversal in the link parameter...

nodejs-ini: Prototype pollution via malicious INI file

A flaw was found in nodejs-ini. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context...

Omron CX-One Stack Buffer Overflow (CVE-2020-27261)

A stack-based overflow exists in the CX-Position module of OMRON CX-One. The vulnerability is due to input validation error when processing NCI configuration files...

Cisco Firepower Threat Defense Software Multi-Instance Container Escape (cisco-sa-ftd-container-esc-FmYqFBQV)

According to its self-reported version, Cisco Firepower Threat Defense Software is affected by a vulnerability in the multi-instance feature that allows an authenticated, local attacker to escape the container for their Cisco FTD instance and execute commands with root privileges in the host...

Information disclosure

OneNav 0.9.12 allows Information Disclosure of the onenav.db3 contents. NOTE: the vendor's recommended solution is to block the access via an NGINX configuration file...

CVE-2021-38712

Affected product: OneNav 0.9.12. Vulnerability: information disclosure of the onenav.db3 contents. The provided documents do not specify the exact root cause or exploited components beyond this disclosure. Impact: exposes database contents; no other impacts are detailed. Remediation / mitigation:...

CVE-2021-34823

The ON24 ScreenShare aka DesktopScreenShare.app plugin before 2.0 for macOS allows remote file access via its built-in HTTP server. This allows unauthenticated remote users to retrieve files accessible to the logged-on macOS user. When a remote user sends a crafted HTTP request to the server, it...

Cisco Packet Tracer for Windows DLL Injection (cisco-sa-packettracer-dll-inj-Qv8Mk5Jx)

According to its self-reported version, Cisco Packet Tracer for Windows is affected by a DLL Injection vulnerability. An authenticated, local attacker could exploit this, by inserting a configuration file in a specific path on the system, to cause a malicious DLL file to be loaded. Successful...

CVE-2020-25561

SapphireIMS 5 utilized default sapphire:ims credentials to connect the client to server. This credential is saved in ServerConf.config file in the client...

Buffalo和Arcadyan多款路由器认证绕过RCE等多个漏洞

Tenable has discovered multiple vulnerabilities in routers manufactured by Arcadyan. During the disclosure process for the issues discovered in the Buffalo routers, Tenable discovered that CVE-2021-20090 affected many more devices, as the root cause of the vulnerability exists in the underlying...

Totolink A720R Access Control Error Vulnerability

The Totolink A720R is a wireless router from Taiwan, China's Gion Electronics Totolink. A security vulnerability exists in the TOTOLINK A720R that originates from a network system or product that does not properly restrict access to resources from unauthorized roles. An attacker can exploit the...

CVE-2021-35326

A vulnerability in TOTOLINK A720R router with firmware v4.1.5cu.470B20200911 allows attackers to download the configuration file via sending a crafted HTTP request...

Cross site request forgery (csrf)

A vulnerability in TOTOLINK A720R router with firmware v4.1.5cu.470B20200911 allows attackers to download the configuration file via sending a crafted HTTP request...

Directory traversal

Authenticated Directory Traversal in WordPress Download Manager = 3.1.24 allows authenticated Contributor+ users to obtain sensitive configuration file information, as well as allowing Author+ users to perform XSS attacks, by setting Download template to a file containing configuration informatio...

CVE-2021-34638

WordPress Download Manager

Design/Logic Flaw

A vulnerability in Cisco Packet Tracer for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. This vulnerability is due to incorrect handling o...

CVE-2021-1593 Cisco Packet Tracer for Windows DLL Injection Vulnerability

A vulnerability in Cisco Packet Tracer for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. This vulnerability is due to incorrect handling o...

CVE-2021-1593 Cisco Packet Tracer for Windows DLL Injection Vulnerability

A vulnerability in Cisco Packet Tracer for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. This vulnerability is due to incorrect handling o...

Cisco Packet Tracer for Windows DLL Injection Vulnerability

A vulnerability in Cisco Packet Tracer for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. This vulnerability is due to incorrect handling o...

FortiSandbox - Unauthorized user able to download the device configuration file.

An improper access control vulnerability CWE-284 in FortiSandbox may allow an authenticated, unprivileged attacker to download the device configuration file via the recovery URL...