Design/Logic Flaw

iRedMail version prior to commit f04b8ef contains a Insecure Permissions vulnerability in Roundcube Webmail that can result in Exfiltrate a user's password protected secret GPG key file and other important configuration files.. This attack appear to be exploitable via network connectivity. This...

Arbitrary File Download Vulnerability in CLTPHP Version 5.5.3

CLTPHP is a content management system based on ThinkPHP5 development with Layui framework in the backend. CLTPHP 5.5.3 version exists arbitrary file download vulnerability, an attacker can exploit the vulnerability to construct parameters to download arbitrary server files, such as script code,...

The vulnerability of the Master IP Camera01’s microprogrammed software lies in its ability to perform unlimited upload/download operations on configuration files. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Master IP Camera01 microprogramming system lies in the unlimited ability to upload/download the configuration file. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

Code Execution Vulnerability in YIXUNCMS v2.0.4.91

YIXUNCMS is a convenient CMS management system developed by Yixun BS Software Studio specializing in website construction for small and medium-sized enterprises. A code execution vulnerability exists in YIXUNCMS v2.0.4.91, which is caused due to the system failing to filter content written to...

limesurvey Information Disclosure Vulnerability

limesurvey is an online LimeSurvey questionnaire management system, with questionnaire design, modification, release, recovery and statistics and other functions. An information disclosure vulnerability exists in LimeSurvey. The vulnerability occurs because LimeSurvey fails to properly handle...

meg+ - Automated Reconnaissance Wrapper

This wrapper will automate numerous tasks and help you during your reconnaissance process. The script finds common issues, low hanging fruit, and assists you when approaching a target. meg+ also allows you to scan all your in-scope targets on HackerOne in one go — it simply retrieves them using a...

Memory corruption

Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability. An authenticated, local attacker may craft and load some specific...

CVE-2017-17302

Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability. An authenticated, local attacker may craft and load some specific...

CVE-2018-2393

Under certain conditions SAP Internet Graphics Server IGS 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server IGS to become unavailable. Recent assessments: gwillcox-r7 at October 06, 2020 4:05pm UTC reported: This...

BMC Track-It! Information Disclosure Vulnerability

BMC Track-It! is a fully integrated IT helpdesk and asset management solution for small and medium-sized businesses from BMC Software, USA. The solution provides work order tracking, change management, process automation, asset inventory and asset management. A security vulnerability exists in...

openSUSE Security Update : systemd (openSUSE-2018-117)

This update for systemd fixes several issues. This security issue was fixed : - CVE-2018-1049: Prevent race that can lead to DoS when using automounts bsc1076308. These non-security issues were fixed : - core: don't choke if a unit another unit triggers vanishes during reload - delta: don't ignor...

CVE-2017-1000391

Jenkins versions 2.88 and earlier and 2.73.2 and earlier stores metadata related to 'people', which encompasses actual user accounts, as well as users appearing in SCM, in directories corresponding to the user ID on disk. These directories used the user ID for their name without additional...

CVE-2017-1000391

Jenkins versions 2.88 and earlier and 2.73.2 and earlier stores metadata related to 'people', which encompasses actual user accounts, as well as users appearing in SCM, in directories corresponding to the user ID on disk. These directories used the user ID for their name without additional...

CVE-2017-1000391

Jenkins CVE-2017-1000391 affects Jenkins versions 2.88 and earlier and 2.73.2 and earlier. The vulnerability arises because metadata for users (including SCM users) is stored in directories named after their user ID, without escaping, which could lead to overwriting of unrelated configuration fil...

MASTER IPCAMERA01 File Upload and Download Vulnerability

MASTER IPCAMERA01 is an IP network camera product. A security vulnerability exists in MASTER IPCAMERA01 version 3.3.4.2103. An attacker can exploit the vulnerability to upload and download configuration files...

Kaseya VSA R9.2 Arbitrary File Read Vulnerability

A security vulnerability was found in Kaseya VSA file download file functionality. Using this vulnerability an authenticated user in a Kaseya VSA environment is able to download arbitrary files from the server including source code of Kaseya, the database backups, configuration files, and even...

Kaseya VSA R9.2 Arbitrary File Read

------------------------------------------------------------------------ Arbitrary file read in Kaseya VSA ------------------------------------------------------------------------ Kin Hung Cheng, Robert Hartshorn, May 2017 ------------------------------------------------------------------------...

File Read Vulnerability in ZTE Color Ring Business System

ZTE's ringtone system inherits the stable system architecture of the mobile smart network, follows the latest specifications of operators, and provides flexible interfaces and rich new service functions. A file read vulnerability exists in the ZTE Color Ring service system, which can be exploited...

Fedora 27 : systemd (2017-6263c938c7)

Use infinite timeouts for passwords during boot when JobTimeoutSec=0 - Some tty utf8-mode fixes - Only send one auxillary fd set over dbus - Various network-manager crash and spurious assert fixes - Do not remount network filesystems ro during shutdown and unmount DM devices better - Fix...

CVE-2017-15532

Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack also known as directory traversal. These types of attacks aim to access files and directories that are stored outside the web root folder. By manipulating variables, it may be possible to access arbitrary...