OS4Ed openSIS login SQL injection vulnerability

Summary An exploitable SQL injection vulnerability exists in the login functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions OS4Ed openSIS 7.3 Product URLs...

PT-2020-6548 · Unknown +1 · F2Fs-Tools +1

Name of the Vulnerable Software and Affected Versions: F2fs-Tools F2fs.Fsck version 1.13 Description: An exploitable information disclosure issue exists in the dev read functionality. A specially crafted f2fs filesystem can cause an uninitialized read, resulting in information disclosure. An...

Red Lion N-Tron 702-W, 702M12-W

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Red Lion Equipment: N-Tron 702-W / 702M12-W Vulnerabilities: Reflected Cross-site Scripting, Stored Cross-site Scripting, Cross-site Request Forgery, Hidden Functionality, Use of Unmaintained...

CVE-2020-7705

This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains malicious functionality that tracks any URL opened by the app and reports it back to the company, along with performing advertisement attribution fraud. Mintegral can remotely activate hooks on the...

CVE-2020-7705 Malicious Package

This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains malicious functionality that tracks any URL opened by the app and reports it back to the company, along with performing advertisement attribution fraud. Mintegral can remotely activate hooks on the...

Mail.ru: Stored Xss

Stored XSS in comment functionality on profile.my.games and community.my.games...

Breaking Samsung firmware, or turning your S8/S9/S10 into a DIY “Proxmark”

This post is a companion to the DEF CON 28 video available here Breaking the Firmware of Samsung’s NFC Chips Recently I have been looking into how to push the capabilities of my old smartphones beyond what you could traditionally do just by rooting it. Smartphones contain huge amounts of hardware...

CVE-2020-8212

Improper access control in Citrix XenMobile Server 10.12 before RP3, Citrix XenMobile Server 10.11 before RP6, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5 allows access to privileged functionality...

CVE-2020-1472 aka Zerologon

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol MS-NRPC. An attacker who successfully exploited the vulnerability could run a specially crafted application on a...

OPENSUSE-SU-2020:1214-1 Security update for chromium

This update for chromium fixes the following issues: - Chromium updated to 84.0.4147.125 boo1175085 CVE-2020-6542: Use after free in ANGLE CVE-2020-6543: Use after free in task scheduling CVE-2020-6544: Use after free in media CVE-2020-6545: Use after free in audio CVE-2020-6546: Inappropriate...

OPENSUSE-SU-2020:1209-1 Security update for hylafax+

This update for hylafax+ fixes the following issues: Hylafax was updated to upstream version 7.0.3. Security issues fixed: - CVE-2020-15396: Secure temporary directory creation for faxsetup, faxaddmodem, and probemodem boo1173521. - CVE-2020-15397: Sourcing of files into binaries from user...

Remote code execution

An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. The kernel driver exposes IOCTL functionality that allows low-privilege users to read and write to arbitrary Model Specific Registers MSRs. This could lead to arbitrary Ring-0 code...

Security update for MozillaFirefox (important)

openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2020:1155-1 Rating: important References: 1174538 Cross-References: CVE-2020-15652 CVE-2020-15653 CVE-2020-15654 CVE-2020-15655 CVE-2020-15656 CVE-2020-15657 CVE-2020-15658 CVE-2020-15659 CVE-2020-6463...

OPENSUSE-SU-2020:1147-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.1.0 ESR Fixed: Various stability, functionality, and security fixes bsc1174538 CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker CVE-2020-6514: WebRTC data channel...

Microsoft Azure Sphere AF_AZSPIO socket memory corruption vulnerability

Summary A memory corruption vulnerability exists in the AFAZSPIO socket functionality of Microsoft Azure Sphere 20.05. A sequence of socket operations can cause a double-free and out-of-bounds read in the kernel. An attacker can write a shellcode to trigger this vulnerability. Tested Versions...

EulerOS 2.0 SP8 : php (EulerOS-SA-2020-1821)

According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator function...

CVE-2019-20029

An exploitable privilege escalation vulnerability exists in the WebPro functionality of Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices. A specially crafted HTTP POST can cause privilege escalation resulting in a higher privileged account, including a...

CVE-2020-15921

Mida eFramework through 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code Execution...

Schneider Electric Triconex TriStation and Tricon Communication Module

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Triconex TriStation and Triconex Tricon Communication Module Vulnerabilities: Cleartext Transmission of Sensitive Information, Uncontrolled Resource Consumption,...

CVE-2020-6102

An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be triggered...