CVE-2019-18831

Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate...

CVE-2019-18830

Barco ClickShare Button R9861500D01 devices before 1.9.0 allow OS Command Injection. The embedded 'donglebridge' program used to expose the functionalities of the ClickShare Button to a USB host, is vulnerable to OS command injection vulnerabilities. These vulnerabilities could lead to code...

CVE-2019-18826

Barco ClickShare Button R9861500D01 devices before 1.9.0 have Improper Following of a Certificate's Chain of Trust. The embedded 'donglebridge' program used to expose the functionalities of the ClickShare Button to a USB host, does not properly validate the whole certificate chain...

CVE-2019-18826

Barco ClickShare Button R9861500D01 devices before 1.9.0 have Improper Following of a Certificate's Chain of Trust. The embedded 'donglebridge' program used to expose the functionalities of the ClickShare Button to a USB host, does not properly validate the whole certificate chain...

Design/Logic Flaw

Barco ClickShare Button R9861500D01 devices before 1.9.0 have Improper Following of a Certificate's Chain of Trust. The embedded 'donglebridge' program used to expose the functionalities of the ClickShare Button to a USB host, does not properly validate the whole certificate chain...

CVE-2019-18831

Barco ClickShare Button R9861500D01 devices prior to version 1.9.0 are affected by CVE-2019-18831, an information exposure vulnerability where the encrypted firmware stores the private key of a test device certificate. Public sources (NVD/Red Hat/CNVD) confirm the issue affects Barco ClickShare B...

CVE-2019-18831

Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate...

CVE-2019-18830

Barco ClickShare Button R9861500D01 devices before firmware 1.9.0 are affected by an OS command injection in the embedded dongle_bridge component that exposes ClickShare Button functionality to a USB host. This vulnerability can lead to code execution with the privileges of user 'nobody'. Remedia...

CVE-2019-18830

Barco ClickShare Button R9861500D01 devices before 1.9.0 allow OS Command Injection. The embedded 'donglebridge' program used to expose the functionalities of the ClickShare Button to a USB host, is vulnerable to OS command injection vulnerabilities. These vulnerabilities could lead to code...

CVE-2019-18828

Barco ClickShare Button R9861500D01 devices before firmware 1.9.0 have Insufficiently Protected Credentials: the embedded Linux root account used for access via debug interfaces (not enabled in production) relies on a weak password, enabling potential credential exposure. This CVE (CVE-2019-18828...

CVE-2019-18828

Barco ClickShare Button R9861500D01 devices before 1.9.0 have Insufficiently Protected Credentials. The root account present for access via debug interfaces, which are by default not enabled on production devices of the embedded Linux on the ClickShare Button is using a weak password...

CVE-2019-18827

CVE-2019-18827 affects Barco ClickShare Button R9861500D01 devices with firmware older than 1.9.0, where JTAG access remains possible after ROM code execution before handing control to the embedded firmware. This is observed across multiple sources (NVD/Red Hat/Tenable/CNVD) and is limited to ROM...

CVE-2019-18827

On Barco ClickShare Button R9861500D01 devices before firmware version 1.9.0 JTAG access is disabled after ROM code execution. This means that JTAG access is possible when the system is running code from ROM before handing control over to embedded firmware...

CVE-2019-18826

Barco ClickShare Button R9861500D01 devices prior to 1.9.0 are affected by an improper certificate chain validation in the embedded dongle_bridge, which does not validate the entire certificate chain. This is documented across multiple sources (NVD/Red Hat/Nessus/CNVD) as a certificate-trust-chai...

CVE-2019-18826

Barco ClickShare Button R9861500D01 devices before 1.9.0 have Improper Following of a Certificate's Chain of Trust. The embedded 'donglebridge' program used to expose the functionalities of the ClickShare Button to a USB host, does not properly validate the whole certificate chain...

CVE-2012-2238

trytond 2.4: ModelView.button fails to validate authorization...

CVE-2012-2238

CVE-2012-2238 affects trytond 2.4: ModelView.button fails to validate authorization. Root cause is lack of proper authorization checks on that component. CVSS2 base score 5.0 (I:P) and CVSS3.1 base score 7.5 (I:H) indicate partial integrity impact under a network attack with low complexity and no...

Custom Header - Automatic Add New Header To Entire BurpSuite HTTP Requests

This Burp Suite extension allows you to customize header with put a new header into HTTP REQUEST BurpSuite Scanner, Intruder, Repeater, Proxy History and also you can choose whatever HTTP VERB what do you want to customize. Usage Easy to use ! : Don't forget to click save button ! Changelog 24...

Floating Button Menu - Critical - Unsupported - SA-CONTRIB-2019-091

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466procedure---own-project---unsupported...

Tor Browser v9.0 - Everything you Need to Safely Browse the Internet

Tor Browser 9.0 is the first stable release based on Firefox 68 ESR and contains a number of updates to other components as well including Tor to 0.4.1.6 and OpenSSL to 1.1.1d for desktop versions and Tor to 0.4.1.5 for Android. In addition to all the needed patch rebasing and toolchain updates, ...