CVE Notify
19.3K subscribers
4 photos
204K links
Alert on the latest CVEs

Partner channel: @malwr
Download Telegram
๐Ÿšจ CVE-2021-27057
Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24108, CVE-2021-27059.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2019-10247
In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches the requested path. The default server behavior on jetty-distribution and jetty-home will include at the end of the Handler tree a DefaultHandler, which is responsible for reporting this 404 error, it presents the various configured contexts as HTML for users to click through to. This produced HTML includes output that contains the configured fully qualified directory base resource location for each context.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2020-28466
This affects all versions of package github.com/nats-io/nats-server/server. Untrusted accounts are able to crash the server using configs that represent a service export/import cycles. Disclaimer from the maintainers: Running a NATS service which is exposed to untrusted users presents a heightened risk. Any remote execution flaw or equivalent seriousness, or denial-of-service by unauthenticated users, will lead to prompt releases by the NATS maintainers. Fixes for denial of service issues with no threat of remote execution, when limited to account holders, are likely to just be committed to the main development branch with no special attention. Those who are running such services are encouraged to build regularly from git.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-27074
Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is unique from CVE-2021-27080.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-27070
Windows 10 Update Assistant Elevation of Privilege Vulnerability

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-27055
Microsoft Visio Security Feature Bypass Vulnerability

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2020-1926
Apache Hive cookie signature verification used a non constant time comparison which is known to be vulnerable to timing attacks. This could allow recovery of another users cookie signature. The issue was addressed in Apache Hive 2.3.8

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-21191
Use after free in WebRTC in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-21192
Heap buffer overflow in tab groups in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2020-28502
This affects the package xmlhttprequest before 1.7.0; all versions of package xmlhttprequest-ssl. Provided requests are sent synchronously (async=False on xhr.open), malicious user input flowing into xhr.send could result in arbitrary code being injected and run.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2020-11987
Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2019-17571
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2020-13956
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2020-11988
Apache XmlGraphics Commons 2.4 is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-27889
Cross-site Scripting (XSS) vulnerability in MyBB before 1.8.26 via Nested Auto URL when parsing messages.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-22887
A vulnerability in the BIOS of Pulse Secure (PSA-Series Hardware) models PSA5000 and PSA7000 could allow an attacker to compromise BIOS firmware. This vulnerability can be exploited only as part of an attack chain. Before an attacker can compromise the BIOS, they must exploit the device.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-27938
A vulnerability has been identified in the Silverstripe CMS 3 and 4 version of the symbiote/silverstripe-queuedjobs module. A Cross Site Scripting vulnerability allows an attacker to inject an arbitrary payload in the CreateQueuedJobTask dev task via a specially crafted URL.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-25916
Prototype pollution vulnerability in 'patchmerge' versions 1.0.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2020-13936
An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2.

๐ŸŽ–@cveNotify