CVE-2020-13537

An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary.By default MXViewService, which starts as a NT SYSTEM authority us...

PT-2020-16680 · Horizontcms · Horizontcms

Name of the Vulnerable Software and Affected Versions: HorizontCMS versions prior to 1.0.0-beta patched, but version number remains the same Description: The issue allows an authenticated remote attacker with access to the FileManager to upload and execute arbitrary PHP code. This is achieved by...

binutils: denial of service via crafted ELF file

findabstractinstance in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service infinite recursion and application crash via a crafted ELF file...

Moxa MXView series installation privilege escalation vulnerability

Talos Vulnerability Report TALOS-2020-1148 Moxa MXView series installation privilege escalation vulnerability November 3, 2020 CVE Number CVE-2020-13537,CVE-2020-13536 SUMMARY Multiple exploitable local privilege elevation vulnerabilities exist in the file system permissions of Moxa MXView series...

EulerOS 2.0 SP2 : libffi (EulerOS-SA-2020-2357)

According to the version of the libffi packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that...

CVE-2020-4588

IBM i2 iBase 8.9.13 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 184579...

Design/Logic Flaw

IBM i2 iBase 8.9.13 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 184579...

CVE-2020-4588

IBM i2 iBase 8.9.13 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 184579...

CVE-2020-4588

IBM i2 iBase 8.9.13 is vulnerable to unrestricted file upload, allowing uploaded executables to be run, potentially causing code execution on a victim. IBM’s Security Bulletin confirms the fix in iBase 9 and advises upgrading to a version that includes the fix. Affected product/version: IBM i2 iB...

CVE-2020-26131

Issues were discovered in Open DHCP Server Regular 1.75 and Open DHCP Server LDAP Based 0.1Beta. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenDHCPServer.exe Regular or the OpenDHCPLdap.exe LDAP Based binary...

PT-2020-16306 · Home · Home Dns Server

Name of the Vulnerable Software and Affected Versions: Home DNS Server version 0.10 Description: An issue was discovered due to insufficient access restrictions in the default installation directory, allowing an attacker to elevate privileges by replacing the HomeDNSServer.exe binary...

Buffer Overflow Vulnerability in ForceControl ForceControl httpsvr.exe

Forcecontrol is a monitoring and configuration software, mainly used for data acquisition and monitoring control. A buffer overflow vulnerability exists in ForceControl httpsvr.exe, which can be exploited by an attacker to cause a remote denial of service attack...

Ghisler Total Commander Elevation of Privilege Vulnerability

Ghisler Total Commander is a file manager software from the American company Ghisler. The program offers file compression, management, ftp sharing and more. An elevation of privilege vulnerability exists in Ghisler Total Commander version 9.51, which stems from insufficient access restrictions in...

CVE-2020-17381

An issue was discovered in Ghisler Total Commander 9.51. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the %SYSTEMDRIVE%\totalcmd\TOTALCMD64.EXE binary...

EulerOS Virtualization 3.0.2.2 : libffi (EulerOS-SA-2020-2186)

According to the version of the libffi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Plea...

CVE-2020-24416 Blind stored XSS in Marketo Sales insight plugin for SalesForce

Marketo Sales Insight plugin version 1.4355 and earlier is affected by a blind stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to...

ReQuest Serious Play F3 Media Server 7.0.3 Unauthenticated Remote Code Execution

!/usr/bin/env python3 -- coding: utf-8 -- ReQuest Serious Play F3 Media Server 7.0.3 Unauthenticated Remote Code Execution Vendor: ReQuest Serious Play LLC Product web page: http://www.request.com Affected version: 7.0.3.4968 Pro 7.0.2.4954 6.5.2.4954 6.4.2.4681 6.3.2.4203 2.0.1.823 Summary: F3...

Path Traversal Vulnerability in Pocket Watcher Collection Side

Pocket Viewer is a surveillance app that allows users to turn their cell phones, computers, smart TVs and other devices into wireless home surveillance by using the companion software "Pocket Viewer Capture Terminal". There is a path traversal vulnerability in the Pocket Watcher app, which can be...

CVE-2020-26880

Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file which is owned by sympa and parsing it through the setuid sympanewaliases-wrapper executable...

CVE-2020-26880

Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file which is owned by sympa and parsing it through the setuid sympanewaliases-wrapper executable...