LAPD Bans Facial Recognition, Citing Privacy Concerns

The Los Angeles Police Department LAPD has banned the use of commercial facial-recognition services – citing “public trust” considerations. The move comes in the wake of a report that showed that more than 25 employees of the department had performed 475 searches so far using the Clearview AI, an...

CVE-2020-16246

The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting XSS, which may allow attackers to trick users into following a link or navigating to a page that posts a malicious JavaScript statement to the vulnerable site, causing the malicious JavaScript to be rendered by the site...

CVE-2020-14144

The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLEGITHOOKS line i...

financial-disclosure-statement-form.com Cross Site Scripting vulnerability OBB-1408639

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

PCI passthrough code reading back hardware registers

ISSUE DESCRIPTION Code paths in Xen's MSI handling have been identified which act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't be able to affect these registers, experience shows that it's very common for device...

statement-of-claim-against-estate.com Cross Site Scripting vulnerability OBB-1314369

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

financialstatementtemplate.com Cross Site Scripting vulnerability OBB-1282718

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

CVE-2020-14043

PRODUCT NOT SUPPORTED WHEN ASSIGNED A Cross Side Request Forgery CSRF vulnerability was found in Codiad v1.7.8 and later. The request to download a plugin from the marketplace is only available to admin users and it isn't CSRF protected in components/market/controller.php. This might cause admins...

LDAP Injection

meemo-app is vulnerable LDAP injection. Failure to sanitize user-provided input username for LDAP character filters and using the input directly in building LDAP filter allows an attacker to inject malicious LDAP character filters to modify the LDAP statement...

Design/Logic Flaw

JerryScript through 2.3.0 allows stack consumption via function anew new Proxya,JSON.parse"",a. NOTE: the vendor states that the problem is the lack of the --stack-limit option...

CVE-2020-24345

JerryScript through 2.3.0 allows stack consumption via function anew new Proxya,JSON.parse"",a. NOTE: the vendor states that the problem is the lack of the --stack-limit option...

OSV-2020-1443 Segv on unknown address in clang::Sema::ActOnCapScopeReturnStmt

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20420 Crash type: Segv on unknown address Crash state: clang::Sema::ActOnCapScopeReturnStmt clang::Sema::BuildReturnStmt clang::Sema::ActOnReturnStmt...

Security Bulletin: IBM InfoSphere BigInsights contains a denial of service vulnerability that can be exploited by a remote, authenticated DB2 user issuing a specially-crafted SELECT statement with ROUND or TRUNCATE function (CVE-2015-0157).

Summary InfoSphere BigInsights Big SQL contains a denial of service vulnerability. A remote, authenticated DB2 user could exploit this vulnerability by issuing a specially-crafted SELECT statement with ROUND or TRUNCATE function. The vulnerability exists in the IBM DB2 component included in...

Configuring a Windows Domain to Dynamically Analyze an Obfuscated Lateral Movement Tool

We recently encountered a large obfuscated malware sample that offered several interesting analysis challenges. It used virtualization that prevented us from producing a fully-deobfuscated memory dump for static analysis. Statically analyzing a large virtualized sample can take anywhere from...

EulerOS 2.0 SP2 : sqlite (EulerOS-SA-2020-1624)

According to the versions of the sqlite packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect...

CVE-2020-13631

A flaw was found in the virtual table implementation of SQLite. This flaw allows an attacker who can execute SQL statements to rename a virtual table to the name of one of its shadow tables, leading to potential data corruption...

CVE-2020-12680

Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user credentials. The functions of the executable file Avira.PWM.NativeMessaging.exe are aimed at collecting credentials stored in Chrome, Firefox, Opera, and Edge. The executable does not verify the calling program and th...

Easy B2C Mall System d***.php file exists arbitrary SQL statement execution vulnerability

Easy B2C mall system is a mall system based on open source framework development. Easy B2C mall system d.php file exists arbitrary SQL statement execution vulnerability. An attacker can exploit the vulnerability to execute arbitrary SQL statements within the file...

CVE-2020-12652

The mptctlioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states "The security...

CVE-2020-12652

The mptctlioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states "The security...