Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability

A vulnerability in the ROM Monitor ROMMON of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute...

PT-2021-2447 · Cisco · Cisco Access Points

Name of the Vulnerable Software and Affected Versions: Cisco Access Points Software affected versions not specified Description: A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The issue is due t...

Cisco Cisco Catalyst 9000 数据伪造问题漏洞

The Cisco Catalyst 9000 is a switch from Cisco USA. A security vulnerability exists in the Cisco Catalyst 9000 Family that originates from an improper check in the code function that manages the digital signature verification of the system image file during the initial boot process. An attacker...

Cisco Access Point 安全漏洞

Cisco Access Point is a network access point device from Cisco, Inc. It provides high-density wireless connectivity for small offices. A security vulnerability exists in Cisco Access Points Software, which can be exploited by an attacker to execute unsigned code at boot time...

Cisco IOS XE 数据伪造问题漏洞

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. Cisco IOS XE suffers from a fast reload vulnerability that can be exploited by an attacker to execute arbitrary code on the underlying operating system, install and boot a malware...

多款Cisco产品操作系统命令注入漏洞

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. An OS command injection vulnerability exists in ROMMON of Cisco IOS XE. The vulnerability stems from incorrect validation of specific function parameters passed to the startup...

PT-2021-2556 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software for Cisco 1100 Series Industrial Integrated Services Routers affected versions not specified Cisco IOS XE Software for Cisco ESR6300 Embedded Series Routers affected versions not specified Description: The issue exists d...

Cisco IOS XE SD-WAN Software 数据伪造问题漏洞

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. Cisco IOS XE suffers from a fast reload vulnerability that can be exploited by an attacker to execute arbitrary code on the underlying operating system, install and boot a malware...

MyBB 1.8.25 - Poll Vote Count SQL Injection

Exploit Title: MyBB 1.8.25 - Poll Vote Count SQL Injection Exploit Author: SivertPL [email protected] Date: 20.03.2021 Description: Lack of sanitization in the "votes" parameter in "Edit Poll" causes a second-order semi-blind SQL Injection that is triggered when performing a "Move/Copy"...

MyBB 1.8.25 - Poll Vote Count SQL Injection Vulnerability

Exploit Title: MyBB 1.8.25 - Poll Vote Count SQL Injection Exploit Author: SivertPL email protected Description: Lack of sanitization in the "votes" parameter in "Edit Poll" causes a second-order semi-blind SQL Injection that is triggered when performing a "Move/Copy" operation on the thread...

OSV-2021-525 Use-of-uninitialized-value in void edge_filtering_chroma_internal<unsigned char>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32059 Crash type: Use-of-uninitialized-value Crash state: void edgefilteringchromainternal edgefilteringchroma threadtaskdeblockCTBRow::work...

USN-4839-1: python-gnupg vulnerabilities

Marcus Brinkmann discovered that python-gnupg improperly handled certain command line parameters. A remote attacker could use this to spoof the output of python-gnupg and cause unsigned e-mail to appear signed. CVE-2018-12020 It was discovered that python-gnupg incorrectly handled the GPG...

AZL-6467 CVE-2021-3418 affecting package grub2 for versions less than 2.06~rc1-7

If certificates that signed grub are installed into db, grub can be booted directly. It will then boot any kernel without signature validation. The booted kernel will think it was booted in secureboot mode and will implement lockdown, yet it could have been tampered. This flaw is a reintroduction...

CVE-2021-3418

If certificates that signed grub are installed into db, grub can be booted directly. It will then boot any kernel without signature validation. The booted kernel will think it was booted in secureboot mode and will implement lockdown, yet it could have been tampered. This flaw is a reintroduction...

A flaw was found in grub2 in versions prior to 2.06 where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

...

CVE-2021-27074

Azure Sphere Unsigned Code Execution Vulnerability...

CVE-2021-27080

Azure Sphere Unsigned Code Execution Vulnerability...

Remote code execution

Azure Sphere Unsigned Code Execution Vulnerability...

Remote code execution

Azure Sphere Unsigned Code Execution Vulnerability...

CVE-2021-27074

CVE-2021-27074 is an Azure Sphere unsigned code execution vulnerability. Connected documents describe the issue as an unsigned code execution flaw in Azure Sphere, with one source attributing it to incorrect code generation management in the Azure Sphere OS. Practical impact stated across sources...