Design/Logic Flaw

A Insufficient Verification of Data Authenticity vulnerability in autoyast2 of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows remote attackers to MITM connections when deprecated and unused functionality of autoyast is used to create images. This issue affects: SUSE Linux...

CVE-2019-18905 Deprecated functionality in autoyast2 automatically imports gpg keys without checking them

A Insufficient Verification of Data Authenticity vulnerability in autoyast2 of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows remote attackers to MITM connections when deprecated and unused functionality of autoyast is used to create images. This issue affects: SUSE Linux...

CVE-2020-11453

Microstrategy Web 10.4 is vulnerable to Server-Side Request Forgery in the Test Web Service functionality exposed through the path /MicroStrategyWS/. The functionality requires no authentication and, while it is not possible to pass parameters in the SSRF request, it is still possible to exploit ...

CVE-2019-14835

A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this fla...

Quick wins with Adobe Experience Manager

Introduction Adobe Experience Manager AEM, is a comprehensive content management solution for building websites, mobile apps and forms. And it makes it easy to manage your marketing content and assets. If you've ever looked into AEM you may have heard of Mikhail Egorov @0ang3el. He has done some...

CVE-2020-10510

Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control. After login, attackers can use a specific URL, access unauthorized functionality and data...

CVE-2020-10510 Sunnet eHRD - Broken Access Control

Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control. After login, attackers can use a specific URL, access unauthorized functionality and data...

CVE-2020-8985

ZendTo prior to 5.22-2 Beta allowed reflected XSS and CSRF via the unlock.tpl unlock user functionality...

CVE-2020-6072

An exploitable code execution vulnerability exists in the label-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing compressed labels in mDNS messages, the rrdecode function's return value is not checked, leading to a double free that could be exploited to execute arbitrary code. A...

Null pointer dereference

An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages in mdnsrecv, the return value of the mdnsreadheader function is not checked, leading to an uninitialized variable usage that eventually results in ...

Design/Logic Flaw

ZendTo prior to 5.22-2 Beta allowed reflected XSS and CSRF via the unlock.tpl unlock user functionality...

Videolabs libmicrodns 0.1.0 resource record recursive label uncompression denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the resource record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing compressed labels in mDNS messages, the compression pointer is followed without checking for recursion, leading to a denial of service. An attack...

Videolabs libmicrodns 0.1.0 mdns_recv return value denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages in mdnsrecv, the return value of the mdnsreadheader function is not checked, leading to an uninitialized variable usage that eventually...

Huawei EulerOS: Security Advisory for e2fsprogs (EulerOS-SA-2020-1272)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 31 Update: php-horde-Horde-Form-2.0.20-1.fc31

The HordeForm package provides form rendering, validation, and other functionality for the Horde Application Framework...

CVE-2020-9472

Umbraco CMS 8.5.3 allows an authenticated file upload and consequently Remote Code Execution via the Install Package functionality...

CVE-2020-9472

Umbraco CMS 8.5.3 allows an authenticated file upload and consequently Remote Code Execution via the Install Package functionality...

CVE-2020-9472

Umbraco CMS 8.5.3 allows an authenticated file upload and consequently Remote Code Execution via the Install Package functionality...

Information disclosure

The popup-builder plugin before 3.64.1 for WordPress allows information disclosure and settings modification, leading to in-scope privilege escalation via admin-post actions to com/classes/Actions.php. By sending a POST request to wp-admin/admin-post.php, an authenticated attacker with minimal...

Denial of service

A Denial-of-Service vulnerability exists in BECKHOFF Ethernet TCP/IP Bus Coupler BK9000. After an attack has occurred, the device's functionality can be restored by rebooting...