π¨ CVE-2021-22710
A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could cause remote code execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
π@cveNotify
A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could cause remote code execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
π@cveNotify
π¨ CVE-2021-28378
Gitea 1.12.x and 1.13.x before 1.13.4 allows XSS via certain issue data in some situations.
π@cveNotify
Gitea 1.12.x and 1.13.x before 1.13.4 allows XSS via certain issue data in some situations.
π@cveNotify
blog.gitea.io
Gitea 1.13.4 is released - Blog
π¨ CVE-2021-21069
Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.
π@cveNotify
Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.
π@cveNotify
Adobe
Adobe Security Bulletin
Security update available for Adobe Creative Cloud Desktop Application | APSB21-18
π¨ CVE-2021-21056
Adobe Framemaker version 2020.0.1 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
π@cveNotify
Adobe Framemaker version 2020.0.1 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
π@cveNotify
π¨ CVE-2021-28375
An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. This is a related issue to CVE-2019-2308.
π@cveNotify
An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. This is a related issue to CVE-2019-2308.
π@cveNotify
π¨ CVE-2021-28305
An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3_column_name are not followed.
π@cveNotify
An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3_column_name are not followed.
π@cveNotify
rustsec.org
RUSTSEC-2021-0037: diesel: Fix a use-after-free bug in diesels Sqlite backend βΊ RustSec Advisory Database
Security advisory database for Rust crates published through https://crates.io
π¨ CVE-2020-16230
All version of Ewon Flexy and Cosy prior to 14.1 use wildcards such as (*) under which domains can request resources. An attacker with local access and high privileges could inject scripts into the Cross-origin Resource Sharing (CORS) configuration that could abuse this vulnerability, allowing the attacker to retrieve limited confidential information through sniffing.
π@cveNotify
All version of Ewon Flexy and Cosy prior to 14.1 use wildcards such as (*) under which domains can request resources. An attacker with local access and high privileges could inject scripts into the Cross-origin Resource Sharing (CORS) configuration that could abuse this vulnerability, allowing the attacker to retrieve limited confidential information through sniffing.
π@cveNotify
us-cert.cisa.gov
HMS Networks Ewon Flexy and Cosy | CISA
1. EXECUTIVE SUMMARY
CVSS v3 2.3
ATTENTION: Low skill level to exploit
Vendor: HMS Networks
Equipment: Ewon Flexy and Cosy
Vulnerability: Permissive Cross-domain Policy with Untrusted Domains
2. RISK EVALUATION
Successful exploitation of this vulnerabilityβ¦
CVSS v3 2.3
ATTENTION: Low skill level to exploit
Vendor: HMS Networks
Equipment: Ewon Flexy and Cosy
Vulnerability: Permissive Cross-domain Policy with Untrusted Domains
2. RISK EVALUATION
Successful exploitation of this vulnerabilityβ¦
π¨ CVE-2021-28160
Reflected XSS on Acexy (BoyaMicro) Wireless-N WiFi Repeater 28.08.06.1 version 1.0 devices can occur via a malformed SSID field during scanning for nearby access points, which also occurs when a device's user visits the Repeater Wizard web management section. This enables an attacker to steal LAN credentials without being connected to the device.
π@cveNotify
Reflected XSS on Acexy (BoyaMicro) Wireless-N WiFi Repeater 28.08.06.1 version 1.0 devices can occur via a malformed SSID field during scanning for nearby access points, which also occurs when a device's user visits the Repeater Wizard web management section. This enables an attacker to steal LAN credentials without being connected to the device.
π@cveNotify
Medium
Hunting for Vulnerabilities in Low-Cost WiFi Repeaters
Security analysis of a low-cost WiFi Repeater
π¨ CVE-2021-27436
WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an attacker to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of the userβs cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser actions.
π@cveNotify
WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an attacker to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of the userβs cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser actions.
π@cveNotify
us-cert.cisa.gov
Advantech WebAccess/SCADA | CISA
1. EXECUTIVE SUMMARY
CVSS v3 5.4
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Advantech
Equipment: WebAccess/SCADA
Vulnerability: Cross-site Scripting
2. RISK EVALUATION
Successful exploitation of this vulnerability could allowβ¦
CVSS v3 5.4
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Advantech
Equipment: WebAccess/SCADA
Vulnerability: Cross-site Scripting
2. RISK EVALUATION
Successful exploitation of this vulnerability could allowβ¦
π¨ CVE-2021-26275
** UNSUPPORTED WHEN ASSIGNED ** The eslint-fixer package through 0.1.5 for Node.js allows command injection via shell metacharacters to the fix function. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The ozum/eslint-fixer GitHub repository has been intentionally deleted.
π@cveNotify
** UNSUPPORTED WHEN ASSIGNED ** The eslint-fixer package through 0.1.5 for Node.js allows command injection via shell metacharacters to the fix function. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The ozum/eslint-fixer GitHub repository has been intentionally deleted.
π@cveNotify
π¨ CVE-2021-21384
shescape is a simple shell escape package for JavaScript. In shescape before version 1.1.3, anyone using _Shescape_ to defend against shell injection may still be vulnerable against shell injection if the attacker manages to insert a into the payload. For an example see the referenced GitHub Security Advisory. The problem has been patched in version 1.1.3. No further changes are required.
π@cveNotify
shescape is a simple shell escape package for JavaScript. In shescape before version 1.1.3, anyone using _Shescape_ to defend against shell injection may still be vulnerable against shell injection if the attacker manages to insert a into the payload. For an example see the referenced GitHub Security Advisory. The problem has been patched in version 1.1.3. No further changes are required.
π@cveNotify
GitHub
Strip null characters from arguments Β· ericcornelissen/shescape@07a069a
Update both the Unix and Windows `escapeShellArg` implementation to
strip null characters from input. Null characters can be used to at
least cause errors and potentially execute arbitrary commands...
strip null characters from input. Null characters can be used to at
least cause errors and potentially execute arbitrary commands...
π¨ CVE-2021-28653
The iOS and macOS apps before 1.4.1 for the Western Digital G-Technology ArmorLock NVMe SSD store keys insecurely. They choose a non-preferred storage mechanism if the device has Secure Enclave support but lacks biometric authentication hardware.
π@cveNotify
The iOS and macOS apps before 1.4.1 for the Western Digital G-Technology ArmorLock NVMe SSD store keys insecurely. They choose a non-preferred storage mechanism if the device has Secure Enclave support but lacks biometric authentication hardware.
π@cveNotify
Western Digital
WDC-21003 ArmorLock, Insecure Key Storage Vulnerability | Western Digital
Western Digital provides data storage solutions, including systems, HDD, Flash SSD, memory and personal data solutions to help customers capture and preserve their most valued data.
π¨ CVE-2021-25764
In JetBrains PhpStorm before 2020.3, source code could be added to debug logs.
π@cveNotify
In JetBrains PhpStorm before 2020.3, source code could be added to debug logs.
π@cveNotify
The JetBrains Blog
JetBrains Blog: The Drive to Develop
Developer Tools for Professionals and Teams
π¨ CVE-2021-27358
The snapshot feature in Grafana before 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.
π@cveNotify
The snapshot feature in Grafana before 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.
π@cveNotify
GitHub
grafana/CHANGELOG.md at master Β· grafana/grafana
The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many mo...
π¨ CVE-2021-27221
** DISPUTED ** MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. NOTE: the vendor's position is that this is intended behavior because of how user policies work.
π@cveNotify
** DISPUTED ** MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. NOTE: the vendor's position is that this is intended behavior because of how user policies work.
π@cveNotify
Medium
RouterOS: User with just βftpβ policy can write to filesystem [CVE-2021β27221]
I think I found security issue in RouterOS from Mikrotik company. I reported it as SUP-41598 on 2021β02-15. After a bit arogantβ¦
π¨ CVE-2021-28109
TranzWare (POI) FIMI before 4.2.20.4.2 allows login_tw.php reflected Cross-Site Scripting (XSS).
π@cveNotify
TranzWare (POI) FIMI before 4.2.20.4.2 allows login_tw.php reflected Cross-Site Scripting (XSS).
π@cveNotify
Gist
CVE-2021-28109
GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2021-27928
A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database SUPER user can execute OS commands after modifying wsrep_provider and wsrep_notify_cmd. NOTE: this does not affect an Oracle product.
π@cveNotify
A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database SUPER user can execute OS commands after modifying wsrep_provider and wsrep_notify_cmd. NOTE: this does not affect an Oracle product.
π@cveNotify
π¨ CVE-2021-3327
Ovation Dynamic Content 1.10.1 for Elementor allows XSS via the post_title parameter.
π@cveNotify
Ovation Dynamic Content 1.10.1 for Elementor allows XSS via the post_title parameter.
π@cveNotify
Gist
CVE-2021-3327
CVE-2021-3327. GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2021-28126
index.jsp in TranzWare e-Commerce Payment Gateway (TWEC PG) before 3.1.27.5 had a Stored cross-site scripting (XSS) vulnerability
π@cveNotify
index.jsp in TranzWare e-Commerce Payment Gateway (TWEC PG) before 3.1.27.5 had a Stored cross-site scripting (XSS) vulnerability
π@cveNotify
Gist
Stored XSS in TranzWare e-Commerce Payment Gateway - CVE-2021-28126
Stored XSS in TranzWare e-Commerce Payment Gateway - CVE-2021-28126 - CVE-2021-28126
π¨ CVE-2020-6578
Zen Cart 1.5.6d allows reflected XSS via the main_page parameter to includes/templates/template_default/common/tpl_main_page.php or includes/templates/responsive_classic/common/tpl_main_page.php.
π@cveNotify
Zen Cart 1.5.6d allows reflected XSS via the main_page parameter to includes/templates/template_default/common/tpl_main_page.php or includes/templates/responsive_classic/common/tpl_main_page.php.
π@cveNotify
usd HeroLab
Security Advisories - usd HeroLab
Wir untersuchen die sich stΓ€ndig im Wandel befindlichen Angriffsszenarien und verΓΆffentlichen in diesem Zusammenhang eine Reihe von Security Advisories zu aktuellen Schwachstellen und Sicherheitsproblemen