🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-29000 ‼

An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. A vulnerability exists in the RTSP service that allows a remote attacker to take full control of the device with a high-privileged account. By sending a crafted message, an attacker is able to remotely deliver a telnet session. Any attacker that has the ability to control DNS can exploit this vulnerability to remotely login to the device and gain access to the camera system.

📖 Read

via "National Vulnerability Database".
79 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-13215 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
77 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-28292 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
76 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-28303 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
75 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2019-11305 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.

📖 Read

via "National Vulnerability Database".
72 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-36227 ‼

A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.

📖 Read

via "National Vulnerability Database".
73 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-27098 ‼

In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible way to access contacts due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-138791358

📖 Read

via "National Vulnerability Database".
73 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-5442 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
68 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-22698 ‼

A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed.

📖 Read

via "National Vulnerability Database".
70 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-35576 ‼

A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577.

📖 Read

via "National Vulnerability Database".
73 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-28304 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
72 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-13187 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
73 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-36205 ‼

An issue was discovered in the xcb crate through 2020-12-10 for Rust. base::Error does not have soundness. Because of the public ptr field, a use-after-free or double-free can occur.

📖 Read

via "National Vulnerability Database".
72 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-28295 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
70 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-5480 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
72 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-13216 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
80 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2019-25015 ‼

LuCI in OpenWrt 18.06.0 through 18.06.4 allows stored XSS via a crafted SSID.

📖 Read

via "National Vulnerability Database".
82 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-28299 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
87 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-5478 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
81 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-21146 ‼

Feehi CMS 2.0.8 is affected by a cross-site scripting (XSS) vulnerability. When the user name is inserted as JavaScript code, browsing the post will trigger the XSS.

📖 Read

via "National Vulnerability Database".
91 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-28300 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
92 views