βΌ CVE-2021-38455 βΌ
π Read
via "National Vulnerability Database".
The affected productΓ’β¬β’s OS Service does not verify any given parameter. A user can supply any type of parameter that will be passed to inner calls without checking the type of the parameter or the value.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31682 βΌ
π Read
via "National Vulnerability Database".
The login portal for the Automated Logic WebCTRL/WebCTRL OEM web application contains a vulnerability that allows for reflected XSS attacks due to the operatorlocale GET parameter not being sanitized. This issue impacts versions 6.5 and below. This issue works by passing in a basic XSS payload to a vulnerable GET parameter that is reflected in the output without sanitization.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36357 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in OpenPOWER 2.6 firmware. unpack_timestamp() calls le32_to_cpu() for endian conversion of a uint16_t "year" value, resulting in a type mismatch that can truncate a higher integer value to a smaller one, and bypass a timestamp check. The fix is to use the right endian conversion function.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41747 βΌ
π Read
via "National Vulnerability Database".
Cross-Site Scripting (XSS) vulnerability exists in Csdn APP 4.10.0, which can be exploited by attackers to obtain sensitive information such as user cookies.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38471 βΌ
π Read
via "National Vulnerability Database".
There are multiple API function codes that permit data writing to any file, which may allow an attacker to modify existing files or create new files.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38457 βΌ
π Read
via "National Vulnerability Database".
The server permits communication without any authentication procedure, allowing the attacker to initiate a session with the server without providing any form of authentication.π Read
via "National Vulnerability Database".
β Cisco SD-WAN Security Bug Allows Root Code Execution β
π Read
via "Threat Post".
The high-severity bug, tracked as CVE-2021-1529, is an OS command-injection flaw.π Read
via "Threat Post".
Threat Post
Cisco SD-WAN Security Bug Allows Root Code Execution
The high-severity bug, tracked as CVE-2021-1529, is an OS command-injection flaw.
ποΈ Node.js sandboxes are open to prototype pollution ποΈ
π Read
via "The Daily Swig".
Sandbox breakout can lead to remote code execution, researchers warnπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Node.js sandboxes are open to prototype pollution
Sandbox breakout can lead to remote code execution, researchers warn
π Faraday 3.18.0 π
π Read
via "Packet Storm Security".
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.π Read
via "Packet Storm Security".
Packetstormsecurity
Faraday 3.18.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
βΌ CVE-2021-0702 βΌ
π Read
via "National Vulnerability Database".
In RevertActiveSessions of apexd.cpp, there is a possible way to share the wrong file due to an unintentional MediaStore downgrade. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-193932765π Read
via "National Vulnerability Database".
βΌ CVE-2021-42540 βΌ
π Read
via "National Vulnerability Database".
The affected product is vulnerable to a unsanitized extract folder for system configuration. A low-privileged user can leverage this logic to overwrite the settings and other key functionality.π Read
via "National Vulnerability Database".
βΌ CVE-2021-0651 βΌ
π Read
via "National Vulnerability Database".
In loadLabel of PackageItemInfo.java, there is a possible way to DoS a device by having a long label in an app due to incorrect input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-67013844π Read
via "National Vulnerability Database".
βΌ CVE-2021-0706 βΌ
π Read
via "National Vulnerability Database".
In startListening of PluginManagerImpl.java, there is a possible way to disable arbitrary app components due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-193444889π Read
via "National Vulnerability Database".
βΌ CVE-2021-30359 βΌ
π Read
via "National Vulnerability Database".
The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Because the MS Installer allows regular users to repair their installation, an attacker running an installer before 90.08.7405 can start the installation repair and place a specially crafted binary in the repair folder, which runs with the admin privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2021-0705 βΌ
π Read
via "National Vulnerability Database".
In sanitizeSbn of NotificationManagerService.java, there is a possible way to keep service running in foreground and keep granted permissions due to Bypass of Background Service Restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-185388103π Read
via "National Vulnerability Database".
βΌ CVE-2021-42539 βΌ
π Read
via "National Vulnerability Database".
The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change.π Read
via "National Vulnerability Database".
βΌ CVE-2021-0870 βΌ
π Read
via "National Vulnerability Database".
In RW_SetActivatedTagType of rw_main.cc, there is possible memory corruption due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-192472262π Read
via "National Vulnerability Database".
βΌ CVE-2021-42538 βΌ
π Read
via "National Vulnerability Database".
The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input.π Read
via "National Vulnerability Database".
βΌ CVE-2021-0643 βΌ
π Read
via "National Vulnerability Database".
In getAllSubInfoList of SubscriptionController.java, there is a possible way to retrieve a long term identifier without the correct permissions due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-183612370π Read
via "National Vulnerability Database".
βΌ CVE-2021-0652 βΌ
π Read
via "National Vulnerability Database".
In VectorDrawable::VectorDrawable of VectorDrawable.java, there is a possible way to introduce a memory corruption due to sharing of not thread-safe objects. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-185178568π Read
via "National Vulnerability Database".
βΌ CVE-2021-0708 βΌ
π Read
via "National Vulnerability Database".
In runDumpHeap of ActivityManagerShellCommand.java, there is a possible deletion of system files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-183262161π Read
via "National Vulnerability Database".