End of line: supporting IoT in the home

Trouble is potentially brewing in Internet of Things IoT land, even if the consequences may still be a little way off. System updates and issues surrounding expiring certificates will pose problems for manufacturers and headaches for consumers. System updates for fun and profit One of the first...

CVE-2020-11017

In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. This is fixed in version 2.1.0. Mitigation Disable clipboard functionality in the freerdp server settings...

CVE-2020-12494

Beckhoff TwinCAT RT network driver for Intel 8254x/8255x EtherCAT functionality contains a padding issue: non-realtime frames are not padded to the minimum Ethernet frame size, causing arbitrary memory content to be transmitted in the padding bytes. This can lead to memory disclosure, with the mo...

Docker Desktop Execution with Unnecessary Privileges Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Troubleshoot...

CVE-2020-10773

A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmmtimeout file. This flaw allows a local user to see the kernel data. Mitigation Mitigation for this issue is either not available or the...

Misconfigured Kubeflow workloads are a security risk

Azure Security Center ASC monitors and defends thousands of Kubernetes clusters running on top of AKS. Azure Security Center regularly searches for and research for new attack vectors against Kubernetes workloads. We recently published a blog post about a large scale campaign against Kubernetes...

CVE-2020-11680

Castel NextGen DVR v1.0.0 is vulnerable to authorization bypass on all administrator functionality. The application fails to check that a request was submitted by an administrator. Consequently, a normal user can perform actions including, but not limited to, creating/modifying the file store,...

Authorization

Castel NextGen DVR v1.0.0 is vulnerable to authorization bypass on all administrator functionality. The application fails to check that a request was submitted by an administrator. Consequently, a normal user can perform actions including, but not limited to, creating/modifying the file store,...

CVE-2020-11680

Castel NextGen DVR v1.0.0 is affected by an authorization bypass vulnerability where requests are not checked for admin privileges, enabling a normal user to perform admin actions such as creating/modifying the file store, alerts, and users. Root cause: missing admin verification on administrator...

CVE-2020-11680

Castel NextGen DVR v1.0.0 is vulnerable to authorization bypass on all administrator functionality. The application fails to check that a request was submitted by an administrator. Consequently, a normal user can perform actions including, but not limited to, creating/modifying the file store,...

Apache Ignite H2 File Access Vulnerability

Apache Ignite is the United States Apache Apache Software Foundation's set of high-performance, integrated and distributed for large-scale data set processing in-memory computing and transaction management platform. A security vulnerability exists in Apache Ignite. The vulnerability can be...

Navigate CMS 2.8.7 Directory Traversal

Exploit Title: Navigate CMS 2.8.7 - Authenticated Directory Traversal Date: 2020-06-04 Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link: https://sourceforge.net/projects/navigatecms/files/releases/navigate-2.8.7r1401.zip/download Version: 2.8.7 Tested o...

Navigate CMS 2.8.7 - Authenticated Directory Traversal Vulnerability

Exploit for php platform in category web applications Exploit Title: Navigate CMS 2.8.7 - Authenticated Directory Traversal Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link:...

Navigate CMS 2.8.7 - Authenticated Directory Traversal

Exploit Title: Navigate CMS 2.8.7 - Authenticated Directory Traversal Date: 2020-06-04 Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link: https://sourceforge.net/projects/navigatecms/files/releases/navigate-2.8.7r1401.zip/download Version: 2.8.7 Tested o...

VMware Workstation 15 shader functionality round_ni denial of service vulnerability

Summary An exploitable denial of service vulnerability exists in VMware Workstation 15.5.0 build-14665864. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered fro...

OPPO: No rate limit on Reporting a Threat on [https://community.coloros.com] lead to Increase in the User Group/Points

Summary: When a user signs up on https://community.coloros.com he is assigned with a specific User Group which increases with his activity on the community. I found that there is no rate limit implemented on reporting a threat and due to which a User can abuse this functionality to Increase his...

CVE-2020-3958

VMware ESXi 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG, VMware Workstation 15.x before 15.5.2 and VMware Fusion 11.x before 11.5.2 contain a denial-of-service vulnerability in the shader functionality. Successful exploitation of this issue may allow attackers with...

WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery (Delete User)

Exploit Title: WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery Delete User Google Dork: N/A Date: 2020-05-21 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: https://www.bdtask.com/ Software Link: https://downloads.wordpress.org/plugin/multi-scheduler.1.0.0.zip Category: Web...

KLA12096 Multiple vulnerabilities in VMware Workstation and Player

Multiple vulnerabilities were found in VMware Workstation and Player. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. A memory leak vulnerability in VMCI module can be exploited locally to cause denial of service. 2. A...

Siemens Simatic Improper Input Validation

A vulnerability has been identified in SIMATIC S7-1200 CPU family incl. SIPLUS variants All versions, SIMATIC S7-1200 CPU family V4.x incl. SIPLUS variants All versions, SIMATIC S7-1200 CPU family V4.x incl. SIPLUS variants All versions with Function State FS 11, SIMATIC S7-200 SMART CPU CR20s 6E...