kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS

A vulnerability found in the Linux kernel's WMM implementation for Marvell WiFi-based hardware mwifiex could lead to a denial of service or allow arbitrary code execution. For this flaw to be executed, the attacker must be both local and privileged. There is no mitigation to this flaw. A patch ha...

CVE-2020-5292

CVE-2020-5292 – Leantime SQL injection (time-based blind) : Leantime before versions 2.0.15 and 2.1-beta3 is vulnerable to SQL injection via an unescaped parameter in a POST to /tickets/showKanban. The vulnerable parameter is “searchUsers” (internally named “users” in class.tickets.php) and requi...

HP ThinPro 6.x / 7.x Citrix Command Injection Vulnerability

HP ThinPro - Citrix command injection =============================================================================== Identifiers ------------------------------------------------- CVE-2019-18909 CVSSv3 score ------------------------------------------------- 6.1 AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N...

HP ThinPro 6.x / 7.x Privileged Command Injection Vulnerability

HP ThinPro - Privileged command injection =============================================================================== Identifiers ------------------------------------------------- CVE-2019-18910 CVSSv3 score ------------------------------------------------- 7.6...

HP ThinPro 6.x / 7.x Information Disclosure

HP ThinPro - Information disclosure =============================================================================== Identifiers ------------------------------------------------- CVE-2019-16285 CVSSv3 score ------------------------------------------------- 6.1 AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N...

HP ThinPro 6.x / 7.x Privilege Escalation

HP ThinPro - Privilege escalation =============================================================================== Identifiers ------------------------------------------------- CVE-2019-16287 CVSSv3 score ------------------------------------------------- 6.1 AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N...

HP ThinPro 6.x / 7.x Privileged Command Injection

HP ThinPro - Privileged command injection =============================================================================== Identifiers ------------------------------------------------- CVE-2019-18910 CVSSv3 score ------------------------------------------------- 7.6...

PT-2020-20723 · D Link · D-Link Dir-615

Name of the Vulnerable Software and Affected Versions: D-Link DIR-615Jx10 devices affected versions not specified Description: The issue is a stack-based buffer overflow in the fmwlan.c file. It occurs via the formWlanSetup Wizard webpage parameter when the f radius ip1 is malformed...

Apple TV < 13.3.1 Multiple Vulnerabilities

According to its banner, the version of Apple TV on the remote device is prior to 13.3.1. It is therefore affected by multiple vulnerabilities as described in the HT210920 C Tenable Network Security, Inc. include'compat.inc'; if description scriptid133727; scriptversion"1.6";...

PT-2020-19480 · Simplejobscript.Com · Sjs

Name of the Vulnerable Software and Affected Versions: Simplejobscript.com SJS versions prior to 1.65 Description: An issue was discovered in Simplejobscript.com SJS. There is unauthenticated SQL injection via the search engine, specifically through the landing location parameter in the...

PT-2020-10063 · Intelbras · Intelbras Win 240

Name of the Vulnerable Software and Affected Versions: Intelbras WRN240 devices affected versions not specified Description: The issue allows replacement of the firmware without requiring authentication, via a POST request to the "incoming/Firmware.cfg" API endpoint. Recommendations: For Intelbra...

PT-2020-1558 · Apache +1 · Apache +1

Name of the Vulnerable Software and Affected Versions: rConfig version 3.9.3 Description: An issue in rConfig allows an attacker to bypass local security restrictions due to insecure privilege management in the /etc/sudoers file. This occurs after an update to the rConfig specific Apache...

PT-2019-6188 · Struktur Ag +4 · Libde265 +4

Name of the Vulnerable Software and Affected Versions: libde265 version 1.0.4 Description: The issue is related to a segmentation fault in the apply sao internal function, which can be exploited via a crafted file, potentially allowing a remote attacker to cause a denial of service. The...

GNU Mailutils 3.7 - Privilege Escalation Exploit

Exploit Title: GNU Mailutils 3.7 - Local Privilege Escalation Date: 2019-11-06 Exploit Author: Mike Gualtieri Vendor Homepage: https://mailutils.org/ Software Link: https://ftp.gnu.org/gnu/mailutils/mailutils-3.7.tar.gz Version: 2.0 = 3.7 Tested on: Gentoo CVE : CVE-2019-18862 Title : GNU Mailuti...

PT-2019-13265 · Foxit · Foxit Reader

Name of the Vulnerable Software and Affected Versions: Foxit Reader version 9.5 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The flaw exists...

PT-2019-14602 · Samsung · Samsungtts

Name of the Vulnerable Software and Affected Versions: SamsungTTS versions prior to 3.0.02.7 SamsungTTS version 3.0.00.101 Description: The issue allows a local attacker to escalate privileges, for example, to system privileges. It is related to the handling of debugging flags by the package...

PT-2019-4006 · D Link · Dhp-1565 +9

Name of the Vulnerable Software and Affected Versions: D-Link DIR-655C versions D-Link DIR-866L versions D-Link DIR-652 versions D-Link DHP-1565 versions D-Link DIR-855L versions D-Link DAP-1533 versions D-Link DIR-862L versions D-Link DIR-615 versions D-Link DIR-835 versions D-Link DIR-825...

PT-2019-5517 · Openwrt · Openwrt

Name of the Vulnerable Software and Affected Versions: OpenWrt versions 15.05.1 through 18.06.4 Description: The issue is related to errors in the certificate authentication procedure of the Ustream-SSL library in OpenWrt. This can be exploited by a remote attacker to perform a man-in-the-middle...

Cybozu Garoon vulnerable to SQL injection

Overview Cybozu Garoon provided by Cybozu, Inc. contains an SQL injection vulnerability CWE-89 in the processing of Todo portlet. Shoji Baba reported this vulnerability to Cybozu, Inc., and Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/C...

PT-2019-3070 · Cisco · Cisco Integrated Management Controller

Name of the Vulnerable Software and Affected Versions: Cisco Integrated Management Controller IMC affected versions not specified Description: A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC could allow an authenticated, remote attacker to injec...