сряда, 4 август 2021 г.

Weekly Update: a new vulnerability is published on the National Vulnerability Database (51 items)

New vulnerabilities from the NVD: CVE-2020-25411

Projectworlds Online Examination System 1.0 is vulnerable to CSRF, which allows a remote attacker to delete the existing user.
Published at: May 24, 2021 at 04:15PM
View on website

May 24, 2021 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-25409

Projectsworlds College Management System Php 1.0 is vulnerable to SQL injection issues over multiple parameters.
Published at: May 24, 2021 at 04:15PM
View on website

May 24, 2021 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-25408

A Cross-Site Request Forgery (CSRF) vulnerability exists in ProjectWorlds College Management System Php 1.0 that allows a remote attacker to modify, delete, or make a new entry of the student, faculty, teacher, subject, scores, location, and article data.
Published at: May 24, 2021 at 04:15PM
View on website

May 24, 2021 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-12348

An issue was discovered in zzcms 2019. SQL Injection exists in user/ztconfig.php via the daohang or img POST parameter.
Published at: May 24, 2021 at 07:15PM
View on website

May 24, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21041

Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, which could let a remote malicious user cause a Denial of Service
Published at: May 24, 2021 at 09:15PM
View on website

May 24, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-20907

MetInfo 7.0 beta is affected by a file modification vulnerability. Attackers can delete and modify ini files in app/system/language/admin/language_general.class.php and app/system/include/function/file.func.php.
Published at: May 24, 2021 at 09:15PM
View on website

May 24, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-20178

A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.
Published at: May 24, 2021 at 10:15PM
View on website

May 24, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-13603

Integer Overflow in memory allocating functions. Zephyr versions >= 1.14.2, >= 2.4.0 contain Integer Overflow or Wraparound (CWE-190). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-94vp-8gc2-rm45
Published at: May 25, 2021 at 08:15PM
View on website

May 25, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-13602

Remote Denial of Service in LwM2M do_write_op_tlv. Zephyr versions >= 1.14.2, >= 2.2.0 contain Improper Input Validation (CWE-20), Loop with Unreachable Exit Condition ('Infinite Loop') (CWE-835). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-g9mg-fj58-6fqh
Published at: May 25, 2021 at 08:15PM
View on website

May 25, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-13601

Possible read out of bounds in dns read. Zephyr versions >= 1.14.2, >= 2.3.0 contain Out-of-bounds Read (CWE-125). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-mm57-9hqw-qh44
Published at: May 25, 2021 at 08:15PM
View on website

May 25, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-13600

Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr versions >= 1.14.2, >= 2.3.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx4p-j86p-2mhr
Published at: May 25, 2021 at 08:15PM
View on website

May 25, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-13599

Security problem with settings and littlefs. Zephyr versions >= 1.14.2, >= 2.3.0 contain Incorrect Default Permissions (CWE-276). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q
Published at: May 25, 2021 at 08:15PM
View on website

May 25, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-13598

FS: Buffer Overflow when enabling Long File Names in FAT_FS and calling fs_stat. Zephyr versions >= v1.14.2, >= v2.3.0 contain Stack-based Buffer Overflow (CWE-121). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7fhv-rgxr-x56h
Published at: May 25, 2021 at 08:15PM
View on website

May 25, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10072

Improper Handling of Insufficient Permissions or Privileges in zephyr. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Insufficient Permissions or Privileges (CWE-280). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-vf79-hqwm-w4xc
Published at: May 25, 2021 at 08:15PM
View on website

May 25, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10069

Zephyr Bluetooth unchecked packet data results in denial of service. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Parameters (CWE-233). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-f6vh-7v4x-8fjp
Published at: May 25, 2021 at 08:15PM
View on website

May 25, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10066

Incorrect Error Handling in Bluetooth HCI core. Zephyr versions >= v1.14.2, >= v2.2.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gc66-xfrc-24qr
Published at: May 25, 2021 at 08:15PM
View on website

May 25, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10065

Missing Size Checks in Bluetooth HCI over SPI. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Length Parameter Inconsistency (CWE-130). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hg2w-62p6-g67c
Published at: May 25, 2021 at 08:15PM
View on website

May 25, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10064

Improper Input Frame Validation in ieee802154 Processing. Zephyr versions >= v1.14.2, >= v2.2.0 contain Stack-based Buffer Overflow (CWE-121), Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3gvq-h42f-v3c7
Published at: May 25, 2021 at 08:15PM
View on website

May 25, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-20451

Denial of Service issue in FFmpeg 4.2 due to resource management errors via fftools/cmdutils.c.
Published at: May 25, 2021 at 10:15PM
View on website

May 25, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-20450

FFmpeg 4.2 is affected by null pointer dereference passed as argument to libavformat/aviobuf.c, which could cause a Denial of Service.
Published at: May 25, 2021 at 10:15PM
View on website

May 25, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-20448

FFmpeg 4.1.3 is affected by a Divide By Zero issue via libavcodec/ratecontrol.c, which allows a remote malicious user to cause a Denial of Service.
Published at: May 25, 2021 at 09:15PM
View on website

May 25, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-20446

FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a Denial of Service.
Published at: May 25, 2021 at 09:15PM
View on website

May 25, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-20445

FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/lpc.h, which allows a remote malicious user to cause a Denial of Service.
Published at: May 25, 2021 at 09:15PM
View on website

May 25, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-20453

FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a Denial of Service
Published at: May 25, 2021 at 11:15PM
View on website

May 26, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-20011

libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds, allowing remote attackers to manipulate the contents of feeds without detection. This occurs because of the default behavior of SoupSessionSync.
Published at: May 26, 2021 at 12:15AM
View on website

May 26, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-14836

3scale dev portal login form does not verify CSRF token, and so does not protect against login CSRF.
Published at: May 26, 2021 at 03:15PM
View on website

May 26, 2021 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-18221

Cross Site Scripting (XSS) in Typora v0.9.65 and earlier allows remote attackers to execute arbitrary code by injecting commands during block rendering of a mathematical formula.
Published at: May 26, 2021 at 06:15PM
View on website

May 26, 2021 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-4588

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to execute arbitrary code and conduct DLL hijacking attacks.
Published at: May 26, 2021 at 08:15PM
View on website

May 26, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-25030

In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive cryptographic hash function or key derivation function prior to storage. Popular hashing algorithms based on the Merkle-Damgardconstruction (such as MD5 and SHA-1) alone are insufficient in thwarting password cracking. Attackers can generate and use precomputed hashes for all possible password character combinations (commonly referred to as "rainbow tables") relatively quickly. The use of adaptive hashing algorithms such asscryptorbcryptor Key-Derivation Functions (i.e.PBKDF2) to hash passwords make generation of such rainbow tables computationally infeasible.
Published at: May 26, 2021 at 10:15PM
View on website

May 26, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-25029

In Versa Director, the command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell. In this attack, the attacker-supplied operating system commands are usually executed with the privileges of the vulnerable application. Command injection attacks are possible largely due to insufficient input validation.
Published at: May 26, 2021 at 10:15PM
View on website

May 26, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-16499

In VOS compromised, an attacker at network endpoints can possibly view communications between an unsuspecting user and the service using man-in-the-middle attacks. Usage of unapproved SSH encryption protocols or cipher suites also violates the Data Protection TSR (Technical Security Requirements).
Published at: May 26, 2021 at 10:15PM
View on website

May 26, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-16498

In Versa Director, the unencrypted backup files stored on the Versa deployment contain credentials stored within configuration files. These credentials are for various application components such as SNMP, and SSL and Trust keystores.
Published at: May 26, 2021 at 10:15PM
View on website

May 26, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-16497

In Versa Analytics, the cron jobs are used for scheduling tasks by executing commands at specific dates and times on the server. If the job is run as the user root, there is a potential privilege escalation vulnerability. In this case, the job runs a script as root that is writable by users who are members of the versa group.
Published at: May 26, 2021 at 10:15PM
View on website

May 26, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-16496

In Versa Director, the un-authentication request found.
Published at: May 26, 2021 at 10:15PM
View on website

May 26, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-16495

In VOS user session identifier (authentication token) is issued to the browser prior to authentication but is not changed after the user successfully logs into the application. Failing to issue a new session ID following a successful login introduces the possibility for an attacker to set up a trap session on the device the victim is likely to login with.
Published at: May 26, 2021 at 10:15PM
View on website

May 26, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-16494

In VOS and overly permissive "umask" may allow for authorized users of the server to gain unauthorized access through insecure file permissions that can result in an arbitrary read, write, or execution of newly created files and directories. Insecure umask setting was present throughout the Versa servers.
Published at: May 26, 2021 at 10:15PM
View on website

May 26, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-10868

It has been discovered that redhat-certification does not properly limit the number of recursive definitions of entities in XML documents while parsing the status of a host. A remote attacker could use this vulnerability to consume all the memory of the server and cause a Denial of Service. This flaw affects redhat-certification version 7.
Published at: May 26, 2021 at 10:15PM
View on website

May 26, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-10867

It has been discovered that redhat-certification does not restrict file access in the /update/results page. A remote attacker could use this vulnerability to remove any file accessible by the user which is running httpd. This flaw affects redhat-certification version 7.
Published at: May 26, 2021 at 10:15PM
View on website

May 26, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-10866

It has been discovered that redhat-certification does not perform an authorization check and it allows an unauthenticated user to remove a "system" file, that is an xml file with host related information, not belonging to him. This flaw affects redhat-certification version 7.
Published at: May 26, 2021 at 10:15PM
View on website

May 26, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-10865

It has been discovered that redhat-certification does not perform an authorization check and allows an unauthenticated user to call a "restart" RPC method on any host accessible by the system. An attacker could use this flaw to send requests to port 8009 of any host or to keep restarting the RHCertD daemon on a host of another customer. This flaw affects redhat-certification version 7.
Published at: May 26, 2021 at 10:15PM
View on website

May 26, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-10863

It has been discovered that redhat-certification is not properly configured and it lists all files and directories in the /var/www/rhcert/store/transfer directory through the /rhcert-transfer URL. An unauthorized attacker may use this flaw to gather sensible information. This flaw affects redhat-certification version 7.
Published at: May 26, 2021 at 10:15PM
View on website

May 26, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2009-3721

Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code when decoding attachments.
Published at: May 27, 2021 at 01:15AM
View on website

May 27, 2021 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2008-5509

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs:CVE-2008-5508. Reason: This candidate is a duplicate of CVE-2008-5508. Notes: All CVE users should reference CVE-2008-5508 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Published at: May 27, 2021 at 01:15AM
View on website

May 27, 2021 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2008-5085

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA.
Published at: May 27, 2021 at 01:15AM
View on website

May 27, 2021 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2008-5084

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA.
Published at: May 27, 2021 at 01:15AM
View on website

May 27, 2021 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2008-3523

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA.
Published at: May 27, 2021 at 01:15AM
View on website

May 27, 2021 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2008-2544

Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise.
Published at: May 27, 2021 at 04:15PM
View on website

May 27, 2021 at 06:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10688

A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack.
Published at: May 27, 2021 at 10:15PM
View on website

May 27, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10145

The Adobe ColdFusion installer fails to set a secure access-control list (ACL) on the default installation directory, such as C:\ColdFusion2021\. By default, unprivileged users can create files in this directory structure, which creates a privilege-escalation vulnerability.
Published at: May 28, 2021 at 12:15AM
View on website

May 28, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2010-3843

The gtkui_conf_read function in src/interfaces/gtk/ec_gtk_conf.c in Ettercap 0.7.3, when the GTK interface is used, does not ensure that the contents of the .ettercap_gtk file are controlled by the root user, which allows local users to conduct stack-based buffer overflow attacks and possibly execute arbitrary code, cause a denial of service (memory consumption), or possibly have unspecified other impact via crafted lines in this file.
Published at: May 28, 2021 at 04:15PM
View on website

May 28, 2021 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2013-4536

An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.
Published at: May 28, 2021 at 08:15PM
View on website

May 28, 2021 at 09:36PM

via National Vulnerability Database


Няма коментари:

Публикуване на коментар