🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-40278 ‼

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_free after sqlite3_exec, leading to a denial of service.

📖 Read

via "National Vulnerability Database".

88 views05:44

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2019-20287 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none.

📖 Read

via "National Vulnerability Database".

86 views05:44

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2019-20243 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.

📖 Read

via "National Vulnerability Database".

89 views05:44

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2020-27601 ‼

In BigBlueButton before 2.2.7, lockSettingsProps.disablePrivateChat does not apply to already opened chats. This occurs in bigbluebutton-html5/imports/ui/components/chat/service.js.

📖 Read

via "National Vulnerability Database".

87 views05:44

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2020-15328 ‼

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/var/blobstorage/ permissions.

📖 Read

via "National Vulnerability Database".

87 views05:44

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-1719 ‼

Reflected XSS on ticket filter function in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability is capable of executing a malicious javascript code in web page

📖 Read

via "National Vulnerability Database".

88 views05:44

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-45789 ‼

An arbitrary file read vulnerability was found in Metersphere v1.15.4, where authenticated users can read any file on the server via the file download function.

📖 Read

via "National Vulnerability Database".

87 views05:44

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2019-20255 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none.

📖 Read

via "National Vulnerability Database".

87 views05:44

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2019-20291 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none.

📖 Read

via "National Vulnerability Database".

84 views05:45

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-45843 ‼

glFusion CMS v1.7.9 is affected by a reflected Cross Site Scripting (XSS) vulnerability. The value of the title request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. This input was echoed unmodified in the application's response.

📖 Read

via "National Vulnerability Database".

90 views05:45

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-45788 ‼

Time-based SQL Injection vulnerabilities were found in Metersphere v1.15.4 via the "orders" parameter.

📖 Read

via "National Vulnerability Database".

95 views05:47

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-43403 ‼

An issue was discovered in FusionPBX before 4.5.30. The log_viewer.php Log View page allows an authenticated user to choose an arbitrary filename for download (i.e., not necessarily freeswitch.log in the intended directory).

📖 Read

via "National Vulnerability Database".

96 views05:47

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-40691 ‼

A session hijack risk was identified in the Shibboleth authentication plugin.

📖 Read

via "National Vulnerability Database".

96 views05:47

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2020-15346 ‼

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a /live/GLOBALS API with the CLOUDCNM key.

📖 Read

via "National Vulnerability Database".

93 views05:47

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-42047 ‼

An issue was discovered in the Growth extension in MediaWiki through 1.36.2. On any Wiki with the Mentor Dashboard feature enabled, users can login with a mentor account and trigger an XSS payload (such as alert) via Growthexperiments-mentor-dashboard-mentee-overview-no-js-fallback.

📖 Read

via "National Vulnerability Database".

93 views05:47

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2019-20258 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.

📖 Read

via "National Vulnerability Database".

94 views05:47

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2019-20227 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.

📖 Read

via "National Vulnerability Database".

91 views05:47

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2019-20259 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none.

📖 Read

via "National Vulnerability Database".

91 views05:47

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2020-15347 ‼

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the q6xV4aW8bQ4cfD-b password for the axiros account.

📖 Read

via "National Vulnerability Database".

94 views05:47

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2019-20294 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none.

📖 Read

via "National Vulnerability Database".

89 views05:48

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2019-20309 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.

📖 Read

via "National Vulnerability Database".

90 views05:48

About

Blog

Apps

Platform