Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5207-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5207-1 advisory. Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could us...

BMC Track-It! GetData Missing Authorization Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of BMC Track-It!. Authentication is required to exploit this vulnerability. The specific flaw exists within the GetData endpoint. The issue results from the lack of authorization prior to allowi...

CVE-2022-22110

In Daybyday CRM, versions 1.1 through 2.2.0 enforce weak password requirements in the user update functionality. A user with privileges to update his password could change it to a weak password, such as those with a length of a single character. This may allow an attacker to brute-force users’...

In the lend() function state updates are made after the callback

Handle jayjonah8 Vulnerability details Impact In TimeswapPair.sol, the lend function has a callback to the msg.sender in the middle of the function while there are still updates to state that take place after the callback. The lock modifier guards against reentrancy but not against cross function...

borrow() function has state updates after a callback to msg.sender

Handle jayjonah8 Vulnerability details Impact In TimeswapPair.sol, the borrow function has a callback to the msg.sender in the middle of the function while there are still updates to state that take place after the callback. The lock modifier guards against reentrancy but not against cross functi...

Trendnet AC2600 TEW-827DRU Information Disclosure Vulnerability

Trendnet AC2600 TEW-827DRU is a wireless router. Trendnet AC2600 TEW-827DRU is vulnerable to an information disclosure vulnerability that stems from a failure to properly disclose credentials for the device's smb functionality. An attacker could exploit the vulnerability to display all mb account...

CVE-2021-20160

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb functionality of the device. The username parameter used when configuring smb functionality for the device is vulnerable to command injection as root...

CVE-2021-20173

Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device. By triggering a system update check via the SOAP interface, the device is susceptible to command injection via preconfigured values...

CVE-2021-20160

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb functionality of the device. The username parameter used when configuring smb functionality for the device is vulnerable to command injection as root...

CVE-2021-20152

Trendnet AC2600 TEW-827DRU version 2.08B01 lacks proper authentication to the bittorrent functionality. If enabled, anyone is able to visit and modify settings and files via the Bittorent web client by visiting: http://192.168.10.1:9091/transmission/web/...

CVE-2021-20153

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality. If enabled, the bittorrent functionality is vulnerable to a symlink attack that could lead to remote code execution on the device. If an end user inserts a flash drive with a malicious...

Command injection

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb functionality of the device. The username parameter used when configuring smb functionality for the device is vulnerable to command injection as root...

Design/Logic Flaw

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality. If enabled, the bittorrent functionality is vulnerable to a symlink attack that could lead to remote code execution on the device. If an end user inserts a flash drive with a malicious...

CVE-2021-20173

Netgear Nighthawk R6700 router (firmware 1.0.4.120) is affected by a command-injection vulnerability in the update functionality exposed via the SOAP interface. A system update check can be triggered with preconfigured values to inject commands. Root cause: insecure handling in the update/SOAP pa...

CVE-2021-20153

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality. If enabled, the bittorrent functionality is vulnerable to a symlink attack that could lead to remote code execution on the device. If an end user inserts a flash drive with a malicious...

CVE-2021-20153

CVE-2021-20153 affects Trendnet AC2600 TEW-827DRU (firmware version 2.08B01). The issue is a symlink vulnerability in the bittorrent functionality that could allow a remote code execution on the device. If a user inserts a flash drive containing a malicious symlink that the bittorrent client can ...

EulerOS Virtualization 3.0.2.0 : rpm (EulerOS-SA-2021-2823)

According to the versions of the rpm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a...

[SECURITY] Fedora 34 Update: gnome-shell-extensions-40.5-1.fc34

GNOME Shell Extensions is a collection of extensions providing additional and optional functionality to GNOME Shell. Enabled extensions: apps-menu auto-move-windows drive-menu launch-new-instance native-window-placement places-menu screenshot-window-sizer user-theme window-list windowsNavigator...

PT-2021-7280

Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration ZCS versions 8.8.15 through 9.0 Description: The issue concerns the mboximport functionality in Zimbra Collaboration, which allows an authenticated user with administrator rights to upload arbitrary files to the system,...

FreeBSD : OpenSearch -- Log4Shell (b0f49cb9-6736-11ec-9eea-589cfc007716)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b0f49cb9-6736-11ec-9eea-589cfc007716 advisory. - It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain...