๐จ CVE-2020-21840
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../src/bits.c:1985.
๐@cveNotify
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../src/bits.c:1985.
๐@cveNotify
๐จ CVE-2020-21841
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B ../../src/bits.c:135.
๐@cveNotify
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B ../../src/bits.c:135.
๐@cveNotify
๐จ CVE-2020-21842
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory ../../src/decode.c:3051.
๐@cveNotify
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory ../../src/decode.c:3051.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2020-21843
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits.c:318.
๐@cveNotify
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits.c:318.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2020-21844
GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580.
๐@cveNotify
GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2017-17674
BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. Due to the lack of restrictions on what can be targeted, the system can be vulnerable to attacks such as system fingerprinting, internal port scanning, Server Side Request Forgery (SSRF), or remote code execution (RCE).
๐@cveNotify
BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. Due to the lack of restrictions on what can be targeted, the system can be vulnerable to attacks such as system fingerprinting, internal port scanning, Server Side Request Forgery (SSRF), or remote code execution (RCE).
๐@cveNotify
www.helixops.ai
BMC Remedy ITSM | Remedy IT Service Management | BMC Helix
BMC Helix ITSM is the next generation of Remedy. BMC Helix ITSM delivers industry-leading, next gen service management on your choice of cloud.
๐จ CVE-2017-17677
BMC Remedy 9.1SP3 is affected by authenticated code execution. Authenticated users that have the right to create reports can use BIRT templates to run code.
๐@cveNotify
BMC Remedy 9.1SP3 is affected by authenticated code execution. Authenticated users that have the right to create reports can use BIRT templates to run code.
๐@cveNotify
www.helixops.ai
BMC Remedy ITSM | Remedy IT Service Management | BMC Helix
BMC Helix ITSM is the next generation of Remedy. BMC Helix ITSM delivers industry-leading, next gen service management on your choice of cloud.
๐จ CVE-2021-27821
The Web Interface for OpenWRT LuCI version 19.07 and lower has been discovered to have a cross-site scripting vulnerability which can lead to attackers carrying out arbitrary code execution.
๐@cveNotify
The Web Interface for OpenWRT LuCI version 19.07 and lower has been discovered to have a cross-site scripting vulnerability which can lead to attackers carrying out arbitrary code execution.
๐@cveNotify
๐จ CVE-2021-27676
Centreon version 20.10.2 is affected by a cross-site scripting (XSS) vulnerability. The dep_description (Dependency Description) and dep_name (Dependency Name) parameters are vulnerable to stored XSS. A user has to log in and go to the Configuration > Notifications > Hosts page.
๐@cveNotify
Centreon version 20.10.2 is affected by a cross-site scripting (XSS) vulnerability. The dep_description (Dependency Description) and dep_name (Dependency Name) parameters are vulnerable to stored XSS. A user has to log in and go to the Configuration > Notifications > Hosts page.
๐@cveNotify
GitHub
chore: remove lock file 26.01 by Thebarda ยท Pull Request #9587 ยท centreon/centreon
Description
PLEASE MAKE SURE THAT THE BRANCH PR INCLUDES JIRA TICKET ID (for centreon-internal)
Please include a short resume of the changes and what is the purpose of PR. Any relevant information ...
PLEASE MAKE SURE THAT THE BRANCH PR INCLUDES JIRA TICKET ID (for centreon-internal)
Please include a short resume of the changes and what is the purpose of PR. Any relevant information ...
๐จ CVE-2020-26677
Any user logged in to a vFairs 3.3 virtual conference or event can perform SQL injection with a malicious query to the API.
๐@cveNotify
Any user logged in to a vFairs 3.3 virtual conference or event can perform SQL injection with a malicious query to the API.
๐@cveNotify
๐จ CVE-2020-26678
vFairs 3.3 is affected by Remote Code Execution. Any user logged in to a vFairs virtual conference or event can abuse the functionality to upload a profile picture in order to place a malicious PHP file on the server and gain code execution.
๐@cveNotify
vFairs 3.3 is affected by Remote Code Execution. Any user logged in to a vFairs virtual conference or event can abuse the functionality to upload a profile picture in order to place a malicious PHP file on the server and gain code execution.
๐@cveNotify
๐จ CVE-2020-26679
vFairs 3.3 is affected by Insecure Permissions. Any user logged in to a vFairs virtual conference or event can modify any other users profile information or profile picture. After receiving any user's unique identification number and their own, an HTTP POST request can be made update their profile description or supply a new profile image. This can lead to potential cross-site scripting attacks on any user, or upload malicious PHP webshells as "profile pictures." The user IDs can be easily determined by other responses from the API for an event or chat room.
๐@cveNotify
vFairs 3.3 is affected by Insecure Permissions. Any user logged in to a vFairs virtual conference or event can modify any other users profile information or profile picture. After receiving any user's unique identification number and their own, an HTTP POST request can be made update their profile description or supply a new profile image. This can lead to potential cross-site scripting attacks on any user, or upload malicious PHP webshells as "profile pictures." The user IDs can be easily determined by other responses from the API for an event or chat room.
๐@cveNotify
๐จ CVE-2020-26680
In vFairs 3.3, any user logged in to a vFairs virtual conference or event can modify any other users profile information to include a cross-site scripting payload. The user data stored by the database includes HTML tags that are intentionally rendered out onto the page, and this can be abused to perform XSS attacks.
๐@cveNotify
In vFairs 3.3, any user logged in to a vFairs virtual conference or event can modify any other users profile information to include a cross-site scripting payload. The user data stored by the database includes HTML tags that are intentionally rendered out onto the page, and this can be abused to perform XSS attacks.
๐@cveNotify
Huntress
Zero-Day Vulnerabilities in Platforms Could Leave MSPs Exposed | Huntress
We unveil zero-day vulnerabilities we discovered in virtual event platforms used in MSP/Fortune 500 communities, plus some insight on supply chain attacks.
๐จ CVE-2021-29049
Cross-site scripting (XSS) vulnerability in the Portal Workflow module's edit process page in Liferay DXP 7.0 before fix pack 99, 7.1 before fix pack 23, 7.2 before fix pack 12 and 7.3 before fix pack 1, allows remote attackers to inject arbitrary web script or HTML via the currentURL parameter.
๐@cveNotify
Cross-site scripting (XSS) vulnerability in the Portal Workflow module's edit process page in Liferay DXP 7.0 before fix pack 99, 7.1 before fix pack 23, 7.2 before fix pack 12 and 7.3 before fix pack 1, allows remote attackers to inject arbitrary web script or HTML via the currentURL parameter.
๐@cveNotify
๐จ CVE-2021-31659
TP-Link TL-SG2005, TL-SG2008, etc. 1.0.0 Build 20180529 Rel.40524 is vulnerable to Cross Site Request Forgery (CSRF). All configuration information is placed in the URL, without any additional token authentication information. A malicious link opened by the switch administrator may cause the password of the switch to be modified and the configuration file to be tampered with.
๐@cveNotify
TP-Link TL-SG2005, TL-SG2008, etc. 1.0.0 Build 20180529 Rel.40524 is vulnerable to Cross Site Request Forgery (CSRF). All configuration information is placed in the URL, without any additional token authentication information. A malicious link opened by the switch administrator may cause the password of the switch to be modified and the configuration file to be tampered with.
๐@cveNotify
GitHub
CVE/2021/CVE-2021-31659 at main ยท secnotes/CVE
Some Awesome and Simple CVE. Contribute to secnotes/CVE development by creating an account on GitHub.
๐จ CVE-2021-28979
SafeNet KeySecure Management Console 8.12.0 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked.
๐@cveNotify
SafeNet KeySecure Management Console 8.12.0 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked.
๐@cveNotify
Safenet
Safenet CCTV
Default Description
๐จ CVE-2021-34202
There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 1.01B04. Ordinary permissions can be elevated to administrator permissions, resulting in local arbitrary code execution. An attacker can combine other vulnerabilities to further achieve the purpose of remote code execution.
๐@cveNotify
There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 1.01B04. Ordinary permissions can be elevated to administrator permissions, resulting in local arbitrary code execution. An attacker can combine other vulnerabilities to further achieve the purpose of remote code execution.
๐@cveNotify
๐จ CVE-2021-34201
D-Link DIR-2640-US 1.01B04 is vulnerable to Buffer Overflow. There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640). Local ordinary users can overwrite the global variables in the .bss section, causing the process crashes or changes.
๐@cveNotify
D-Link DIR-2640-US 1.01B04 is vulnerable to Buffer Overflow. There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640). Local ordinary users can overwrite the global variables in the .bss section, causing the process crashes or changes.
๐@cveNotify
๐จ CVE-2021-34204
D-Link DIR-2640-US 1.01B04 is affected by Insufficiently Protected Credentials. D-Link AC2600(DIR-2640) stores the device system account password in plain text. It does not use linux user management. In addition, the passwords of all devices are the same, and they cannot be modified by normal users. An attacker can easily log in to the target router through the serial port and obtain root privileges.
๐@cveNotify
D-Link DIR-2640-US 1.01B04 is affected by Insufficiently Protected Credentials. D-Link AC2600(DIR-2640) stores the device system account password in plain text. It does not use linux user management. In addition, the passwords of all devices are the same, and they cannot be modified by normal users. An attacker can easily log in to the target router through the serial port and obtain root privileges.
๐@cveNotify
๐จ CVE-2020-19511
Cross Site Scriptiong vulnerability in Typesetter 5.1 via the !1) className and !2) Description fields in index.php/Admin/Classes,
๐@cveNotify
Cross Site Scriptiong vulnerability in Typesetter 5.1 via the !1) className and !2) Description fields in index.php/Admin/Classes,
๐@cveNotify
๐จ CVE-2020-22168
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\change-emaild.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
๐@cveNotify
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\change-emaild.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
๐@cveNotify
GitHub
GitHub - itodaro/PHPGurukul_Hospital_Management_System4.0_cve
Contribute to itodaro/PHPGurukul_Hospital_Management_System4.0_cve development by creating an account on GitHub.