Code injection

HedgeDoc formerly known as CodiMD is an open-source collaborative markdown editor. An attacker is able to receive arbitrary files from the file system when exporting a note to PDF. Since the code injection has to take place as note content, there fore this exploit requires the attackers ability t...

PT-2021-18239 · Hedgedoc · Hedgedoc

Name of the Vulnerable Software and Affected Versions: HedgeDoc versions prior to 1.5.0 Description: The issue affects HedgeDoc, an open-source collaborative markdown editor, where an attacker can receive arbitrary files from the file system when exporting a note to PDF. This exploit requires the...

Wowza Media Systems Streaming Engine 权限许可和访问控制问题漏洞

Wowza Media Systems Streaming Engine is a suite of streaming media server software from Wowza Media Systems in the United States. A privilege-granting and access-control issue vulnerability exists in Wowza Media Systems Streaming Engine 4.8.5 and earlier versions, which stems from a file-permissi...

CVE-2021-21645

A flaw was found in the config-file-provider Jenkins plugin. The plugin does not perform permission checks in several HTTP endpoints, as a consequence an attacker with Overall/Read permission is allowed to enumerate configuration file IDs...

Design/Logic Flaw

Jenkins Config File Provider Plugin 3.7.0 and earlier does not perform permission checks in several HTTP endpoints, attackers with Overall/Read permission to enumerate configuration file IDs...

PT-2021-14688 · Jenkins · Jenkins Config File Provider Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Config File Provider Plugin versions 3.7.0 and earlier Description: The issue concerns a lack of permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate configuration file IDs. This ca...

PT-2021-15132 · Unknown · Vscode-Bazel

Name of the Vulnerable Software and Affected Versions: vscode-bazel versions prior to 0.4.1 Description: An attacker can place a crafted JSON config file into the project folder, pointing to a custom executable, allowing the execution of any executable on the system through vscode-bazel. This is...

HTMLy 跨站脚本漏洞

HTMLy is a PHP-based open source blogging platform. A cross-site scripting vulnerability exists in htmly 2.8.0, which originates from config.html.php...

GHSA-86HP-CJ9J-33VV Insertion of Sensitive Information into Log File, Invocation of Process Using Visible Sensitive Information, and Exposure of Sensitive Information to an Unauthorized Actor in Ansible

A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl...

How to Run Provisioning File on Receiver for Android

This article is intended for Citrix administrators and technical teams only.Non-admin users must contact their company’s Help Desk/IT support team and can refer toCTX297149for more information This article describes about configuring a store on Receiver for Android by executing a provisioning fil...

Design/Logic Flaw

Jenkins Jabber XMPP notifier and control Plugin 1.41 and earlier stores passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

PT-2021-4110 · Genivia +1 · Genivi Diagnostic Log/Trace +1

Name of the Vulnerable Software and Affected Versions: GENIVI Diagnostic Log and Trace DLT versions 2.10.0 through 2.18.6 Description: The issue is related to the incorrect handling of special characters in configuration files, which can cause a vulnerable component to crash. This can lead to...

PT-2021-14677 · Jenkins · Jenkins Jabber (Xmpp) Notifier/Control Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Jabber XMPP notifier and control Plugin versions 1.41 and earlier Description: The issue concerns the storage of passwords in the global configuration file on the Jenkins controller. Specifically, passwords are stored unencrypted in t...

CVE-2021-27450

GE MU320E firmware prior to v04A00.1 contains an SSH server configuration weakness (inadequate encryption strength) due to not following best practices in the SSH server config. This could contribute to misconfigurations or enable broader attacks on the device. Affected firmware lines up to v04A0...

Cisco IOS XE Command Injection Vulnerability (CNVD-2021-22914)

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A command injection vulnerability exists in the web UI of Cisco IOS XE. The vulnerability stems from the affected software not properly validating values parsed from a specific...

CVE-2021-1443

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying operating system of an affected device. The vulnerability exists because the affected software improperly sanitizes values that are...

Design/Logic Flaw

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying operating system of an affected device. The vulnerability exists because the affected software improperly sanitizes values that are...

CVE-2021-1443 Cisco IOS XE Software Web UI OS Command Injection Vulnerability

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying operating system of an affected device. The vulnerability exists because the affected software improperly sanitizes values that are...

CVE-2021-1443 Cisco IOS XE Software Web UI OS Command Injection Vulnerability

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying operating system of an affected device. The vulnerability exists because the affected software improperly sanitizes values that are...

CVE-2020-36283

HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when using the EEM driver Ethernet Emulation Mode. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to upload a configuration file to the device. An attacker...