CVE-2020-24368

Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. This issue is fixed in Icinga Web 2 in v2.6.4, v2.7.4 and v2.8.2...

Denial Of Service (DoS)

nfdump is vulnerable to denial of service DoS. The vulnerability exists through an integer overflow in the function Processipfixtemplatewithdraw in ipfix.c that can be abused in order to crash the process remotely...

Buffer overflow

hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. This occurs during packet transmission and affects the highbank and midway emulated machines. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial o...

CVE-2020-15863

hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. This occurs during packet transmission and affects the highbank and midway emulated machines. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial o...

Remote Code Execution

telerik is vulnerable to remote code execution. A .NET JavaScriptSerializer Deserialization vulnerability through RadAsyncUpload allows an attacker to execute malicious code on the server in the context of the w3wp.exe process...

GLSA-202006-14 : PEAR Archive_Tar: Remote code execution vulnerability

The remote host is affected by the vulnerability described in GLSA-202006-14 PEAR ArchiveTar: Remote code execution vulnerability An issue was discovered in the PEAR module ArchiveTars handling of file paths within Tar achives. Impact : A local or remote attacker could possibly execute arbitrary...

PEAR Archive_Tar: Remote code execution vulnerability

Background This class provides handling of tar files in PHP. Description An issue was discovered in the PEAR module ArchiveTar’s handling of file paths within Tar achives. Impact A local or remote attacker could possibly execute arbitrary code with the privileges of the process. Workaround Avoid...

CVE-2020-11091

In Weave Net before version 2.6.3, an attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not totally disabled on the host via ipv6.disable=1 ...

CVE-2020-10134

Pairing in Bluetooth® Core v5.2 and earlier may permit an unauthenticated attacker to acquire credentials with two pairing devices via adjacent access when the unauthenticated user initiates different pairing methods in each peer device and an end-user erroneously completes both pairing procedure...

CVE-2020-7455

In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-STABLE before r360973, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, the FTP packet handler in libalias incorrectly calculates some packet length allowing disclosure of small amounts of kernel for kernel NAT or natd process...

GaussDB: Configure the Maximum Number of Files that Can Be Opened in Processes

If the maximum number of files that can be opened in processes is too small, SQL operations will fail once the maximum number is exceeded. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

CVE-2019-15790

CVE-2019-15790 concerns Ubuntu’s Apport crash-dump handling. The records show an unprivileged user could read information about a privileged process from /proc/pid and use it to obtain ASLR offsets for a memory-corruption vulnerability, via PID recycling. The root cause involves Apport reading/wr...

WebKit AudioArray::allocate Data Race / Out-Of-Bounds Access

WebKit: Data race in AudioArray::allocate can lead to OOB access VULNERABILITY DETAILS Source/WebCore/platform/audio/AudioArray.h: void allocateChecked n ... while !isAllocationGood // Initially we try to allocate the exact size, but if it's not aligned // then we'll have to reallocate and from...

GLSA-202004-08 : libssh: Denial of service

The remote host is affected by the vulnerability described in GLSA-202004-08 libssh: Denial of service It was discovered that libssh could crash when AES-CTR ciphers are used. Impact : A remote attacker running a malicious client or server could possibly crash the counterpart implemented with...

Execute .net Assembly (x64 only)

This module executes a .NET assembly in memory. It reflectively loads a dll that will host CLR, then it copies the assembly to be executed into memory. Credits for AMSI bypass to Rastamouse @RastaMouse This module requires Metasploit: https://metasploit.com/download Current source:...

Information Disclosure

jbossws is vulnerable to information disclosure. The request handler in JBossWS did not correctly verify the resource path when serving WSDL files for custom web service endpoints. This allowed remote attackers to read arbitrary XML files with the permissions of the EAP processs...

Fedora: Security Advisory for squid (FEDORA-2020-790296a8f4)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 32 Update: openfortivpn-1.12.0-1.fc32

openfortivpn is a client for PPP+SSL VPN tunnel services. It spawns a pppd process and operates the communication between the gateway and this process. It is compatible with Fortinet VPNs...

ICU: Integer overflow

Background ICU is a mature, widely used set of C/C++ and Java libraries providing Unicode and Globalization support for software applications. Description It was discovered that ICU’s UnicodeString::doAppend function is vulnerable to an integer overflow. Please review the CVE identifiers referenc...

Persistence – DLL Hijacking

When a program is starting a number of DLLs are loaded into the memory space of its process. Windows is searching the DLLs that are… Continue reading - Persistence - DLL Hijacking...