Cross site request forgery (csrf)

In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms...

Design/Logic Flaw

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The outbox functionality of the TXT File module can be used to delete all/most files in a folder. Because the product usually runs as NT AUTHORITY\SYSTEM, the only files that will not be deleted are those currently being run by the...

PCI passthrough code reading back hardware registers

ISSUE DESCRIPTION Code paths in Xen's MSI handling have been identified which act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't be able to affect these registers, experience shows that it's very common for device...

CVE-2020-24046

A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. This restricted shell can be bypassed after changing the properties of the user admin in the operating...

Rethinking Defensive Strategy at the Edge, Part 3: Strategies for Protective Action

Our three-part blog series, Re-thinking Defensive Strategy at the Edge, has been focusing on outlining a new defensive edge strategy for today's enterprise. We began with a discussion of data and indicators. Most recently, our second post focused on using risk signals and correlating them for...

CVE-2020-6146

Nitro Pro 13.13.2.242 and 13.16.2.300 contain a heap-based buffer overflow in ICCBased color space stroke rendering. During page drawing, the code reads a length from the file and uses it as a loop sentinel to write into a static 0x248-byte buffer, allowing an attacker to overflow the heap when t...

Design/Logic Flaw

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Wiki was vulnerable to a parser attack that prohibits anyone from accessing the Wiki functionality through the user interface...

CVE-2020-13311

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Wiki was vulnerable to a parser attack that prohibits anyone from accessing the Wiki functionality through the user interface...

openSUSE Security Update : MozillaFirefox (openSUSE-2020-1384)

This update for MozillaFirefox fixes the following issues : - Firefox Extended Support Release 78.2.0 ESR - Fixed: Various stability, functionality, and security fixes - Mozilla Firefox ESR 78.2 MFSA 2020-38 bsc1175686 - CVE-2020-15663 bmo1643199 Downgrade attack on the Mozilla Maintenance Servic...

OPENSUSE-SU-2020:1384-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.2.0 ESR Fixed: Various stability, functionality, and security fixes - Mozilla Firefox ESR 78.2 MFSA 2020-38 bsc1175686 CVE-2020-15663 bmo1643199 Downgrade attack on the Mozilla Maintenance Service cou...

SUSE-SU-2020:2544-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.2.0 ESR Fixed: Various stability, functionality, and security fixes - Mozilla Firefox ESR 78.2 MFSA 2020-38 bsc1175686 CVE-2020-15663 bmo1643199 Downgrade attack on the Mozilla Maintenance Service cou...

CVE-2020-3478 Cisco Enterprise NFV Infrastructure Software File Overwrite Vulnerability

A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to overwrite certain files that should be restricted on an affected device. The vulnerability is due to insufficient authorization enforcement on an affected system...

PT-2020-17233 · Python +4 · Py +4

Name of the Vulnerable Software and Affected Versions: py versions through 1.9.0 Description: A denial of service via regular expression in the py.path.svnwc component could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame...

China-based APT Debuts Sepulcher Malware in Spear-Phishing Attacks

A China-based APT has been sending organizations spear-phishing emails that distribute a never-before-seen intelligence-collecting RAT dubbed Sepulcher. Researchers discovered the new malware being distributed over the past six months through two separate campaigns. The first, in March, targeted...

CVE-2020-6143

A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The password variable which is set at line 122 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can send an HTTP request to trigger this...

Remote code execution

A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The username variable which is set at line 121 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can send an HTTP request to trigger this...

CVE-2020-6143

CVE-2020-6143 affects OS4Ed openSIS 7.4 install functionality. The install/Step5.php writes Data.php using user-provided values, and the password field (line 122) can inject PHP code, enabling remote code execution via a crafted HTTP request. Exploitation results in arbitrary code execution on th...

CVE-2020-6143

A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The password variable which is set at line 122 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can send an HTTP request to trigger this...

GHSA-WM7Q-RXCH-43MX Byass due to validation before canonicalization in serve

Versions of serve before 6.5.2 are vulnerable to the bypass of the ignore functionality. The bypass is possible because validation happens before canonicalization of paths and filenames. Example: Here we have a server that ignores the file test.txt. const serve = require'serve' const server =...

OS4Ed openSIS install remote code execution vulnerability

Summary A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. A specially crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions OS4Ed openSIS 7.4 Product URLs...