CVE-2021-23241

The CVE-2021-23241 entry affects MERCUSYS Mercury X18G 1.0.5 routers. The connected Nuclei template confirms a Local File Inclusion/Directory Traversal vulnerability via ../ in conjunction with a loginLess or login.htm URI, enabling an authentication bypass and access to sensitive web-server file...

Webswing Remote Code Execution Vulnerability

Webswing is a web server that lets you run any swing application in a web browser using only pure HTML5. A remote code execution vulnerability exists in JsLink in Webswing that can be exploited by an attacker to execute code in the server...

Design/Logic Flaw

Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file upload vulnerability in the Custom GiftCard Template that can remotely execute arbitrary code. Once it contains the function "Custom Gift Card Template", the function of uploading a custom image is used, changing the name of the image...

CVE-2020-35729

KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter...

CVE-2020-35370

A RCE vulnerability exists in Raysync below 3.3.3.8. An unauthenticated unauthorized attacker sending a specifically crafted request to override the specific file in server with malicious content can login as "admin", then to modify specific shell file to achieve remote code executionRCE on the...

Serious vulnerabilities fixed in Dell Wyse ThinOS

Vulnerabilities have been fixed in Dell Wyse ThinOS. A malicious person with access to a local FTP server could exploit the vulnerabilities to obtain sensitive information. The malicious party, by accessing this information and the ability to modify configuration files, the entire system. Dell ha...

OPENSUSE-SU-2020:2186-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - CVE-2020-25712: Fixed a heap-based buffer overflow which could have led to privilege escalation bsc1177596. - CVE-2020-14360: Fixed an out of bounds memory accesses on too short request which could lead to denial of service bsc1174908...

OPENSUSE-SU-2020:1993-1 Security update for rmt-server

This update for rmt-server fixes the following issues: Update to version 2.6.5: - Solved potential bug of SCC repository URLs changing over time. RMT now self heals by removing the previous invalid repository and creating the correct one. - Add web server settings to /etc/rmt.conf: Now it's...

SUSE-SU-2020:3466-1 Security update for SUSE Manager Server 4.0

This update fixes the following issues: bind-formula: - Temporarily disable dnssec-validation as hotfix for bsc1177790 - Update to version 0.1.1603299886.60e4bcf grafana-formula: - Use variable for product name - Add support for system groups in Client Systems dashboard postgresql-jdbc: - Address...

Design/Logic Flaw

An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.8.9. A specially crafted request could bypass Multipart protection and read files in certain specific paths on the server. Affected versions are: =8.8.9, =13.4, =13.5, 13.5.2...

Design/Logic Flaw

The server in Dundas BI through 8.0.0.1001 allows XSS via addition of a Component e.g., a button when events such as click, hover, etc. occur...

CVE-2020-7207

CVE-2020-7207 affects HPE ProLiant Gen10 servers with Intel Innovation Engine. The vulnerability enables local privilege escalation via physical access to the server motherboard. Root cause: compromised access to hardware/platform state enables elevation of privileges; impact includes high confid...

Remote code execution

u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client through webserver due to lack of array bound check.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...

Researchers: Instagram, LinkedIn Vulnerable to Preview-Link RCE Security Woes

UPDATE Link previews in popular chat apps on iOS and Android are a firehose of security and privacy issues, researchers have found. At risk are Facebook Messenger, LINE, Slack, Twitter Direct Messages, Zoom and many others. In the case of Instagram and LinkedIn, it’s even possible to execute remo...

Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...

CVE-2020-14827

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: LDAP Auth. Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromis...

CVE-2020-14869

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: LDAP Auth. Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromi...

Insecure Error Handling

github.com/ory/fosite does not securely handle errors from the server. The TokenRevocationHandler ignores errors coming from the storage. This can lead to unexpected 200 status codes indicating successful revocation while the token is still valid and may lead to unexpected behaviors in the server...

Unsecured Microsoft Bing Server Leaked Search Queries, Location Data

An unsecured database has exposed sensitive data for users of Microsoft’s Bing search engine mobile application – including their location coordinates, search terms in clear text and more. While no personal information, like names, were exposed, researchers with Wizcase argued that enough data wa...

mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Roles. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...