четвъртък, 27 май 2021 г.

Weekly Digest: a new vulnerability is published on the National Vulnerability Database (35 items)

New vulnerabilities from the NVD: CVE-2019-16956

SolarWinds Web Help Desk 12.7.0 allows XSS via the Request Type parameter of a ticket.
Published at: January 04, 2021 at 10:15AM
View on website

January 04, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-4728

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code with SYSTEM privileges. IBM X-Force ID: 172452.
Published at: January 05, 2021 at 05:15PM
View on website

January 05, 2021 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20484

An issue was discovered in Viki Vera 4.9.1.26180. A user without access to a project could download or upload project files by opening the Project URL directly in the browser after logging in.
Published at: January 06, 2021 at 12:15AM
View on website

January 06, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20483

An issue was discovered in Viki Vera 4.9.1.26180. An attacker could set a user's last name to an XSS Payload, and read another user's cookie and use that to login to the application.
Published at: January 05, 2021 at 11:15PM
View on website

January 06, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10658

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteImage API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.
Published at: January 06, 2021 at 04:15PM
View on website

January 06, 2021 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10657

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM web console's ImportAlertRules feature. The vulnerability allows a remote attacker (with admin or config-admin privileges in the console) to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.
Published at: January 06, 2021 at 04:15PM
View on website

January 06, 2021 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10656

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.
Published at: January 06, 2021 at 04:15PM
View on website

January 06, 2021 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10655

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouse API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.
Published at: January 06, 2021 at 04:15PM
View on website

January 06, 2021 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-13545

An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will write outside its bounds resulting in a heap-based memory corruption. An attacker can entice the victim to open a document to trigger this vulnerability.
Published at: January 06, 2021 at 05:15PM
View on website

January 06, 2021 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-13544

An exploitable sign extension vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to sign-extend a length used to terminate a loop, which can later result in the loop’s index being used to write outside the bounds of a heap buffer during the reading of file data. An attacker can entice the victim to open a document to trigger this vulnerability.
Published at: January 06, 2021 at 05:15PM
View on website

January 06, 2021 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2012-10001

The Limit Login Attempts plugin before 1.7.1 for WordPress does not clear auth cookies upon a lockout, which might make it easier for remote attackers to conduct brute-force authentication attempts.
Published at: January 06, 2021 at 05:15PM
View on website

January 06, 2021 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-16962

Zoho ManageEngine Desktop Central 10.0.430 allows HTML injection via a modified Report Name in a New Custom Report.
Published at: January 06, 2021 at 07:15PM
View on website

January 06, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-16954

SolarWinds Web Help Desk 12.7.0 allows HTML injection via a Comment in a Help Request ticket.
Published at: January 06, 2021 at 07:15PM
View on website

January 06, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-25498

Cross Site Scripting (XSS) vulnerability in Beetel router 777VR1 can be exploited via the NTP server name in System Time and "Keyword" in URL Filter.
Published at: January 07, 2021 at 12:15AM
View on website

January 07, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-24902

Quixplorer <=2.4.1 is vulnerable to reflected cross-site scripting (XSS) caused by improper validation of user supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
Published at: January 07, 2021 at 03:15PM
View on website

January 07, 2021 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-24901

The default installation of Krpano Panorama Viewer version <=1.20.8 is vulnerable to Reflected XSS due to insecure remote js load in file viewer/krpano.html, parameter plugin[test].url.
Published at: January 07, 2021 at 03:15PM
View on website

January 07, 2021 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-24900

The default installation of Krpano Panorama Viewer version <=1.20.8 is prone to Reflected XSS due to insecure XML load in file /viewer/krpano.html, parameter xml.
Published at: January 07, 2021 at 03:15PM
View on website

January 07, 2021 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-13573

A denial-of-service vulnerability exists in the Ethernet/IP server functionality of Rockwell Automation RSLinx Classic 2.57.00.14 CPR 9 SR 3. A specially crafted network request can lead to a denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability.
Published at: January 07, 2021 at 08:15PM
View on website

January 07, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-20316

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read, a different issue than CVE-2018-20310 because of a different opcode.
Published at: January 07, 2021 at 08:15PM
View on website

January 07, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-20315

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a race condition that can cause a stack-based buffer overflow or an out-of-bounds read.
Published at: January 07, 2021 at 08:15PM
View on website

January 07, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-20314

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCheckLicence race condition that can cause a stack-based buffer overflow or an out-of-bounds read.
Published at: January 07, 2021 at 08:15PM
View on website

January 07, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-20313

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyPreviewAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read.
Published at: January 07, 2021 at 08:15PM
View on website

January 07, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-20312

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read, a different issue than CVE-2018-20310 because of a different opcode.
Published at: January 07, 2021 at 07:15PM
View on website

January 07, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-20311

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCPDFAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read.
Published at: January 07, 2021 at 07:15PM
View on website

January 07, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-20310

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read.
Published at: January 07, 2021 at 07:15PM
View on website

January 07, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-20309

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyGetAppEdition race condition that can cause a stack-based buffer overflow or an out-of-bounds read.
Published at: January 07, 2021 at 07:15PM
View on website

January 07, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-19418

Foxit PDF ActiveX before 5.5.1 allows remote code execution via command injection because of the lack of a security permission control.
Published at: January 07, 2021 at 07:15PM
View on website

January 07, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-18689

The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use /ByteRange and xref manipulations that are not detected by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects eXpert PDF 12 Ultimate, Expert PDF Reader, Nitro Pro, Nitro Reader, PDF Architect 6, PDF Editor 6 Pro, PDF Experte 9 Ultimate, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, PDF-XChange Editor and Viewer, Perfect PDF 10 Premium, Perfect PDF Reader, Soda PDF, and Soda PDF Desktop.
Published at: January 07, 2021 at 08:15PM
View on website

January 07, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-18688

The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to add pages or annotations, Body Updates are displayed to the user without any action by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects LibreOffice, Master PDF Editor, Nitro Pro, Nitro Reader, Nuance Power PDF Standard, PDF Editor 6 Pro, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, Perfect PDF 10 Premium, and Perfect PDF Reader.
Published at: January 07, 2021 at 08:15PM
View on website

January 07, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-13452

In Gotenberg through 6.2.1, insecure permissions for tini (writable by user gotenberg) potentially allow an attacker to overwrite the file, which can lead to denial of service or code execution.
Published at: January 08, 2021 at 12:15AM
View on website

January 08, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-13451

An incomplete-cleanup vulnerability in the Office rendering engine of Gotenberg through 6.2.1 allows an attacker to overwrite LibreOffice configuration files and execute arbitrary code via macros.
Published at: January 08, 2021 at 12:15AM
View on website

January 08, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-13450

A directory traversal vulnerability in file upload function of Gotenberg through 6.2.1 allows an attacker to upload and overwrite any writable files outside the intended folder. This can lead to DoS, a change to program behavior, or code execution.
Published at: January 08, 2021 at 12:15AM
View on website

January 08, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-13449

A directory traversal vulnerability in the Markdown engine of Gotenberg through 6.2.1 allows an attacker to read any container files.
Published at: January 08, 2021 at 12:15AM
View on website

January 08, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-18643

Rock RMS versions before 8.10 and versions 9.0 through 9.3 fails to properly validate files uploaded in the application. The only protection mechanism is a file-extension blacklist that can be bypassed by adding multiple spaces and periods after the file name. This could allow an attacker to upload ASPX code and gain remote code execution on the application. The application typically runs as LocalSystem as mandated in the installation guide. Patched in versions 8.10 and 9.4.
Published at: January 07, 2021 at 11:15PM
View on website

January 08, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-18642

Rock RMS version before 8.6 is vulnerable to account takeover by tampering with the user ID parameter in the profile update feature. The lack of validation and use of sequential user IDs allows any user to change account details of any other user. This vulnerability could be used to change the email address of another account, even the administrator account. Upon changing another account's email address, performing a password reset to the new email address could allow an attacker to take over any account.
Published at: January 07, 2021 at 11:15PM
View on website

January 08, 2021 at 01:36AM

via National Vulnerability Database

Няма коментари:

Публикуване на коментар