‼ CVE-2020-35738 ‼
📖 Read
via "National Vulnerability Database".
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29158 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 3.5.1. An Agent with Customer permissions in a Group can bypass intended access control on internal Articles via the Ticket detail view.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26033 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 3.4.1. The Tag and Link REST API endpoints (for add and delete) lack a CSRF token check.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-28096 ‼
📖 Read
via "National Vulnerability Database".
FOSCAM FHD X1 1.14.2.4 devices allow attackers (with physical UART access) to login via the ipc.fos~ password.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26034 ‼
📖 Read
via "National Vulnerability Database".
An account-enumeration issue was discovered in Zammad before 3.4.1. The Create User functionality is implemented in a way that would enable an anonymous user to guess valid user email addresses. The application responds differently depending on whether the input supplied was recognized as associated with a valid user.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26030 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 3.4.1. There is an authentication bypass in the SSO endpoint via a crafted header, when SSO is not configured. An attacker can create a valid and authenticated session that can be used to perform any actions in the name of other users.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29194 ‼
📖 Read
via "National Vulnerability Database".
Panasonic Security System WV-S2231L 4.25 allows a denial of service of the admin control panel (which will require a physical reset to restore administrative control) via Randomnum=99AC8CEC6E845B28&mode=1 in a POST request to the cgi-bin/set_factory URI.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26028 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 3.4.1. Admin Users without a ticket.* permission can access Tickets.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-28093 ‼
📖 Read
via "National Vulnerability Database".
On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, admin, support, user, and nobody have a password of 1234.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26032 ‼
📖 Read
via "National Vulnerability Database".
An SSRF issue was discovered in Zammad before 3.4.1. The SMS configuration interface for Massenversand is implemented in a way that renders the result of a test request to the User. An attacker can use this to request any URL via a GET request from the network interface of the server. This may lead to disclosure of information from intranet systems.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29159 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 3.5.1. The default signup Role (for newly created Users) can be a privileged Role, if configured by an admin. This behvaior was unintended.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26029 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 3.4.1. There are wrong authorization checks for impersonation requests via X-On-Behalf-Of. The authorization checks are performed for the actual user and not the one given in the X-On-Behalf-Of header.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29242 ‼
📖 Read
via "National Vulnerability Database".
dhowden tag before 2020-11-19 allows "panic: runtime error: index out of range" via readPICFrame.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29243 ‼
📖 Read
via "National Vulnerability Database".
dhowden tag before 2020-11-19 allows "panic: runtime error: index out of range" via readAPICFrame.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29244 ‼
📖 Read
via "National Vulnerability Database".
dhowden tag before 2020-11-19 allows "panic: runtime error: slice bounds out of range" via readTextWithDescrFrame.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-28094 ‼
📖 Read
via "National Vulnerability Database".
On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, the default settings for the router speed test contain links to download malware named elive or CNKI E-Learning.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29193 ‼
📖 Read
via "National Vulnerability Database".
Panasonic Security System WV-S2231L 4.25 has an insecure hard-coded password of lkjhgfdsa (which is just the asdf keyboard row in reverse order).📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29245 ‼
📖 Read
via "National Vulnerability Database".
dhowden tag before 2020-11-19 allows "panic: runtime error: slice bounds out of range" via readAtomData.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26031 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 3.4.1. The global-search feature leaks Knowledge Base drafts to Knowledge Base readers (who are authenticated but have insufficient permissions).📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29160 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 3.5.1. A REST API call allows an attacker to change Ticket Article data in a way that defeats auditing.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26035 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 3.4.1. There is Stored XSS via a Tags element in a TIcket.📖 Read
via "National Vulnerability Database".