openldap bug fix and enhancement update

OpenLDAP is an open-source suite of Lightweight Directory Access Protocol LDAP applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap packages contain configuration files, libraries, an...

CiviCRM 5.22.0 - Code Execution Vulnerability Chain Explained

During our vulnerability research on the largest CMS systems we came across CiviCRM last year. It’s an open source CRM plugin for the most popular CMS systems like Wordpress, Joomla, Drupal, and Backdrop. CiviCRM is specifically designed for the needs of non-profit, non-governmental, and advocacy...

Solar-Log 500 2.8.2 - Incorrect Access Control Vulnerability

Exploit Title: Solar-Log 500 2.8.2 - Incorrect Access Control Google Dork: In Shodan search engine, the filter is ""Server: email protected"" Exploit Author: Luca.Chiou Vendor Homepage: https://www.solar-log.com/en/ Software Link: Firmware for Solar-Log...

Cross-Site Request Forgery (CSRF)

jenkins config file provider plugin is vulnerable to cross-site request forgery CSRF. The server did not verify the authenticity of web requests and allows an attacker is able to delete configuration files corresponding to an attacker-specified ID by tricking an authenticated user to visit a...

XML External Entity (XXE)

Jenkins Config File Provider Plugin is vulnerable to XML external entity XXE. It does not configure its XML parser to prevent XML external entity XXE attacks. A flaw was found in the config-file-provider Jenkins plugin. The plugin XML parser wasn't configure to prevent XML external entity XXE...

FortiAuthenticator - Hard-coded cryptographic keys used to encrypt sensitive data

Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in FortiAuthenticator may allow an attacker with access to the files or the CLI configuration to decrypt the sensitive data, via knowledge of the hard-coded key...

CVE-2018-16498

In Versa Director, the unencrypted backup files stored on the Versa deployment contain credentials stored within configuration files. These credentials are for various application components such as SNMP, and SSL and Trust keystores...

CVE-2018-16498

In Versa Director, the unencrypted backup files stored on the Versa deployment contain credentials stored within configuration files. These credentials are for various application components such as SNMP, and SSL and Trust keystores...

CVE-2018-16498

CVE-2018-16498 affects Versa Director where unencrypted backup files stored on the Versa deployment include credentials inside configuration files for components such as SNMP and SSL/Trust keystores. The root cause is plaintext credentials in backups, enabling potential exposure if backups are ac...

Local Privilege Escalation in cloudflared

In cloudflared versions 2020.8.1 corresponding to 0.0.0-20200820025921-9323844ea773 on pkg.go.dev on Windows, if an administrator has started cloudflared and set it to read configuration files from a certain directory, an unprivileged user can exploit a misconfiguration in order to escalate...

Amazon Linux 2 : spamassassin (ALAS-2021-1642)

The version of spamassassin installed on the remote host is prior to 3.4.4-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1642 advisory. A flaw was found in spamassassin. Malicious rule configuration .cf files can be configured to run system commands without any...

Input validation

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute arbitrary commands on an affected system. The vulnerability is due to insufficient validation of user-supplied...

CVE-2021-1487 Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute arbitrary commands on an affected system. The vulnerability is due to insufficient validation of user-supplied...

CVE-2021-1487 Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute arbitrary commands on an affected system. The vulnerability is due to insufficient validation of user-supplied...

Path Traversal in kalcaddle/kodexplorer

✍️ Description I have confirmed a file transversal vulnerability on any server running Kodexplorer, Malicious user can read any file 🕵️‍♂️ Proof of Concept First setup local installation of kodExplorer. If the server is running with root permission:...

Security Bulletin: IBM Spectrum Scale Transparent Cloud Tiering is affected by a vulnerability which could allow access to sensitive information

Summary A vulnerability in IBM Spectrum Scale Transparent Cloud Tiering could allow a remote attacker to access sensitive information. Vulnerability Details CVEID: CVE-2020-4850 DESCRIPTION: IBM Spectrum Scale Transparent Cloud Tiering could allow a remote attacker to obtain sensitive information...

Arbitrary File Download Vulnerability in FLIR-AX8

Teledyne FLIR specializes in the design, development, production, marketing and promotion of specialized technologies for enhanced situational awareness. An arbitrary file download vulnerability exists in FLIR-AX8. An attacker could exploit the vulnerability to download relevant system...

CloudBees Jenkins S3 publisher Plugin authorization issue vulnerability (CNVD-C-2021-118103)

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An authorization issue...

Jenkins 信息泄露漏洞

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An authorization issue...

Path Traversal in droppy

This affects all versions of package droppy. It is possible to traverse directories to fetch configuration files from a droopy server...