EUVD-2020-17690

Malware in sbrugna...

CVE-2020-24990

An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By utilizing the TFTP service running on UDP port 69, a remote attacker can perform a directory traversal and obtain operating system files via a TFTP GET request, as demonstrated by reading /etc/passwd or /proc/version...

CVE-2020-24990

An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By utilizing the TFTP service running on UDP port 69, a remote attacker can perform a directory traversal and obtain operating system files via a TFTP GET request, as demonstrated by reading /etc/passwd or /proc/version...

CVE-2020-24990

The CVE-2020-24990 issue affects QSC Q-SYS Core Manager 8.2.1 via the TFTP service on UDP/69, enabling a directory traversal to read OS files (e.g., /etc/passwd, /proc/version). Root cause: TFTP GET requests bypass path filtering. Impact is partial confidentiality loss without integrity/availabil...

QSC Q-SYS Core Manager Path Traversal Vulnerability

QSC Q-SYS is a signal processing device from QSC. The device is used for audio information processing and information exchange, and can be used in conference, teacher, lecture hall and other multi-person meeting scenarios. A path traversal vulnerability exists in QSC Q-SYS Core Manager 8.2.1, whi...

Fedora 30 : systemd (2019-3fa5db9e19)

Backport more patches : - shared/install: Preserve escape characters for escaped unit names https://github.com/coreos/bugs/issues/2569 - timedate: fix emitted value when ntp client is enabled/disabled 1696586 - udev: run programs in the specified order 1696784 - core: add...