Arbitrary Code Execution

xen is vulnerable to arbitrary code execution. Lack of adequate sanity-checking of data received via the "net socket listen" option. A malicious local administrator of a guest domain could trigger this flaw to potentially execute arbitrary code outside of the domain...

Spoofing Attack

kernel is vulnerable to spoofing attacks. A flaw in the CIFS handling of the mount option sec= that didn't enable integrity checking and didn't produce any error message...

Apple Xcode < 10.2 Code Execution (macOS)

The version of Apple Xcode installed on the remote macOS or Mac OS X host is prior to 10.2. It is, therefore, affected by a memory corruption issue due to improper input checking. An unauthenticated, remote attacker can exploit this to execute arbitrary code with kernel privileges. Note that Ness...

F2fs-tools fsck.f2fs sanity_check_area_boundary code execution vulnerability

Summary An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations, resulting in code execution. An attacker can provide a malicious file to trigger this...

ZSQL: IP Address Blacklist

The IP address blacklist is configured by setting the TCPEXCLUDEDNODES parameter. After IP address whitelist/blacklist checking is enabled and the IP address blacklist is configured, the blacklisted clients cannot access the database. Such a blacklist allows for IPv4 and IPv6 addresses, as well a...

CVE-2018-18309

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in readreloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, a...

CVE-2019-5798

Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

CVE-2020-3911

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2...

Buffer overflow

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2...

Buffer overflow

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2...

CVE-2020-3911

CVE-2020-3911 is a buffer overflow in libxml2 that was addressed by improved bounds checking and size validation. The issue affects multiple Apple platforms and components, with fixes shipped in iOS 13.4/iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, and related Apple updates for Wi...

CVE-2020-3909

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2...

GHSA-6C8F-QPHG-QJGP Validation Bypass in kind-of

Versions of kind-of 6.x prior to 6.0.3 are vulnerable to a Validation Bypass. A maliciously crafted object can alter the result of the type check, allowing attackers to bypass the type checking validation. Recommendation Upgrade to versions 6.0.3 or later...

Laminar Research X-Plane OS Command Injection Vulnerability

Laminar Research X-Plane is a flight simulator from the American company Laminar Research. An operating system command injection vulnerability exists in Laminar Research X-Plane version 11.41 and prior versions, which stems from the program failing to perform proper path checking. The vulnerabili...

WordPress SEO Plugin - Rank Math < 1.0.41 - Redirect Creation via Unprotected REST API Endpoint

The WordPress SEO Plugin – Rank Math plugin includes a number of optional modules, including a module that can be used to create redirects on a site. In order to add this feature, the plugin registered a REST-API endpoint, rankmath/v1/updateRedirection, which failed to include a permissioncallbac...

Critical RCE Bug Affects Millions of OpenWrt-based Network Devices

A cybersecurity researcher today disclosed technical details and proof-of-concept of a critical remote code execution vulnerability affecting OpenWrt, a widely used Linux-based operating system for routers, residential gateways, and other embedded devices that route network traffic. Tracked as...

Linux: Install AIDE

Advanced Intrusion Detection Environment aide is an intrusion detection system for checking the integrity of files. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

EulerOS 2.0 SP5 : ruby (EulerOS-SA-2020-1324)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.CVE-2019-15845 - Ruby...

Input validation

There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions...

CVE-2020-1879

Summary: CVE-2020-1879 describes an improper integrity-check vulnerability in several Huawei smart devices that can let a high-privilege attacker perform malicious modifications. Affected products/versions: HEGE-560 v1.0.1.21(SP3); HEGE-570 v1.0.1.22(SP3); OSCA-550 v1.0.1.21(SP3); OSCA-550A v1.0....