петък, 30 юли 2021 г.

Weekly Update: a new vulnerability is published on the National Vulnerability Database (52 items)

New vulnerabilities from the NVD: CVE-2020-7851

Innorix Web-Based File Transfer Solution versuibs prior to and including 9.2.18.385 contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the internal method. A remote attacker could induce a user to access a crafted web page, causing damage such as malicious code infection.
Published at: April 19, 2021 at 04:15PM
View on website

April 19, 2021 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-28141

The messaging subsystem in the Online Discussion Forum 1.0 is vulnerable to XSS in the message body. An authenticated user can send messages to arbitrary users on the system that include javascript that will execute when viewing the messages page.
Published at: April 19, 2021 at 07:15PM
View on website

April 19, 2021 at 09:37PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27241

An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The serialnumber parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Published at: April 20, 2021 at 12:15AM
View on website

April 20, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27240

An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The componentStatus parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection An attacker can make an authenticated HTTP request to trigger this vulnerability.
Published at: April 20, 2021 at 12:15AM
View on website

April 20, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-20453

IBM WebSphere Application Server 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 196648.
Published at: April 20, 2021 at 03:15PM
View on website

April 20, 2021 at 08:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-20023

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host.
Published at: April 20, 2021 at 03:15PM
View on website

April 20, 2021 at 08:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-7856

A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient authentication validation.
Published at: April 20, 2021 at 04:15PM
View on website

April 20, 2021 at 08:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-20453

IBM WebSphere Application Server 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 196648.
Published at: April 20, 2021 at 03:15PM
View on website

April 20, 2021 at 10:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-20023

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host.
Published at: April 20, 2021 at 03:15PM
View on website

April 20, 2021 at 10:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-7856

A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient authentication validation.
Published at: April 20, 2021 at 04:15PM
View on website

April 20, 2021 at 10:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-20501

IBM i 7.1, 7.2, 7.3, and 7.4 SMTP allows a network attacker to send emails to non-existent local-domain recipients to the SMTP server, caused by using a non-default configuration. An attacker could exploit this vulnerability to consume unnecessary network bandwidth and disk space, and allow remote attackers to send spam email. IBM X-Force ID: 198056.
Published at: April 21, 2021 at 03:15PM
View on website

April 21, 2021 at 10:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-20454

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 196649.
Published at: April 21, 2021 at 03:15PM
View on website

April 21, 2021 at 10:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-1079

NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation.
Published at: April 20, 2021 at 07:15PM
View on website

April 21, 2021 at 10:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-7857

A vulnerability of XPlatform could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient validation of improper classes. This issue affects: Tobesoft XPlatform versions prior to 9.2.2.280.
Published at: April 20, 2021 at 11:15PM
View on website

April 21, 2021 at 10:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-35982

An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function gf_hinter_track_finalize() in media_tools/isom_hinter.c.
Published at: April 21, 2021 at 07:15PM
View on website

April 21, 2021 at 10:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-35981

An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function SetupWriters() in isomedia/isom_store.c.
Published at: April 21, 2021 at 07:15PM
View on website

April 21, 2021 at 10:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-35980

An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is a use-after-free in the function gf_isom_box_del() in isomedia/box_funcs.c.
Published at: April 21, 2021 at 07:15PM
View on website

April 21, 2021 at 10:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-35979

An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is heap-based buffer overflow in the function gp_rtp_builder_do_avc() in ietf/rtp_pck_mpeg4.c.
Published at: April 21, 2021 at 07:15PM
View on website

April 21, 2021 at 10:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-35314

An OS command injection vulnerability in the installUpdateThemePluginAction function in index.php in WonderCMS 3.1.3, allows remote attackers to upload a custom plugin which can contain arbitrary code and obtain a webshell via the theme/plugin installer.
Published at: April 20, 2021 at 11:15PM
View on website

April 21, 2021 at 10:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-35313

A server-side request forgery (SSRF) vulnerability in the addCustomThemePluginRepository function in index.php in WonderCMS 3.1.3 allows remote attackers to execute arbitrary code via a crafted URL to the theme/plugin installer.
Published at: April 20, 2021 at 11:15PM
View on website

April 21, 2021 at 10:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-26197

Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2 vulnerability. It may make it easier to eavesdrop and decrypt such traffic for a malicious actor. Note: This does not affect clusters which are not relying on an LDAP server for the authentication provider.
Published at: April 20, 2021 at 08:15PM
View on website

April 21, 2021 at 10:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-25864

HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14.
Published at: April 20, 2021 at 07:15PM
View on website

April 21, 2021 at 10:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-14105

The application in the mobile phone can read the SNO information of the device, Xiaomi 10 MIUI < 2020.01.15.
Published at: April 20, 2021 at 07:15PM
View on website

April 21, 2021 at 10:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-28973

The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to properly authenticate some requests to its built-in HTTPS interface. Someone can use this vulnerability to obtain sensitive information from the system, such as usernames and passwords. This information can then be used to reconfigure or disable the alarm system.
Published at: April 21, 2021 at 10:15PM
View on website

April 21, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-23932

An issue was discovered in gpac before 1.0.1. A NULL pointer dereference exists in the function dump_isom_sdp located in filedump.c. It allows an attacker to cause Denial of Service.
Published at: April 21, 2021 at 09:15PM
View on website

April 21, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-23931

An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read.
Published at: April 21, 2021 at 09:15PM
View on website

April 21, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-23930

An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function nhmldump_send_header located in write_nhml.c. It allows an attacker to cause Denial of Service.
Published at: April 21, 2021 at 09:15PM
View on website

April 21, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-23928

An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read.
Published at: April 21, 2021 at 09:15PM
View on website

April 21, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-23922

An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read.
Published at: April 21, 2021 at 09:15PM
View on website

April 21, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-23921

An issue was discovered in fast_ber through v0.4. yy::yylex() in asn_compiler.hpp has a heap-based buffer over-read.
Published at: April 21, 2021 at 09:15PM
View on website

April 21, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-23915

An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_escape_sequence() in peglib.h has a heap-based buffer over-read.
Published at: April 21, 2021 at 09:15PM
View on website

April 21, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-23914

An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer dereference exists in the peg::AstOptimizer::optimize() located in peglib.h. It allows an attacker to cause Denial of Service.
Published at: April 21, 2021 at 09:15PM
View on website

April 21, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-23912

An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer dereference exists in the function AP4_StszAtom::GetSampleSize() located in Ap4StszAtom.cpp. It allows an attacker to cause Denial of Service.
Published at: April 21, 2021 at 09:15PM
View on website

April 21, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-23907

An issue was discovered in retdec v3.3. In function canSplitFunctionOn() of ir_modifications.cpp, there is a possible out of bounds read due to a heap buffer overflow. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution.
Published at: April 21, 2021 at 09:15PM
View on website

April 21, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-36324

Wikimedia Quarry analytics-quarry-web before 2020-12-15 allows Reflected XSS because app.py does not explicitly set the application/json content type.
Published at: April 21, 2021 at 11:15PM
View on website

April 22, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27569

Arbitrary File Write exists in Aviatrix VPN Client 2.8.2 and earlier. The VPN service writes logs to a location that is world writable and can be leveraged to gain write access to any file on the system.
Published at: April 22, 2021 at 01:15AM
View on website

April 22, 2021 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27568

Insecure File Permissions exist in Aviatrix Controller 5.3.1516. Several world writable files and directories were found in the controller resource. Note: All Aviatrix appliances are fully encrypted. This is an extra layer of security.
Published at: April 22, 2021 at 01:15AM
View on website

April 22, 2021 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27738

A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions < V2017.02.3), Nucleus Source Code (versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), VSTAR (versions including affected DNS modules). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition.
Published at: April 23, 2021 at 12:15AM
View on website

April 23, 2021 at 02:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27737

A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions < V2017.02.3), Nucleus Source Code (versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), VSTAR (versions including affected DNS modules). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure.
Published at: April 23, 2021 at 12:15AM
View on website

April 23, 2021 at 02:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27736

A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions < V2017.02.3), Nucleus Source Code (versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), VSTAR (versions including affected DNS modules). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory.
Published at: April 23, 2021 at 12:15AM
View on website

April 23, 2021 at 02:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27009

A vulnerability has been identified in Nucleus NET (All versions < V5.2), Nucleus RTOS (versions including affected DNS modules), Nucleus Source Code (versions including affected DNS modules), VSTAR (versions including affected DNS modules). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition.
Published at: April 23, 2021 at 12:15AM
View on website

April 23, 2021 at 02:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-26997

A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2020 (SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could lead to pointer dereferences of a value obtained from untrusted source. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11919)
Published at: April 23, 2021 at 12:15AM
View on website

April 23, 2021 at 02:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-25244

A vulnerability has been identified in LOGO! Soft Comfort (All versions). The software insecurely loads libraries which makes it vulnerable to DLL hijacking. Successful exploitation by a local attacker could lead to a takeover of the system where the software is installed.
Published at: April 23, 2021 at 12:15AM
View on website

April 23, 2021 at 02:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-25243

A vulnerability has been identified in LOGO! Soft Comfort (All versions). A zip slip vulnerability could be triggered while importing a compromised project file to the affected software. Chained with other vulnerabilities this vulnerability could ultimately lead to a system takeover by an attacker.
Published at: April 23, 2021 at 12:15AM
View on website

April 23, 2021 at 02:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-15795

A vulnerability has been identified in Nucleus NET (All versions < V5.2), Nucleus RTOS (versions including affected DNS modules), Nucleus Source Code (versions including affected DNS modules), VSTAR (versions including affected DNS modules). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition.
Published at: April 23, 2021 at 12:15AM
View on website

April 23, 2021 at 02:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-17564

Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a crafted HTTP request to the " Admin/DataAction.class.php" component.
Published at: April 23, 2021 at 01:15AM
View on website

April 23, 2021 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-17563

Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a crafted HTTP request to " /index.php?s=/admin-tpl-del&id=".
Published at: April 23, 2021 at 01:15AM
View on website

April 23, 2021 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-25028

Missing variable sanitization in Grid component in com.vaadin:vaadin-server versions 7.4.0 through 7.7.19 (Vaadin 7.4.0 through 7.7.19), and 8.0.0 through 8.8.4 (Vaadin 8.0.0 through 8.8.4) allows attacker to inject malicious JavaScript via unspecified vector
Published at: April 23, 2021 at 07:15PM
View on website

April 23, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-25027

Missing output sanitization in default RouteNotFoundError view in com.vaadin:flow-server versions 1.0.0 through 1.0.10 (Vaadin 10.0.0 through 10.0.13), and 1.1.0 through 1.4.2 (Vaadin 11.0.0 through 13.0.5) allows attacker to execute malicious JavaScript via crafted URL
Published at: April 23, 2021 at 07:15PM
View on website

April 23, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-25007

Missing check in UIDL request handler in com.vaadin:flow-server versions 1.0.0 through 1.0.5 (Vaadin 10.0.0 through 10.0.7, and 11.0.0 through 11.0.2) allows attacker to update element property values via crafted synchronization message.
Published at: April 23, 2021 at 07:15PM
View on website

April 23, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-20003

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
Published at: April 23, 2021 at 07:15PM
View on website

April 23, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-17542

Cross Site Scripting (XSS) in dotCMS v5.1.5 allows remote attackers to execute arbitrary code by injecting a malicious payload into the "Task Detail" comment window of the "/dotAdmin/#/c/workflow" component.
Published at: April 24, 2021 at 12:15AM
View on website

April 24, 2021 at 01:36AM

via National Vulnerability Database


Няма коментари:

Публикуване на коментар