CVE-2020-25987

MonoCMS Blog 1.0 stores hard-coded admin hashes in the log.xml file in the source files for MonoCMS Blog. Hash type is bcrypt and hashcat mode 3200 can be used to crack the hash...

faa.gov Open Redirect vulnerability OBB-1384453

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

libsrtp security and bug fix update

1.4.4-11.20101004cvs - Fix global buffer overflow Resolves: bz1301202 - Fix improper handling of CSRC count and extension header length in RTP header Resolves: bz1323705 - Fix buffer overflow in application of crypto profiles Resolves: bz1141897...

Cross-site Scripting (XSS) - Generic in forkcms/forkcms

Description ForkCMS is an easy to use open source CMS using Symfony Components this package is vulnerable to Stored Cross-Site Scripting XSS. https://github.com/forkcms/forkcms Steps To Reproduce-: 1 install https://github.com/forkcms/forkcms locally or https://demo.fork-cms.com/private/ use demo...

Acronis: XSS on https://partners.acronis.com/

Hello, I found DOM XSS on login page of https://partners.acronis.com/ Open this URL https://partners.acronis.com/en-us/profile/login.html?-back=test123" and search for var back =. Here input is HTML encoded but from that reflected value, element is created and appended to the form. F983552 We can...

SUSE SLES12 Security Update : kernel (SUSE-SU-2020:2578-1)

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to 3.12.31 to receive various security and bugfixes. The following security bug was fixed : CVE-2020-14386: Fixed a potential local privilege escalation via memory corruption bsc1176069. The update package also includes non-security fixes...

Shopify: Cache poisoning via X-Forwarded-Host in www.shopify.com/partners/blog

Hello, run in loop requests with X-Forwarded-Host: yourhackerzsite.com - after some time You will notice in response yourhackerzsite.com F981839 now remove X-Forwarded-Host - there still be our url: F981841 i've logged to my VPS to verify this bug and downloaded poisoned page...

SUSE-SU-2020:2580-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive various security and bugfixes. The following security bug was fixed: - CVE-2020-14386: Fixed a potential local privilege escalation via memory corruption bsc1176069. The following non-security bugs were fixed: - bcache: allocate...

SUSE-SU-2020:2579-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP1 Azure kernel was updated to receive various security and bugfixes. The following security bug was fixed: - CVE-2020-14386: Fixed a potential local privilege escalation via memory corruption bsc1176069. The following non-security bugs were fixed: - EDAC: Fix...

SUSE-SU-2020:2578-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to 3.12.31 to receive various security and bugfixes. The following security bug was fixed: - CVE-2020-14386: Fixed a potential local privilege escalation via memory corruption bsc1176069. The following non-security bugs were fixed: - EDAC:...

SUSE-SU-2020:2576-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP2 kernel was updated to to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-14314: Fixed a potential negative array index in dosplit bsc1173798. - CVE-2020-14331: Fixed a missing check in vgacon scrollback handling bsc1174205...

brasilsus.com.br Cross Site Scripting vulnerability OBB-1310292

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

libreoffice:ww6fuzzer: Heap-buffer-overflow in rtl::OUString::equalsAsciiL

Project: git://anongit.freedesktop.org/libreoffice/core Detailed Report: https://oss-fuzz.com/testcase?key=4970802532057088 Project: libreoffice Fuzzing Engine: honggfuzz Fuzz Target: ww6fuzzer Job Type: honggfuzzasanlibreoffice Platform Id: linux Crash Type: Heap-buffer-overflow READ 8 Crash...

Important: Red Hat Security Advisory: Ansible security and bug fix update (2.9.13)

An update for ansible is now available for Ansible Engine 2 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

CVE-2020-10518

A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted and made it possible to execute commands on the...

Remote code execution

A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted and made it possible to execute commands on the...

CVE-2020-15149

NodeBB before version 1.14.3 has a bug introduced in version 1.12.2 in the validation logic that makes it possible to change the password of any user on a running NodeBB forum by sending a specially crafted socket.io call to the server. This could lead to a privilege escalation event due via an...

GitLab: Insufficient Type Check leading to Developer ability to delete Project, Repository, Group, ...

Summary Similar bug to 858671, but this time with annotations mutation: DeleteAnnotation in app/graphql/mutations/metrics/dashboard/annotations/base.rb ruby module Mutations module Metrics module Dashboard module Annotations class Base " clientMutationId 3. Project disappear along with Repository...

Ruby on Rails: Server-side template injection at ujs test server

I have found in the server code for testing ujs in Rails that template injection is possible and that leads to rce. code https://github.com/rails/rails/blob/v6.0.3.2/actionview/test/ujs/server.rb ruby module UJS class Server Blade::Assets.environment get "/" = "testsindex" match "/echo" =...

Node.js third-party modules: [systeminformation] Command Injection via insecure command formatting

I would like to report a Command Injection vulnerability in the systeminformation package. It allows an attacker to inject arbitrary OS commands. Module Module name: systeminformation Version: 4.26.10 npm page: https://www.npmjs.com/package/systeminformation Module Description System and OS...