Intel® Graphics Drivers Advisory

Summary: Potential security vulnerabilities in some Intel® Graphics Drivers may allow escalation of privilege, denial of service and/or information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2020-0544 Description:...

CVE-2020-0518

Improper access control in the IntelR HD Graphics Control Panel before version 15.40.46.5144 and 15.36.39.5143 may allow an authenticated user to potentially enable denial of service via local access...

Improper access control

Improper access control in the IntelR HD Graphics Control Panel before version 15.40.46.5144 and 15.36.39.5143 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2020-0518

Improper access control in the IntelR HD Graphics Control Panel before version 15.40.46.5144 and 15.36.39.5143 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2021-27231

Hestia Control Panel 1.3.5 and below, in a shared-hosting environment, sometimes allows remote authenticated users to create a subdomain for a different customer's domain name, leading to spoofing of services or email messages...

CVE-2021-27231

Hestia Control Panel 1.3.5 and below, in a shared-hosting environment, sometimes allows remote authenticated users to create a subdomain for a different customer's domain name, leading to spoofing of services or email messages...

Design/Logic Flaw

Hestia Control Panel 1.3.5 and below, in a shared-hosting environment, sometimes allows remote authenticated users to create a subdomain for a different customer's domain name, leading to spoofing of services or email messages...

CVE-2021-27231

Hestia Control Panel 1.3.5 and below, in a shared-hosting environment, sometimes allows remote authenticated users to create a subdomain for a different customer's domain name, leading to spoofing of services or email messages...

CVE-2021-27231

CVE-2021-27231 affects Hestia Control Panel 1.3.5 and below in a shared-hosting environment. The vulnerability allows remote authenticated users to create a subdomain for a different customer’s domain name, leading to spoofing of services or email messages. The provided documents describe the iss...

Hestia Control Panel Security Vulnerability

Hestia Control Panel is an open source hosting control panel. A security vulnerability exists in Hestia Control Panel through 1.3.3 that allows remote authenticated users to create subdomains for domains of different clients, resulting in spoofed service or email messages...

Security Bulletin: Rational Test Control Panel affected by Spring Framework vulnerability

Summary Spring Framework is vulnerable to a security issue affecting Rational Test Control Panel Vulnerability Details CVEID: CVE-2020-5421 DESCRIPTION: VMware Tanzu Spring Framework could allow a remote attacker to bypass security restrictions, caused by improper input validation. By using a...

NVIDIA Windows GPU Display Driver (January 2021)

A display driver installed on the remote Windows host is affected by multiple vulnerabilities: - NVIDIA GPU Display Driver contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service o...

Design/Logic Flaw

Panasonic Security System WV-S2231L 4.25 allows a denial of service of the admin control panel which will require a physical reset to restore administrative control via Randomnum=99AC8CEC6E845B28&mode=1 in a POST request to the cgi-bin/setfactory URI...

CVE-2020-29194

CVE-2020-29194 affects Panasonic Security System WV-S2231L (firmware 4.25). A denial-of-service of the admin control panel is possible via a POST to /cgi-bin/set_factory with Randomnum=99AC8CEC6E845B28&mode=1, requiring a physical reset to regain control. Documented impact: admin control panel un...

CVE-2020-29472

EGavilan Media Under Construction page with cPanel 1.0 contains a SQL injection vulnerability. An attacker can gain Admin Panel access using malicious SQL injection queries to perform remote arbitrary code execution...

Security update for opera (important)

openSUSE Security Update: Security update for opera Announcement ID: openSUSE-SU-2020:2178-1 Rating: important References: Cross-References: CVE-2020-16013 CVE-2020-16017 Affected Products: openSUSE Leap 15.2:NonFree openSUSE Leap 15.1:NonFree An update that fixes two vulnerabilities is now...

2-Factor Authentication Bypass Flaw Reported in cPanel and WHM Software

cPanel, a provider of popular administrative tools to manage web hosting, has patched a security vulnerability that could have allowed remote attackers with access to valid credentials to bypass two-factor authentication 2FA protection on an account. The issue, tracked as "SEC-575" and discovered...

phpBB: Server Side Request Forgery in 'Jabber settings' in Admin Control Panel

Overview The 'Jabber settings' panel inside the Administrator Control Panel can be used to access resources that would otherwise only be accessible by the host machine, including resources/services hosted on the localhost interface. This can be performed by setting the 'jabber server' parameter t...

CVE-2020-5979

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which a user is presented with a dialog box for input by a high-privilege process, which may lead to escalation of privileges...

Design/Logic Flaw

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which a user is presented with a dialog box for input by a high-privilege process, which may lead to escalation of privileges...