GHSA-94MF-XFG5-R247 Invenio-App vulnerable to host header injection attack

APPALLOWEDHOSTS not always preventing host header injection Impact A possible host header injection attack have been identified in Invenio-App. For an attack to be possible, all conditions below must be met: 1. Your webserver must have been configured to route all requests to your application. 2...

Cross-Site Request Forgery (CSRF)

react-dev-utils is vulnerable to cross-site request forgery. Local unauthenticated attackers could exploit the flawed Webserver component to execute arbitrary commands on the targeted system via the unsanitized input command to launch an editor...

CVE-2017-8406

An issue was discovered on D-Link DCS-1130 devices. The device provides a crossdomain.xml file with no restrictions on who can access the webserver. This allows an hosted flash file on any domain to make calls to the device's webserver and pull any information that is stored on the device. In thi...

Cross site scripting

An issue was discovered on D-Link DCS-1130 devices. The device provides a crossdomain.xml file with no restrictions on who can access the webserver. This allows an hosted flash file on any domain to make calls to the device's webserver and pull any information that is stored on the device. In thi...

CVE-2017-8406

CVE-2017-8406 affects D-Link DCS-1130 devices. The issue is that crossdomain.xml is accessible without restrictions, allowing a hosted flash file on any domain to call the device’s webserver and retrieve stored information, including credentials in clear text. The description also notes lack of c...

Path Traversal vulnerability that affects yard

Possible arbitrary path traversal and file access via yard server Impact A path traversal vulnerability was discovered in YARD = 0.9.19 when using yard server to serve documentation. This bug would allow unsanitized HTTP requests to access arbitrary files on the machine of a yard server host unde...

CVE-2019-7579

An issue was discovered on Linksys WRT1900ACS 1.0.3.187766 devices. An ability exists for an unauthenticated user to browse a confidential ui/1.0.99.187766/dynamic/js/setup.js.localized file on the router's webserver, allowing for an attacker to identify possible passwords that the system uses to...

CVE-2019-6584

A vulnerability has been identified in SIEMENS LOGO!8 6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx, SIEMENS LOGO!8 6ED1052-xyy08-0BA0 FS:01 / Firmware version V1.82.02. The integrated webserver does not invalidate the Session ID upon user logout. An attacker that...

CVE-2019-10925

A vulnerability has been identified in SIMATIC MV400 family All Versions V7.0.6. An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Val...

Code injection

A vulnerability has been identified in SIMATIC MV400 family All Versions V7.0.6. An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Val...

Design/Logic Flaw

A vulnerability has been identified in SIEMENS LOGO!8 6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx, SIEMENS LOGO!8 6ED1052-xyy08-0BA0 FS:01 / Firmware version V1.82.02. The integrated webserver does not invalidate the Session ID upon user logout. An attacker that...

CVE-2019-6584

Siemens LOGO!8 devices (models 6ED1052-xyyxx-0BA8 FS:01–FS:06 with firmware v1.80.x/v1.81.x and 6ED1052-xyy08-0BA0 with firmware

CVE-2019-6584

A vulnerability has been identified in SIEMENS LOGO!8 6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx, SIEMENS LOGO!8 6ED1052-xyy08-0BA0 FS:01 / Firmware version V1.82.02. The integrated webserver does not invalidate the Session ID upon user logout. An attacker that...

CVE-2019-10925

CVE-2019-10925 affects Siemens SIMATIC MV440 (and MV400 family) with all versions prior to v7.0.6. The root cause is improper privilege management (CWE-269) in the device’s integrated webserver, allowing an authenticated attacker with network access and valid credentials to escalate privileges vi...

Telus Actiontec WEB6000Q Denial Of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Device Details Discovered By: Andrew Klaus [email protected] Vendor: Actiontec Telus Branded Model: WEB6000Q Affected Firmware: 1.1.02.22 Reported: July 2018 CVE: Not needed since update is pushed by the provider. Summary of Findings By querying CGI...

CVE-2017-13717

The CVE-2017-13717 issue affects Starry Station (Starry Router). The product exposes a webserver with Access-Control-Allow-Origin: *, enabling cross-origin requests from any hosted page. This misconfiguration allows an attacker to access device endpoints via the user’s browser, and, as described,...

Immunity Canvas: EXIM_EXPANSION_RCE

Name| eximexpansionrce ---|--- CVE| CVE-2019-10149 Exploit Pack| CANVAS Description| eximexpansionrce Notes| CVE Name: CVE-2019-10149 VENDOR: Exim NOTES: A vulnerability exists in Exim since version 4.85 that allows for the execution of remote commands as the root user on a system. Current versio...

pulp: Improper path parsing leads to overwriting of iso repositories

A path traversal flaw was found in the ISO repository plugin for pulp. An attacker, with access to a repository feeding pulp can carefully craft his repository to overwrite arbitrary files owned by the Apache webserver...

CVE-2019-11536

Kalki Kalkitech SYNC3000 Substation DCU GPC v2.22.6, 2.23.0, 2.24.0, 3.0.0, 3.1.0, 3.1.16, 3.2.3, 3.2.6, 3.5.0, 3.6.0, and 3.6.1, when WebHMI is not installed, allows an attacker to inject client-side commands or scripts to be executed on the device with privileged access, aka CYB/2019/19561. The...

Input validation

Kalki Kalkitech SYNC3000 Substation DCU GPC v2.22.6, 2.23.0, 2.24.0, 3.0.0, 3.1.0, 3.1.16, 3.2.3, 3.2.6, 3.5.0, 3.6.0, and 3.6.1, when WebHMI is not installed, allows an attacker to inject client-side commands or scripts to be executed on the device with privileged access, aka CYB/2019/19561. The...