четвъртък, 16 март 2023 г.

Weekly Digest: a new vulnerability is published on the National Vulnerability Database (48 items)


New vulnerabilities from the NVD: CVE-2021-21706

In PHP versions 7.3.x below 7.3.31, 7.4.x below 7.4.24 and 8.0.x below 8.0.11, in Microsoft Windows environment, ZipArchive::extractTo may be tricked into writing a file outside target directory when extracting a ZIP file, thus potentially causing files to be created or overwritten, subject to OS permissions.
Published at: October 04, 2021 at 07:15AM
View on website

October 04, 2021 at 08:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-21705

In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid password field can be accepted as valid. This can lead to the code incorrectly parsing the URL and potentially leading to other security implications - like contacting a wrong server or making a wrong access decision.
Published at: October 04, 2021 at 07:15AM
View on website

October 04, 2021 at 08:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-21704

In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, such as getAttribute(), execute(), fetch() and others by returning invalid response data that is not parsed correctly by the driver. This can result in crashes, denial of service or potentially memory corruption.
Published at: October 04, 2021 at 07:15AM
View on website

October 04, 2021 at 08:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-22557

SLO generator allows for loading of YAML files that if crafted in a specific format can allow for code execution within the context of the SLO Generator. We recommend upgrading SLO Generator past https://github.com/google/slo-generator/pull/173
Published at: October 04, 2021 at 01:15PM
View on website

October 04, 2021 at 03:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-22259

A potential DOS vulnerability was discovered in GitLab EE starting with version 12.6 due to lack of pagination in dependencies API.
Published at: October 04, 2021 at 08:15PM
View on website

October 04, 2021 at 09:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-28119

Cross site scripting vulnerability in 53KF < 2.0.0.2 that allows for arbitrary code to be executed via crafted HTML statement inserted into chat window.
Published at: October 04, 2021 at 08:15PM
View on website

October 04, 2021 at 09:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21496

A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitebrief parameter.
Published at: October 05, 2021 at 12:15AM
View on website

October 05, 2021 at 01:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21495

A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitename parameter.
Published at: October 05, 2021 at 12:15AM
View on website

October 05, 2021 at 01:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21494

A cross-site scripting (XSS) vulnerability in the component install\install.sql of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via changing the doctype value to 0.
Published at: October 05, 2021 at 12:15AM
View on website

October 05, 2021 at 01:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21493

An issue in the component route\user.php of Xiuno BBS v4.0.4 allows attackers to enumerate usernames.
Published at: October 05, 2021 at 12:15AM
View on website

October 05, 2021 at 01:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21434

Maccms 10 contains a cross-site scripting (XSS) vulnerability in the Editing function under the Member module. This vulnerability is exploited via a crafted payload in the nickname text field.
Published at: October 05, 2021 at 12:15AM
View on website

October 05, 2021 at 01:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21431

HongCMS v3.0 contains an arbitrary file read and write vulnerability in the component /admin/index.php/template/edit.
Published at: October 05, 2021 at 12:15AM
View on website

October 05, 2021 at 01:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21387

A cross-site scripting (XSS) vulnerability in the parameter type_en of Maccms 10 allows attackers to obtain the administrator cookie and escalate privileges via a crafted payload.
Published at: October 04, 2021 at 11:15PM
View on website

October 05, 2021 at 01:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21386

A Cross-Site Request Forgery (CSRF) in the component admin.php/admin/type/info.html of Maccms 10 allows attackers to gain administrator privileges.
Published at: October 04, 2021 at 11:15PM
View on website

October 05, 2021 at 01:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-22258

The project import/export feature in GitLab 8.9 and greater could be used to obtain otherwise private email addresses
Published at: October 05, 2021 at 05:15PM
View on website

October 05, 2021 at 07:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-22257

An issue has been discovered in GitLab affecting all versions starting from 14.0 before 14.0.9, all versions starting from 14.1 before 14.1.4, all versions starting from 14.2 before 14.2.2. The route for /user.keys is not restricted on instances with public visibility disabled. This allows user enumeration on such instances.
Published at: October 05, 2021 at 05:15PM
View on website

October 05, 2021 at 07:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21506

waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admin.php?m=Config&a=add.
Published at: October 06, 2021 at 01:15AM
View on website

October 06, 2021 at 03:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21505

waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admin.php/Link/addsave.
Published at: October 06, 2021 at 01:15AM
View on website

October 06, 2021 at 03:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21504

waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admin.php?&m=Public&a=login.
Published at: October 06, 2021 at 01:15AM
View on website

October 06, 2021 at 03:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21503

waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=gift&a=addsave credit parameter to -1, the product is sold for free.
Published at: October 06, 2021 at 01:15AM
View on website

October 06, 2021 at 03:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-15941

A path traversal vulnerability [CWE-22] in FortiClientEMS versions 6.4.1 and below; 6.2.8 and below may allow an authenticated attacker to inject directory traversal character sequences to add/delete the files of the server via the name parameter of Deployment Packages.
Published at: October 06, 2021 at 01:15PM
View on website

October 06, 2021 at 03:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-19003

An issue in Gate One 1.2.0 allows attackers to bypass to the verification check done by the origins list and connect to Gate One instances used by hosts not on the origins list.
Published at: October 06, 2021 at 04:15PM
View on website

October 06, 2021 at 06:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-0685

In ParsedIntentInfo of ParsedIntentInfo.java, there is a possible parcel serialization/deserialization mismatch due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-191055353
Published at: October 06, 2021 at 06:15PM
View on website

October 06, 2021 at 07:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-0684

In TouchInputMapper::sync of TouchInputMapper.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-179839665
Published at: October 06, 2021 at 06:15PM
View on website

October 06, 2021 at 07:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-0683

In runTraceIpcStop of ActivityManagerShellCommand.java, there is a possible deletion of system files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-185398942
Published at: October 06, 2021 at 06:15PM
View on website

October 06, 2021 at 07:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-0682

In sendAccessibilityEvent of NotificationManagerService.java, there is a possible disclosure of notification data due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-159624555
Published at: October 06, 2021 at 06:15PM
View on website

October 06, 2021 at 07:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-0681

In system properties, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-192535337
Published at: October 06, 2021 at 06:15PM
View on website

October 06, 2021 at 07:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-0680

In system properties, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-192535676
Published at: October 06, 2021 at 06:15PM
View on website

October 06, 2021 at 07:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-0644

In conditionallyRemoveIdentifiers of SubscriptionController.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-181053462
Published at: October 06, 2021 at 06:15PM
View on website

October 06, 2021 at 07:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-0636

When extracting the incorrectly formatted avi file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed. This problem may lead to hacker malicious code attacks, resulting in the loss of user rights.Product: Androidversion: Android-10Android ID: A-189392423
Published at: October 06, 2021 at 06:15PM
View on website

October 06, 2021 at 07:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-0635

When extracting the incorrectly formatted flv file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed. This problem may lead to hacker malicious code attacks, resulting in the loss of user rights.Product: Androidversion:Android-10Android ID: A-189402477
Published at: October 06, 2021 at 06:15PM
View on website

October 06, 2021 at 07:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-0598

In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-180422108
Published at: October 06, 2021 at 06:15PM
View on website

October 06, 2021 at 07:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2021-0595

In lockAllProfileTasks of RootWindowContainer.java, there is a possible way to access the work profile without the profile PIN, after logging in. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-177457096
Published at: October 06, 2021 at 06:15PM
View on website

October 06, 2021 at 07:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21658

A Cross-Site Request Forgery (CSRF) in WDJA CMS v1.5.2 allows attackers to arbitrarily add administrator accounts via a crafted URL.
Published at: October 07, 2021 at 01:15AM
View on website

October 07, 2021 at 03:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21656

XYHCMS v3.6 contains a stored cross-site scripting (XSS) vulnerability in the component xyhai.php?s=/Link/index.
Published at: October 07, 2021 at 01:15AM
View on website

October 07, 2021 at 03:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21654

emlog v6.0 contains a vulnerability in the component admin\template.php, which allows attackers to getshell via a crafted Zip file.
Published at: October 07, 2021 at 01:15AM
View on website

October 07, 2021 at 03:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21653

Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sj() method.
Published at: October 07, 2021 at 01:15AM
View on website

October 07, 2021 at 03:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21652

Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the addqq() method.
Published at: October 07, 2021 at 01:15AM
View on website

October 07, 2021 at 03:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21651

Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\point.php, which can be exploited via the add() method.
Published at: October 07, 2021 at 01:15AM
View on website

October 07, 2021 at 03:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21650

Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the add() method.
Published at: October 07, 2021 at 01:15AM
View on website

October 07, 2021 at 03:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21649

Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sql() method.
Published at: October 07, 2021 at 01:15AM
View on website

October 07, 2021 at 03:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21648

WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in the component admin/cache/manage.php.
Published at: October 07, 2021 at 01:15AM
View on website

October 07, 2021 at 03:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21865

ThinkPHP50-CMS v1.0 contains a remote code execution (RCE) vulnerability in the component /public/?s=captcha.
Published at: October 08, 2021 at 12:15AM
View on website

October 08, 2021 at 01:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21729

JEECMS x1.1 contains a stored cross-site scripting (XSS) vulnerability in the component of /member-vipcenter.htm, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
Published at: October 08, 2021 at 01:15AM
View on website

October 08, 2021 at 03:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21726

OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the cid parameter.
Published at: October 08, 2021 at 01:15AM
View on website

October 08, 2021 at 03:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-21725

OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the pid parameter.
Published at: October 08, 2021 at 01:15AM
View on website

October 08, 2021 at 03:33AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-4654

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to obtain sensitive information due to improper permission control. IBM X-Force ID: 186090.
Published at: October 08, 2021 at 09:15PM
View on website

October 08, 2021 at 11:33PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-22617

Ardour v5.12 contains a use-after-free vulnerability in the component ardour/libs/pbd/xml++.cc when using xmlFreeDoc and xmlXPathFreeContext.
Published at: October 08, 2021 at 11:15PM
View on website

October 09, 2021 at 01:33AM

via National Vulnerability Database


Няма коментари:

Публикуване на коментар