CVE-2020-14976

GNS3 ubridge through 0.9.18 on macOS, as used in GNS3 server before 2.1.17, allows a local attacker to read arbitrary files because it handles configuration-file errors by printing the configuration file while executing in a setuid root context...

Fortinet FortiWLC Cross-Site Scripting Vulnerability

Fortinet FortiWLC is a wireless LAN controller from Fortinet. A cross-site scripting vulnerability exists in Fortinet FortiWLC 8.5.1 and prior versions. The vulnerability allows an authenticated, remote attacker to execute a stored cross-site scripting attack using an ESS configuration file or...

Insecure File Permission

rtslibfb uses insecure file permissions. The use of shutil.copyfile instead of shutil.copy results in an insecure file permissions for configuration file /etc/target/saveconfig.json as it does not maintain the original permissions set during copy...

SOS JobScheduler 1.13.3 Stored Password Decryption

Exploit Title: SOS JobScheduler 1.13.3 - Stored Password Decryption Google Dork: N/A Date: 2020-04-20 Exploit Author: Sander Ubink Vendor Homepage: www.sos-berlin.com Software Link: www.sos-berlin.com/en/jobscheduler-downloads Version: Tested on 1.12.9 and 1.13.3, vendor reported 1.12 and 1.13...

SOS JobScheduler 1.13.3 - Stored Password Decryption

Exploit Title: SOS JobScheduler 1.13.3 - Stored Password Decryption Google Dork: N/A Date: 2020-04-20 Exploit Author: Sander Ubink Vendor Homepage: www.sos-berlin.com Software Link: www.sos-berlin.com/en/jobscheduler-downloads Version: Tested on 1.12.9 and 1.13.3, vendor reported 1.12 and 1.13...

ceph14 -- HTTP header injection via CORS ExposeHeader tag

Red Hat bugzilla reports: A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection ...

Eaton Intelligent Power Manager (IPM) < 1.68 Multiple Vulnerabilities

Eaton Intelligent Power Manager IPM v1.67 and prior contain multiple vulnerabilities: - Improper Input Validation on file name during configuration file import functionality allows attackers to perform command injection or code execution via specially crafted file names while uploading the...

CVE-2020-12431

A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with...

Privilege escalation

A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with...

CVE-2020-12431

A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with...

Mail.ru: MySQL username and password leaked on [2017.russianaicup.ru]

Configuration file available via web interface could disclosure potenrially sensitive inormation Configuration file available via web interface could disclosure potentially sensitive information...

FRRouting FRR Information Disclosure Vulnerability

FRRouting FRR is a set of software that implements and manages various IPV4 and IPV6 routing protocols. A security vulnerability exists in the split-config feature in FRRouting FRR 7.3.1 and prior versions, which stems from the fact that when the split-config feature is used, the init script...

DEBIAN-CVE-2020-12831

An issue was discovered in FRRouting FRR aka Free Range Routing through 7.3.1. When using the split-config feature, the init script creates an empty config file with world-readable default permissions, leading to a possible information leak via tools/frr.in and tools/frrcommon.sh.in. NOTE: some...

SUSE-SU-2020:1273-1 Security update for grafana

This update for grafana to version 4.6.5 fixes the following issues: Security issues fixed: - CVE-2019-15043: Added authentication to a few rest endpoints jscSOC-10357, bsc1148383. - CVE-2018-19039: Fixed File Exfiltration vulnerability jscSOC-9976 bsc1115960. - CVE-2018-15727: Fixed an LDAP and...

Eaton Intelligent Power Manager Incorrect Privilege Assignment Vulnerability

Eaton Intelligent Power Manager IPM is an intelligent power manager from Eaton Corporation that supports remote monitoring and management of multiple devices in a network from an interface. A security vulnerability exists in Eaton Intelligent Power Manager version 1.67 and earlier. An attacker ca...

Eaton Intelligent Power Manager Input Validation Error Vulnerability

Eaton Intelligent Power Manager IPM is an intelligent power manager from Eaton Corporation that supports remote monitoring and management of multiple devices in a network from an interface. An input validation error vulnerability exists in Eaton IPM version 1.67 and prior versions, which stems fr...

Command injection

Improper Input Validation in Eaton's Intelligent Power Manager IPM v 1.67 & prior on file name during configuration file import functionality allows attackers to perform command injection or code execution via specially crafted file names while uploading the configuration file in the application...

CVE-2020-6651 Command injection via specially crafted file name during config file upload

Improper Input Validation in Eaton's Intelligent Power Manager IPM v 1.67 & prior on file name during configuration file import functionality allows attackers to perform command injection or code execution via specially crafted file names while uploading the configuration file in the application...

CVE-2020-6651

CVE-2020-6651 affects Eaton Intelligent Power Manager (IPM) versions 1.67 and earlier. The vulnerability is due to improper input validation on the configuration file import file name, which allows an attacker to trigger command injection or code execution via specially crafted file names during ...

CVE-2020-1631

A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN DVPN, Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning ZTP allows an unauthenticated attacker to perform local file inclusion LFI or path traversal. Using this vulnerability...