четвъртък, 22 октомври 2020 г.

Weekly Update: a new vulnerability is published on the National Vulnerability Database (30 items)

New vulnerabilities from the NVD: CVE-2019-20802

An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server improperly displays directory names, leading to Stored XSS, which may be used to steal a user's data. This requires user interaction because there is no known direct way for an attacker to create a crafted directory name on a victim's device. However, a crafted directory name can occur if a victim extracts a ZIP archive that was provided by an attacker.
Published at: May 18, 2020 at 03:15AM
View on website

May 18, 2020 at 09:21AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20801

An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server allows for cross-origin requests from any domain, and the WebSocket server lacks authorization control. Any web site can execute JavaScript code (that accesses a user's data) via cross-origin requests.
Published at: May 18, 2020 at 03:15AM
View on website

May 18, 2020 at 09:21AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20800

In Cherokee through 1.2.104, remote attackers can trigger an out-of-bounds write in cherokee_handler_cgi_add_env_pair in handler_cgi.c by sending many request headers, as demonstrated by a GET request with many "Host: 127.0.0.1" headers.
Published at: May 18, 2020 at 03:15AM
View on website

May 18, 2020 at 09:21AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20799

In Cherokee through 1.2.104, multiple memory corruption errors may be used by a remote attacker to destabilize the work of a server.
Published at: May 18, 2020 at 03:15AM
View on website

May 18, 2020 at 09:21AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20798

An XSS issue was discovered in handler_server_info.c in Cherokee through 1.2.104. The requested URL is improperly displayed on the About page in the default configuration of the web server and its administrator panel. The XSS in the administrator panel can be used to reconfigure the server and execute arbitrary commands.
Published at: May 18, 2020 at 03:15AM
View on website

May 18, 2020 at 09:21AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20797

An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as demonstrated by I_SendPacket or I_SendPacketTo in i_network.c.
Published at: May 18, 2020 at 03:15AM
View on website

May 18, 2020 at 09:21AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-7247

An issue was discovered in AODDriver2.sys in AMD OverDrive. The vulnerable driver exposes a wrmsr instruction via IOCTL 0x81112ee0 and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges.
Published at: May 18, 2020 at 07:15PM
View on website

May 18, 2020 at 10:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-7246

An issue was discovered in atillk64.sys in AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility 5.11.9.0. The vulnerable driver exposes a wrmsr instruction and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges.
Published at: May 18, 2020 at 07:15PM
View on website

May 18, 2020 at 10:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19456

A Reflected XSS was found in the server selection box inside the login page at: enginemanager/loginfailed.html in Wowza Streaming Engine <= 4.x.x.
Published at: May 18, 2020 at 08:15PM
View on website

May 18, 2020 at 10:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19454

An arbitrary file download was found in the "Download Log" functionality of Wowza Streaming Engine <= 4.x.x
Published at: May 18, 2020 at 08:15PM
View on website

May 18, 2020 at 10:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17066

In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. This is possible because pwrgrid.exe first checks the Current User registry hives (HKCU) when starting an application with elevated rights.
Published at: May 19, 2020 at 01:15AM
View on website

May 19, 2020 at 04:21AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-11048

In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server.
Published at: May 20, 2020 at 11:15AM
View on website

May 20, 2020 at 02:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-5997

Video Insight VMS 7.5 and earlier allows remote attackers to conduct code injection attacks via unspecified vectors.
Published at: May 20, 2020 at 02:15PM
View on website

May 20, 2020 at 04:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10726

A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a resource leak (file descriptors and virtual memory), which may result in a denial of service.
Published at: May 20, 2020 at 05:15PM
View on website

May 20, 2020 at 08:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10725

A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on the host, which could result in a loss of connectivity for the other guests running on that host. This is caused by a missing validity check of the descriptor address in the function `virtio_dev_rx_batch_packed()`.
Published at: May 20, 2020 at 05:15PM
View on website

May 20, 2020 at 08:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10738

A flaw was found in Moodle versions 3.8 before 3.8.3, 3.7 before 3.7.6, 3.6 before 3.6.10, 3.5 before 3.5.12 and earlier unsupported versions. It was possible to create a SCORM package in such a way that when added to a course, it could be interacted with via web services in order to achieve remote code execution.
Published at: May 21, 2020 at 07:15PM
View on website

May 21, 2020 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-18868

Digi XBee 2 devices do not have an effective protection mechanism against remote AT commands, because of issues related to the network stack upon which the ZigBee protocol is built.
Published at: May 21, 2020 at 11:15PM
View on website

May 22, 2020 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-1037

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.
Published at: May 22, 2020 at 02:15AM
View on website

May 22, 2020 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-1035

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1058, CVE-2020-1060, CVE-2020-1093.
Published at: May 22, 2020 at 02:15AM
View on website

May 22, 2020 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-1028

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1126, CVE-2020-1136, CVE-2020-1150.
Published at: May 22, 2020 at 02:15AM
View on website

May 22, 2020 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-1024

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1023, CVE-2020-1102.
Published at: May 22, 2020 at 02:15AM
View on website

May 22, 2020 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-1023

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1024, CVE-2020-1102.
Published at: May 22, 2020 at 02:15AM
View on website

May 22, 2020 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-1021

An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1082, CVE-2020-1088.
Published at: May 22, 2020 at 02:15AM
View on website

May 22, 2020 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-1010

An elevation of privilege vulnerability exists in Windows Block Level Backup Engine Service (wbengine) that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1068, CVE-2020-1079.
Published at: May 22, 2020 at 02:15AM
View on website

May 22, 2020 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0963

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1141, CVE-2020-1145, CVE-2020-1179.
Published at: May 22, 2020 at 02:15AM
View on website

May 22, 2020 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0909

A denial of service vulnerability exists when Hyper-V on a Windows Server fails to properly handle specially crafted network packets.To exploit the vulnerability, an attacker would send specially crafted network packets to the Hyper-V Server.The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to properly handle these network packets., aka 'Windows Hyper-V Denial of Service Vulnerability'.
Published at: May 22, 2020 at 02:15AM
View on website

May 22, 2020 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-0901

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.
Published at: May 22, 2020 at 02:15AM
View on website

May 22, 2020 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20804

Gila CMS before 1.11.6 allows CSRF with resultant XSS via the admin/themes URI, leading to compromise of the admin account.
Published at: May 22, 2020 at 01:15AM
View on website

May 22, 2020 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20803

Gila CMS before 1.11.6 has reflected XSS via the admin/content/postcategory id parameter, which is mishandled for g_preview_theme.
Published at: May 22, 2020 at 01:15AM
View on website

May 22, 2020 at 03:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21234

Jodd before 5.0.4 performs Deserialization of Untrusted JSON Data when setClassMetadataName is set.
Published at: May 22, 2020 at 02:15AM
View on website

May 22, 2020 at 03:36AM

via National Vulnerability Database


Няма коментари:

Публикуване на коментар