CVE-2020-27607

In BigBlueButton before 2.2.28 or earlier, the client-side Mute button only signifies that the server should stop accepting audio data from the client. It does not directly configure the client to stop sending audio data to the server, and thus a modified server could store the audio data and/or...

CVE-2020-27607

CVE-2020-27607 affects BigBlueButton before 2.2.28. The client-side Mute button does not directly stop sending audio; it only signals the server to stop accepting audio data. A modified server could store audio data and/or transmit it to participants or third parties. Affected component: client-s...

Loan Management System 1.0 - Multiple Cross Site Scripting (Stored)

Exploit Title: Loan Management System 1.0 - Multiple Cross Site Scripting Stored Google Dork: N/A Date: 2020/10/19 Exploit Author: Akıner Kısa Vendor Homepage: https://www.sourcecodester.com/php/14471/loan-management-system-using-phpmysql-source-code.html Software Link:...

Loan Management System 1.0 Cross Site Scripting

Exploit Title: Loan Management System 1.0 - Multiple Cross Site Scripting Stored Google Dork: N/A Date: 2020/10/19 Exploit Author: Akıner Kısa Vendor Homepage: https://www.sourcecodester.com/php/14471/loan-management-system-using-phpmysql-source-code.html Software Link:...

KB3207512 - Important update for SQL Server 2016 SP1 Reporting Services

KB3207512 - Important update for SQL Server 2016 SP1 Reporting Services See the products and operating systems that this article applies to. This article describes an important update package build number: 13.0.4199.0 for Microsoft SQL Server 2016 Service Pack 1 SP1 Reporting Services. This updat...

CentOS 7 : systemd (RHSA-2020:4007)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4007 advisory. - An issue was discovered in buttonopen in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur...

PT-2021-3378 · Linux +10 · Linux Kernel +10

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.9-rc1 Description: The issue is related to an out-of-bounds memory write flaw in the Linux kernel's joystick devices subsystem. This flaw occurs when a user calls the ioctl JSIOCSBTNMAP function. It allows a...

Watch Out — Microsoft Warns Android Users About A New Ransomware

Microsoft has warned about a new strain of mobile ransomware that takes advantage of incoming call notifications and Android's Home button to lock the device behind a ransom note. The findings concern a variant of a known Android ransomware family dubbed "MalLocker.B" which has now resurfaced wit...

DynPG 4.9.1 Cross Site Scripting

Exploit Title: DynPG 4.9.1 - Persistent Cross-Site Scripting Authenticated Date: 2020-10-09 Exploit Author: Enes Özeser Vendor Homepage: https://dynpg.org/ Version: 4.9.1 Tested on: Windows & XAMPP == Tutorial alert"XSS"; == HTTP Request alert"XSS";...

Authentication flaw

Smarter Coffee Maker before 2nd generation allows firmware replacement without authentication or authorization. User interaction is required to press a button. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

Jira Service Desk permissions error dialog allows Project Admins to upgrade the permission scheme

h3. Issue Summary For a specific use case, only some selected users may create issues using the Portal, so the permission to create issues by "Service Desk Customer - Portal" was removed. After the Permission change, Project Administrators, that should not have access to change the...

PT-2020-14463 · Smarter · Smarter Coffee Maker

Name of the Vulnerable Software and Affected Versions: Smarter Coffee Maker versions before 2nd generation Description: The issue allows firmware replacement without authentication or authorization. User interaction is required to press a button. This problem only affects products that are no...

systemd: memory leak in button_open() in login/logind-button.c when udev events are received

A memory leak was discovered in the systemd-login when a power-switch event is received. A physical attacker may trigger one of these events and leak bytes due to a missing free...

Audio Playback Recorder 3.2.2 Local Buffer Overflow

Exploit Title: Audio Playback Recorder 3.2.2 - Local Buffer Overflow SEH Date: 2020-09-08 Author: Felipe Winsnes Software Link: https://archive.org/download/tucows288670AudioPlaybackRecorder/AudioRec.exe Version: 3.2.2 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Proof of the...

Constant Contact Forms < 1.8.8 - Multiple Authenticated Stored XSS

Multiple stored cross-site scripting vulnerabilities in Constant Contact Forms for WordPress 1.8.7 and lower allow high-privileged user Editor+ to inject arbitrary Javascript code or HTML in posts where the malicious form is embed. High-privileged user Editor+ can exploit XSS via Add New Form's...

CVE-2020-8335

The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad A285, BIOS versions up to r0xuj70w; A485, BIOS versions up to r0wuj65w; T495 BIOS versions up to r12uj55w; T495s/X395, BIOS versions up to r13uj47w, while the emergency-reset button is pressed which may allow for unauthorize...

Design/Logic Flaw

The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad A285, BIOS versions up to r0xuj70w; A485, BIOS versions up to r0wuj65w; T495 BIOS versions up to r12uj55w; T495s/X395, BIOS versions up to r13uj47w, while the emergency-reset button is pressed which may allow for unauthorize...

ASX To MP3 Converter 3.1.3.7.2010.11.05 Buffer Overflow

Exploit Title: ASX to MP3 converter 3.1.3.7.2010.11.05 - '.wax' Local Buffer Overflow DEP,ASLR Bypass PoC Software Link Download: https://github.com/x00x00x00x00/ASXtoMP3Converter3.1.3.7.2010.11.05/blob/master/ASXtoMP3Converter3.1.3.7.2010.11.05.exe?raw=true Exploit Author: Paras Bhatia Discovery...

An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command a memory leak may occur.

...

Sell Photo <= 1.0.5 - Authenticated Stored Cross-Site Scripting

The Button Text/Image field in Settings page of Sell Photos Plugin was found to be vulnerable to stored XSS, as they did not sanitize user given input properly. It is triggered when a users loads a page where the plugin is used, and when an admin opens settings page of the plugin. PoC The PoC wil...