петък, 16 октомври 2020 г.

Weekly Update: a new vulnerability is published on the National Vulnerability Database (147 items)

New vulnerabilities from the NVD: CVE-2019-19412

Some Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. The affected products and versions are: ALP-AL00B Versions earlier than 9.0.0.181(C00E87R2P20T8) ALP-L09 Versions earlier than 9.0.0.201(C432E4R1P9) ALP-L29 Versions earlier than 9.0.0.177(C185E2R1P12T8), Versions earlier than 9.0.0.195(C636E2R1P12) Anne-AL00 Versions earlier than 8.0.0.168(C00) BLA-AL00B Versions earlier than 9.0.0.181(C00E88R2P15T8) BLA-L09C Versions earlier than 9.0.0.177(C185E2R1P13T8), Versions earlier than 9.0.0.206(C432E4R1P11) BLA-L29C Versions earlier than 9.0.0.179(C576E2R1P7T8), Versions earlier than 9.0.0.194(C185E2R1P13), Versions earlier than 9.0.0.206(C432E4R1P11), Versions earlier than 9.0.0.210(C635E4R1P13) Berkeley-AL20 Versions earlier than 9.0.0.1 56(C00E156R2P14T8) Berkeley-L09 Versions earlier than 8.0.0.172(C432), Versions earlier than 8.0.0.173(C636) Emily-L29C Versions earlier than 9.0.0.159(C185E2R1P12T8), Versions earlier than 9.0.0.159(C461E2R1P11T8), Versions earlier than 9.0.0.160(C432E7R1P11T8), Versions earlier than 9.0.0.165(C605E2R1P12), Versions earlier than 9.0.0.168(C636E7R1P13T8), Versions earlier than 9.0.0.168(C782E3R1P11T8), Versions earlier than 9.0.0.196(C635E2R1P11T8) Figo-L03 Versions earlier than 9.1.0.130(C605E6R1P5T8) Figo-L21 Versions earlier than 9.1.0.130(C185E6R1P5T8), Versions earlier than 9.1.0.130(C635E6R1P5T8) Figo-L23 Versions earlier than 9.1.0.130(C605E6R1P5T8) Figo-L31 Versions earlier than 9.1.0.130(C432E8R1P5T8) Florida-L03 Versions earlier than 9.1.0.121(C605E5R1P1T8) Florida-L21 Versions earlier than 8.0.0.129(C605), Versions earlier than 8.0.0.131(C432), Versions earlier than 8.0.0.132(C185) Florida-L22 Versions earlier than 8.0.0.132(C636) Florida-L23 Versions earlier than 8.0.0.144(C605) HUAWEI P smart Versions earlier than 9.1.0.130(C185E6R1P5T8), Versions earlier than 9.1.0.130(C605E6R1P5T8) HUAWEI P smart, HUAWEI Y7s Versions earlier than 9.1.0.124(C636E6R1P5T8) HUAWEI P20 lite Versions earlier than 8.0.0.148(C635), Versions earlier than 8.0.0.155(C185), Versions earlier than 8.0.0.155(C605), Versions earlier than 8.0.0.156(C605), Versions earlier than 8.0.0.157(C432) HUAWEI nova 3e, HUAWEI P20 lite Versions earlier than 8.0.0.147(C461), Versions earlier than 8.0.0.148(ZAFC185), Versions earlier than 8.0.0.160(C185), Versions earlier than 8.0.0.160(C605), Versions earlier than 8.0.0.168(C432), Versions earlier than 8.0.0.172(C636) Honor View 10 Versions earlier than 9.0.0.202(C567E6R1P12T8) Leland-AL00A Versions earlier than 8.0.0.182(C00) Leland-L21A Versions earlier than 8.0.0.135(C185), Versions earlier than 9.1.0.118(C636E4R1P1T8) Leland-L22A Versions earlier than 9.1.0.118(C636E4R1P1T8) Leland-L22C Versions earlier than 9.1.0.118(C63 6E4R1P1T8) Leland-L31A Versions earlier than 8.0.0.139(C432)
Published at: June 08, 2020 at 10:15PM
View on website

June 08, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-3617

Privilege escalation vulnerability in McAfee Total Protection (ToPS) for Mac OS prior to 4.6 allows local users to gain root privileges via incorrect protection of temporary files.
Published at: June 10, 2020 at 11:15AM
View on website

June 10, 2020 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-3613

DLL Search Order Hijacking vulnerability in McAfee Agent (MA) prior to 5.6.4 allows attackers with local access to execute arbitrary code via execution from a compromised folder.
Published at: June 10, 2020 at 02:15PM
View on website

June 10, 2020 at 03:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-4576

IBM QRadar Network Packet Capture 7.3.0 - 7.3.3 Patch 1 and 7.4.0 GA does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 166803.
Published at: June 10, 2020 at 04:15PM
View on website

June 10, 2020 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-3588

Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked.
Published at: June 10, 2020 at 03:15PM
View on website

June 10, 2020 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-3585

Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges.
Published at: June 10, 2020 at 03:15PM
View on website

June 10, 2020 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10708

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Published at: June 10, 2020 at 06:15PM
View on website

June 10, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10755

An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cinder with the Dell EMC ScaleIO or VxFlex OS backend storage driver, credentials for the entire backend are exposed in the ``connection_info`` element in all Block Storage v3 Attachments API calls containing that element. This flaw enables an end-user to create a volume, make an API call to show the attachment detail information, and retrieve a username and password that may be used to connect to another user's volume. Additionally, these credentials are valid for the ScaleIO or VxFlex OS Management API, should an attacker discover the Management API endpoint. Source: OpenStack project
Published at: June 10, 2020 at 08:15PM
View on website

June 10, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0121

In updateUidProcState of AppOpsService.java, there is a possible permission bypass due to a logic error. This could lead to local information disclosure of location data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-148180766
Published at: June 10, 2020 at 09:15PM
View on website

June 10, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0119

In addOrUpdateNetworkInternal and related functions of WifiConfigManager.java, there is a possible man in the middle attack due to improper certificate validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150500247
Published at: June 10, 2020 at 09:15PM
View on website

June 10, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0118

In addListener of RegionSamplingThread.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150904694
Published at: June 10, 2020 at 09:15PM
View on website

June 10, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0117

In aes_cmac of aes_cmac.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution in the bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-151155194
Published at: June 10, 2020 at 09:15PM
View on website

June 10, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0116

In checkSystemLocationAccess of LocationAccessPolicy.java, there is a possible bypass of user profile isolation due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-151330809
Published at: June 10, 2020 at 09:15PM
View on website

June 10, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0115

In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-150038428
Published at: June 10, 2020 at 09:15PM
View on website

June 10, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0114

In onCreateSliceProvider of KeyguardSliceProvider.java, there is a possible confused deputy due to a PendingIntent error. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147606347
Published at: June 10, 2020 at 09:15PM
View on website

June 10, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0113

In sendCaptureResult of Camera3OutputUtils.cpp, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-9Android ID: A-150944913
Published at: June 10, 2020 at 09:15PM
View on website

June 10, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-5735

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: June 10, 2020 at 09:15PM
View on website

June 10, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-5732

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: June 10, 2020 at 09:15PM
View on website

June 10, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-5731

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: June 10, 2020 at 09:15PM
View on website

June 10, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0136

In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-120078455
Published at: June 11, 2020 at 06:15PM
View on website

June 11, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0135

In dump of RollbackManagerServiceImpl.java, there is a possible backup metadata exposure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150949837
Published at: June 11, 2020 at 06:15PM
View on website

June 11, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0134

In BnDrm::onTransact of IDrm.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146052771
Published at: June 11, 2020 at 06:15PM
View on website

June 11, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0133

In MockLocationAppPreferenceController.java, it is possible to mock the GPS location of the device due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145136060
Published at: June 11, 2020 at 06:15PM
View on website

June 11, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0132

In BnAAudioService::onTransact of IAAudioService.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139473816
Published at: June 11, 2020 at 06:15PM
View on website

June 11, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0131

In parseChunk of MPEG4Extractor.cpp, there is a possible out of bounds write due to incompletely initialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-151159638
Published at: June 11, 2020 at 06:15PM
View on website

June 11, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0129

In SetData of btm_ble_multi_adv.cc, there is a possible out-of-bound write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-123292010
Published at: June 11, 2020 at 06:15PM
View on website

June 11, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0128

In addPacket of AMPEG4ElementaryAssembler, there is an out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-123940919
Published at: June 11, 2020 at 06:15PM
View on website

June 11, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0127

In AudioStream::decode of AudioGroup.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the phone process with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140054506
Published at: June 11, 2020 at 06:15PM
View on website

June 11, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0126

In multiple functions in DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local code execution with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-137878930
Published at: June 11, 2020 at 06:15PM
View on website

June 11, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0124

In markBootComplete of InstalldNativeService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140237592
Published at: June 11, 2020 at 06:15PM
View on website

June 11, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-15123

The Branding Module in Viki Vera 4.9.1.26180 allows an authenticated user to change the logo on the website. An attacker could use this to upload a malicious .aspx file and gain Remote Code Execution on the site.
Published at: June 13, 2020 at 12:15AM
View on website

June 13, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-16252

Missing SSL Certificate Validation in the Nutfind.com application through 3.9.12 for Android allows a man-in-the-middle attacker to sniff and manipulate all API requests, including login credentials and location data.
Published at: June 13, 2020 at 02:15AM
View on website

June 13, 2020 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19112

The wpForo plugin 1.6.5 for WordPress allows XSS involving the wpf-dw-td-value class of dashboard.php.
Published at: June 15, 2020 at 05:15PM
View on website

June 15, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19111

The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases langid parameter.
Published at: June 15, 2020 at 05:15PM
View on website

June 15, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19110

The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases s parameter.
Published at: June 15, 2020 at 05:15PM
View on website

June 15, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19109

The wpForo plugin 1.6.5 for WordPress allows wp-admin/admin.php?page=wpforo-usergroups CSRF.
Published at: June 15, 2020 at 05:15PM
View on website

June 15, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-16848

A Denial of Service (DoS) condition is possible in OpenStack Mistral in versions up to and including 7.0.3. Submitting a specially crafted workflow definition YAML file containing nested anchors can lead to resource exhaustion culminating in a denial of service.
Published at: June 15, 2020 at 06:15PM
View on website

June 15, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18869

A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks.
Published at: June 15, 2020 at 06:15PM
View on website

June 15, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20838

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.
Published at: June 15, 2020 at 08:15PM
View on website

June 15, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21246

Caddy before 0.10.13 mishandles TLS client authentication, as demonstrated by an authentication bypass caused by the lack of the StrictHostMatching mode.
Published at: June 15, 2020 at 08:15PM
View on website

June 15, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21245

Pound before 2.8 allows HTTP request smuggling, a related issue to CVE-2016-10711.
Published at: June 15, 2020 at 08:15PM
View on website

June 15, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-18614

On the Cypress CYW20735 evaluation board, any data that exceeds 384 bytes is copied and causes an overflow. This is because the maximum BLOC buffer size for sending and receiving data is set to 384 bytes, but everything else is still configured to the usual size of 1092 (which was used for everything in the previous CYW20719 and later CYW20819 evaluation board). To trigger the overflow, an attacker can either send packets over the air or as unprivileged local user. Over the air, the minimal PoC is sending "l2ping -s 600" to the target address prior to any pairing. Locally, the buffer overflow is immediately triggered by opening an ACL or SCO connection to a headset. This occurs because, in WICED Studio 6.2 and 6.4, BT_ACL_HOST_TO_DEVICE_DEFAULT_SIZE and BT_ACL_DEVICE_TO_HOST_DEFAULT_SIZE are set to 384.
Published at: June 16, 2020 at 05:15PM
View on website

June 16, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17655

A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.2 and below may allow an attacker to retrieve a logged-in SSL VPN user's credentials should that attacker be able to read the session file stored on the targeted device's system.
Published at: June 17, 2020 at 12:15AM
View on website

June 17, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0540

Insufficiently protected credentials in Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access.
Published at: June 15, 2020 at 05:15PM
View on website

June 17, 2020 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0539

Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially enable denial of service via local access.
Published at: June 15, 2020 at 05:15PM
View on website

June 17, 2020 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0538

Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable denial of service via network access.
Published at: June 15, 2020 at 05:15PM
View on website

June 17, 2020 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0537

Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow a privileged user to potentially enable denial of service via network access.
Published at: June 15, 2020 at 05:15PM
View on website

June 17, 2020 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0536

Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.0.33 and Intel(R) TXE versions before 3.1.75 and 4.0.25 may allow an unauthenticated user to potentially enable information disclosure via network access.
Published at: June 15, 2020 at 05:15PM
View on website

June 17, 2020 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0535

Improper input validation in Intel(R) AMT versions before 11.8.76, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access.
Published at: June 15, 2020 at 05:15PM
View on website

June 17, 2020 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0534

Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an unauthenticated user to potentially enable denial of service via network access.
Published at: June 15, 2020 at 05:15PM
View on website

June 17, 2020 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0533

Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.
Published at: June 15, 2020 at 05:15PM
View on website

June 17, 2020 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0532

Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.
Published at: June 15, 2020 at 05:15PM
View on website

June 17, 2020 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0531

Improper input validation in Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an authenticated user to potentially enable information disclosure via network access.
Published at: June 15, 2020 at 05:15PM
View on website

June 17, 2020 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0529

Improper initialization in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an unauthenticated user to potentially enable escalation of privilege via local access.
Published at: June 15, 2020 at 05:15PM
View on website

June 17, 2020 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0528

Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access.
Published at: June 15, 2020 at 05:15PM
View on website

June 17, 2020 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0527

Insufficient control flow management in firmware for some Intel(R) Data Center SSDs may allow a privileged user to potentially enable information disclosure via local access.
Published at: June 15, 2020 at 05:15PM
View on website

June 17, 2020 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0235

In crus_sp_shared_ioctl we first copy 4 bytes from userdata into "size" variable, and then use that variable as the size parameter for "copy_from_user", ending up overwriting memory following "crus_sp_hdr". "crus_sp_hdr" is a static variable, of type "struct crus_sp_ioctl_header".Product: AndroidVersions: Android kernelAndroid ID: A-135129430
Published at: June 16, 2020 at 05:15PM
View on website

June 17, 2020 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0234

In crus_afe_get_param of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-148189280
Published at: June 16, 2020 at 05:15PM
View on website

June 17, 2020 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0232

Function abc_pcie_issue_dma_xfer_sync creates a transfer object, adds it to the session object then continues to work with it. A concurrent thread could retrieve created transfer object from the session object and delete it using abc_pcie_dma_user_xfer_clean. If this happens, abc_pcie_start_dma_xfer and abc_pcie_wait_dma_xfer in the original thread will trigger UAF when working with the transfer object.Product: AndroidVersions: Android kernelAndroid ID: A-151453714
Published at: June 16, 2020 at 05:15PM
View on website

June 17, 2020 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0223

This is an unbounded write into kernel global memory, via a user-controlled buffer size.Product: AndroidVersions: Android kernelAndroid ID: A-135130450
Published at: June 16, 2020 at 05:15PM
View on website

June 17, 2020 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-9944

In Open Microscopy Environment OMERO.server 5.0.0 through 5.6.0, the reading of files from imported image filesets may circumvent OMERO permissions restrictions. This occurs because the Bio-Formats feature allows an image file to have embedded pathnames.
Published at: June 17, 2020 at 08:15PM
View on website

June 17, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-9943

In ome.services.graphs.GraphTraversal.findObjectDetails in Open Microscopy Environment OMERO.server 5.1.0 through 5.6.0, permissions on OMERO model objects may be circumvented during certain operations such as move and delete, because group permissions are mishandled.
Published at: June 17, 2020 at 08:15PM
View on website

June 17, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20840

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.
Published at: June 17, 2020 at 07:15PM
View on website

June 17, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20839

libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.
Published at: June 17, 2020 at 07:15PM
View on website

June 17, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-16245

OMERO before 5.6.1 makes the details of each user available to all users.
Published at: June 17, 2020 at 08:15PM
View on website

June 17, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21247

An issue was discovered in LibVNCServer before 0.9.13. There is a memory leak in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
Published at: June 17, 2020 at 07:15PM
View on website

June 17, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-9109

An issue was discovered in adns before 1.5.2. It fails to ignore apparent answers before the first RR that was found the first time. when this is fixed, the second answer scan finds the same RRs at the first. Otherwise, adns can be confused by interleaving answers for the CNAME target, with the CNAME itself. In that case the answer data structure (on the heap) can be overrun. With this fixed, it prefers to look only at the answer RRs which come after the CNAME, which is at least arguably correct.
Published at: June 18, 2020 at 05:15PM
View on website

June 18, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-9108

An issue was discovered in adns before 1.5.2. adnshost mishandles a missing final newline on a stdin read. It is wrong to increment used as well as setting r, since used is incremented according to r, later. Rather one should be doing what read() would have done. Without this fix, adnshost may read and process one byte beyond the buffer, perhaps crashing or perhaps somehow leaking the value of that byte.
Published at: June 18, 2020 at 05:15PM
View on website

June 18, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-9107

An issue was discovered in adns before 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with \, and adns_qf_quoteok_query was specified, qdparselabel would read additional bytes from the buffer and try to treat them as the escape sequence. It would depart the input buffer and start processing many bytes of arbitrary heap data as if it were the query domain. Eventually it would run out of input or find some other kind of error, and declare the query domain invalid. But before then it might outrun available memory and crash. In principle this could be a denial of service attack.
Published at: June 18, 2020 at 05:15PM
View on website

June 18, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-9106

An issue was discovered in adns before 1.5.2. adns_rr_info mishandles a bogus *datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer. This is correct if the input is in the right range; if it isn't, the buffer may be overrun (depending on the sizes of the types on the current platform). Of course the inputs ought to be right. And there are pointers in there too, so perhaps one could say that the caller ought to check these things. It may be better to require the caller to make the pointer structure right, but to have the code here be defensive about (and tolerate with an error but without crashing) out-of-range integer values. So: it should defend each of these integer conversion sites with a check for the actual permitted range, and return adns_s_invaliddata if not. The lack of this check causes the SOA sign extension bug to be a serious security problem: the sign extended SOA value is out of range, and overruns the buffer when r econverted. This is related to sign extending SOA 32-bit integer fields, and use of a signed data type.
Published at: June 18, 2020 at 05:15PM
View on website

June 18, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-9105

An issue was discovered in adns before 1.5.2. It corrupts a pointer when a nameserver speaks first because of a wrong number of pointer dereferences. This bug may well be exploitable as a remote code execution.
Published at: June 18, 2020 at 05:15PM
View on website

June 18, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-9104

An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered.
Published at: June 18, 2020 at 06:15PM
View on website

June 18, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-9103

An issue was discovered in adns before 1.5.2. pap_mailbox822 does not properly check st from adns__findlabel_next. Without this, an uninitialised stack value can be used as the first label length. Depending on the circumstances, an attacker might be able to trick adns into crashing the calling program, leaking aspects of the contents of some of its memory, causing it to allocate lots of memory, or perhaps overrunning a buffer. This is only possible with applications which make non-raw queries for SOA or RP records.
Published at: June 18, 2020 at 06:15PM
View on website

June 18, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-13033

In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be used to upload data to a central Lynis server. Although no data can be extracted by knowing the license key, it may be possible to upload the data of additional scans.
Published at: June 18, 2020 at 09:15PM
View on website

June 18, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20847

An issue was discovered in Mattermost Server before 5.18.0. An attacker can send a user_typing WebSocket event to any channel.
Published at: June 19, 2020 at 05:15PM
View on website

June 19, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20846

An issue was discovered in Mattermost Server before 5.18.0. It has weak permissions for server-local file storage.
Published at: June 19, 2020 at 05:15PM
View on website

June 19, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20845

An issue was discovered in Mattermost Server before 5.18.0. It allows attackers to cause a denial of service (memory consumption) via a large Slack import.
Published at: June 19, 2020 at 05:15PM
View on website

June 19, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20844

An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. An attacker can spoof a direct-message channel by changing the type of a channel.
Published at: June 19, 2020 at 05:15PM
View on website

June 19, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20843

An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There are weak permissions for configuration files.
Published at: June 19, 2020 at 05:15PM
View on website

June 19, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20842

An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There is SQL injection by admins via SearchAllChannels.
Published at: June 19, 2020 at 05:15PM
View on website

June 19, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20841

An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. CSRF can sometimes occur via a crafted web site for account takeover attacks.
Published at: June 19, 2020 at 05:15PM
View on website

June 19, 2020 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21262

An issue was discovered in Mattermost Server before 4.7.3. It allows attackers to cause a denial of service (application crash) via invalid LaTeX text.
Published at: June 19, 2020 at 08:15PM
View on website

June 19, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21261

An issue was discovered in Mattermost Server before 4.8.1, 4.7.4, and 4.6.3. An e-mail invite accidentally included the team invite_id, which leads to unintended excessive invitation privileges.
Published at: June 19, 2020 at 08:15PM
View on website

June 19, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21260

An issue was discovered in Mattermost Server before 4.8.1, 4.7.4, and 4.6.3. WebSocket events were accidentally sent during certain user-management operations, violating user privacy.
Published at: June 19, 2020 at 08:15PM
View on website

June 19, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21259

An issue was discovered in Mattermost Server before 4.10.1, 4.9.4, and 4.8.2. It allows attackers to cause a denial of service (application hang) via a malformed link in a channel.
Published at: June 19, 2020 at 08:15PM
View on website

June 19, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21258

An issue was discovered in Mattermost Server before 5.1. It allows attackers to cause a denial of service via the invite_people slash command.
Published at: June 19, 2020 at 08:15PM
View on website

June 19, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21257

An issue was discovered in Mattermost Server before 5.1. It allows attackers to bypass intended access restrictions (for setting a channel header) via the Channel header slash command API.
Published at: June 19, 2020 at 08:15PM
View on website

June 19, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21255

An issue was discovered in Mattermost Server before 5.1. Non-members of a channel could use the Channel PATCH API to modify that channel.
Published at: June 19, 2020 at 08:15PM
View on website

June 19, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21254

An issue was discovered in Mattermost Server before 5.1. An attacker can bypass intended access control (for direct-message channel creation) via the Message slash command.
Published at: June 19, 2020 at 08:15PM
View on website

June 19, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21253

An issue was discovered in Mattermost Server before 5.1, 5.0.2, and 4.10.2. An attacker could use the invite_people slash command to invite a non-permitted user.
Published at: June 19, 2020 at 08:15PM
View on website

June 19, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21251

An issue was discovered in Mattermost Server before 5.2 and 5.1.1. Authorization could be bypassed if the channel name were not the same in the params and the body.
Published at: June 19, 2020 at 08:15PM
View on website

June 19, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21250

An issue was discovered in Mattermost Server before 5.2.2, 5.1.2, and 4.10.4. It allows remote attackers to cause a denial of service (memory consumption) via crafted image dimensions.
Published at: June 19, 2020 at 08:15PM
View on website

June 19, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21249

An issue was discovered in Mattermost Server before 5.3.0. It mishandles timing.
Published at: June 19, 2020 at 08:15PM
View on website

June 19, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21248

An issue was discovered in Mattermost Server before 5.4.0. It mishandles possession of superfluous authentication credentials.
Published at: June 19, 2020 at 08:15PM
View on website

June 19, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18877

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS attacks could occur against an OAuth 2.0 allow/deny page.
Published at: June 19, 2020 at 08:15PM
View on website

June 19, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18876

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin can test for the existence of an arbitrary file.
Published at: June 19, 2020 at 08:15PM
View on website

June 19, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18875

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin can create arbitrary files.
Published at: June 19, 2020 at 08:15PM
View on website

June 19, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18871

An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, 4.3.4, and 4.2.2. It allows attackers to cause a denial of service (application crash) via an @ character before a JavaScript field name.
Published at: June 19, 2020 at 08:15PM
View on website

June 19, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18870

An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, and 4.3.4. It mishandled webhook access control in the EnableOnlyAdminIntegrations case.
Published at: June 19, 2020 at 08:15PM
View on website

June 19, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18898

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows crafted posts that potentially cause a web browser to hang.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18897

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. It mishandles a deny action for a redirection.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18896

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows attackers to add DEBUG lines to the logs via a REST API version 3 logging endpoint.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18895

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows attackers to obtain sensitive information (user statuses) via a REST API version 4 endpoint.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18894

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. Sometimes. resource-owner authorization is bypassed, allowing account takeover.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18893

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. Display names allow XSS.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18892

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. E-mail templates can have a field in which HTML content is not neutralized.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18891

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows Phishing because an error page can have a link.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18890

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows an attacker to create a button that, when pressed by a user, launches an API request.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18889

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. An attacker could create fictive system-message posts via webhooks and slash commands, in the v3 or v4 REST API.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18888

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows SQL injection during the fetching of multiple posts.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18887

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It discloses the team creator's e-mail address to members.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18886

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows a bypass of restrictions on use of slash commands.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18885

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to gain privileges by accessing unintended API endpoints on a user's behalf.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18884

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to gain privileges by using a registered OAuth application with personal access tokens.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18883

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2, when serving as an OAuth 2.0 Service Provider. There is low entropy for authorization data.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18882

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS can occur via OpenGraph data.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18881

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS could occur via a goto_location response to a slash command.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18880

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS could occur via the title_link field of a Slack attachment.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18879

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS could occur via the author_link field of a Slack attachment.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18878

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. Knowledge of a session ID allows revoking another user's session.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18874

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin can achieve directory traversal.
Published at: June 19, 2020 at 10:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18873

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to cause a denial of service (channel invisibility) via a misformatted post.
Published at: June 19, 2020 at 09:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18872

An issue was discovered in Mattermost Server before 4.4.3 and 4.3.3. Attackers could reconfigure an OAuth app in some cases where Mattermost is an OAuth 2.0 service provider.
Published at: June 19, 2020 at 09:15PM
View on website

June 19, 2020 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11084

An issue was discovered in Mattermost Server before 2.1.0. It allows XSS via CSRF.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11083

An issue was discovered in Mattermost Server before 2.2.0. It allows XSS because it configures files to be opened in a browser window.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11082

An issue was discovered in Mattermost Server before 2.2.0. It allows XSS via a crafted link.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11081

An issue was discovered in Mattermost Server before 2.2.0. It allows unintended access to information stored by a web browser.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11080

An issue was discovered in Mattermost Server before 3.0.0. It offers superfluous APIs for a Team Administrator to view account details.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11079

An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a redirect URL.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11078

An issue was discovered in Mattermost Server before 3.0.0. It potentially allows attackers to obtain sensitive information (credential fields within config.json) via the System Console UI.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11077

An issue was discovered in Mattermost Server before 3.0.0. It has a superfluous API in which the System Admin can change the account name and e-mail address of an LDAP account.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11076

An issue was discovered in Mattermost Server before 3.0.0. It does not ensure that a cookie is used over SSL.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11075

An issue was discovered in Mattermost Server before 3.0.0. It allows attackers to obtain sensitive information about team URLs via an API.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11074

An issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11073

An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a Legal or Support setting.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11072

An issue was discovered in Mattermost Server before 3.0.2. The purposes of a session ID and a Session Token were mishandled.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11071

An issue was discovered in Mattermost Server before 3.1.0. It allows XSS because the noreferrer and noopener protection mechanisms were not in place.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11070

An issue was discovered in Mattermost Server before 3.1.0. It allows XSS via theme color-code values.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11069

An issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at password change.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11068

An issue was discovered in Mattermost Server before 3.2.0. Attackers could read LDAP fields via injection.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11067

An issue was discovered in Mattermost Server before 3.2.0. It allowed crafted posts that could cause a web browser to hang.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11066

An issue was discovered in Mattermost Server before 3.2.0. The initial_load API disclosed unnecessary personal information.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11065

An issue was discovered in Mattermost Server before 3.3.0. An attacker could use the WebSocket feature to send pop-up messages to users or change a post's appearance.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11064

An issue was discovered in Mattermost Desktop App before 3.4.0. Strings could be executed as code via injection.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11063

An issue was discovered in Mattermost Server before 3.5.1. XSS can occur via file preview.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11062

An issue was discovered in Mattermost Server before 3.5.1. E-mail address verification can be bypassed.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2015-9548

An issue was discovered in Mattermost Server before 1.2.0. It allows attackers to cause a denial of service (memory consumption) via a small compressed file that has a large size when uncompressed.
Published at: June 19, 2020 at 11:15PM
View on website

June 20, 2020 at 01:36AM

via National Vulnerability Database


Няма коментари:

Публикуване на коментар