Description of the security update for Office Online Server: January 12, 2021

Description of the security update for Office Online Server: January 12, 2021 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...

RUSTSEC-2021-0003 Buffer overflow in SmallVec::insert_many

A bug in the SmallVec::insertmany method caused it to allocate a buffer that was smaller than needed. It then wrote past the end of the buffer, causing a buffer overflow and memory corruption on the heap. This bug was only triggered if the iterator passed to insertmany yielded more items than the...

WordPress Total Upkeep Unauthenticated Backup Downloader

This module exploits an unauthenticated database backup vulnerability in WordPress plugin 'Boldgrid-Backup' also known as 'Total Upkeep' version use auxiliary/scanner/http/wptotalupkeepdownloader msf auxiliarywptotalupkeepdownloader show actions ...actions... msf auxiliarywptotalupkeepdownloader...

CVE-2019-7726

CVE-2019-7726 affects NukeViet prior to 4.3.04. The affected code path is in modules/banners/funcs/click.php, where a SQL INSERT statement incorporates raw header data from HTTP requests (e.g., Referer and User-Agent). The underlying issue is SQL injection risk due to unsanitized header input bei...

TIBCO Security Advisory: December 15, 2020 - TIBCOPartnerExpress

TIBCO PartnerExpress REST API Original release date: December 15, 2020 Last revised: CVE-2020-27147 Source: TIBCO SoftwareInc. TIBCO PartnerExpress REST API Original release date: December 15, 2020 Last revised: --- Source: TIBCO Software Inc. Systems Affected TIBCO PartnerExpress version 6.2.0 T...

OSV-2020-2178 Stack-buffer-overflow in insert_key

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27719 Crash type: Stack-buffer-overflow READ 1 Crash state: insertkey detectnetkey scpkcs15emutcosinitex...

Sandbox Restrictions Bypass

openjdk is vulnerable to sandbox restrictions bypass. A difficult to exploit vulnrerability allows an attacker to perform unauthorized update, insert and delete actions...

CVE-2020-26507

A CSV Injection also known as Formula Injection vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. By providing formula code in the “Notes” functionality in the main screen, an attacker can inject a payload into th...

CVE-2020-26507

A CSV Injection also known as Formula Injection vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. By providing formula code in the “Notes” functionality in the main screen, an attacker can inject a payload into th...

tcpdump: Buffer over-read in print-icmp6.c

The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rxcachefind and rxcacheinsert...

Design/Logic Flaw

Vulnerability in the Oracle Application Express component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access via HTTP to compromise Oracle Application...

Design/Logic Flaw

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite component: Flex Fields. Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2020-14895

The CVE-2020-14895 entry concerns Oracle Utilities Framework (System Wide) with affected versions 2.2.0.0.0, 4.2.0.2.0, 4.2.0.3.0, 4.3.0.1.0–4.3.0.6.0, 4.4.0.0.0 and 4.4.0.2.0. The connected Red Hat/RedHat-agnostic sources confirm the vulnerability permits a low-privilege, network-accessible atta...

CVE-2020-14763

CVE-2020-14763 affects Oracle Database Server’s Application Express Quick Poll component, with the affected version being prior to 20.2. A low-privileged attacker with a valid user account and network access via HTTP can compromise Quick Poll, with successful attacks potentially leading to unauth...

CVE-2020-25768

Contao before 4.4.52, 4.9.x before 4.9.6, and 4.10.x before 4.10.1 have Improper Input Validation. It is possible to inject insert tags in front end forms which will be replaced when the page is rendered...

CVE-2020-25768

Contao before 4.4.52, 4.9.x before 4.9.6, and 4.10.x before 4.10.1 have Improper Input Validation. It is possible to inject insert tags in front end forms which will be replaced when the page is rendered...

CVE-2020-25768

CVE-2020-25768 (Contao) involves improper input validation that allows insertion of insert tags in front-end forms, which are later rendered as part of the page. Affected products/versions include Contao prior to 4.4.52, 4.9.x before 4.9.6, and 4.10.x before 4.10.1. The underlying issue is inject...

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation insert_from can have a memory-safety issue upon a panic.

...

Contao Insert tag injection in forms

Impact It is possible to inject insert tags in front end forms which will be replaced when the page is rendered. Patches Update to Contao 4.4.52, 4.9.6 or 4.10.1. Workarounds Disable the front end login form and do not use form fields with array keys such as fieldname. References...

GHSA-F7WM-X4GW-6M23 Contao Insert tag injection in forms

Impact It is possible to inject insert tags in front end forms which will be replaced when the page is rendered. Patches Update to Contao 4.4.52, 4.9.6 or 4.10.1. Workarounds Disable the front end login form and do not use form fields with array keys such as fieldname. References...