๐จ CVE-2020-21813
A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114.
๐@cveNotify
A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #182 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwg2SVG $PoC 1.NULL pointer dereference in htmlescape ../../programs/escape.c:29 POC: https://githu...
๐จ CVE-2020-21833
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_classes ../../src/decode.c:2440.
๐@cveNotify
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_classes ../../src/decode.c:2440.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2020-21838
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_appinfo ../../src/decode.c:2842.
๐@cveNotify
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_appinfo ../../src/decode.c:2842.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2020-21840
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../src/bits.c:1985.
๐@cveNotify
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../src/bits.c:1985.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2020-21841
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B ../../src/bits.c:135.
๐@cveNotify
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B ../../src/bits.c:135.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2017-17674
BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. Due to the lack of restrictions on what can be targeted, the system can be vulnerable to attacks such as system fingerprinting, internal port scanning, Server Side Request Forgery (SSRF), or remote code execution (RCE).
๐@cveNotify
BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. Due to the lack of restrictions on what can be targeted, the system can be vulnerable to attacks such as system fingerprinting, internal port scanning, Server Side Request Forgery (SSRF), or remote code execution (RCE).
๐@cveNotify
๐จ CVE-2017-17677
BMC Remedy 9.1SP3 is affected by authenticated code execution. Authenticated users that have the right to create reports can use BIRT templates to run code.
๐@cveNotify
BMC Remedy 9.1SP3 is affected by authenticated code execution. Authenticated users that have the right to create reports can use BIRT templates to run code.
๐@cveNotify
๐จ CVE-2017-17678
BMC Remedy Mid Tier 9.1SP3 is affected by cross-site scripting (XSS). A DOM-based cross-site scripting vulnerability was discovered in a legacy utility.
๐@cveNotify
BMC Remedy Mid Tier 9.1SP3 is affected by cross-site scripting (XSS). A DOM-based cross-site scripting vulnerability was discovered in a legacy utility.
๐@cveNotify
๐จ CVE-2021-28979
SafeNet KeySecure Management Console 8.12.0 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked.
๐@cveNotify
SafeNet KeySecure Management Console 8.12.0 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked.
๐@cveNotify
๐จ CVE-2021-34202
There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 1.01B04. Ordinary permissions can be elevated to administrator permissions, resulting in local arbitrary code execution. An attacker can combine other vulnerabilities to further achieve the purpose of remote code execution.
๐@cveNotify
There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 1.01B04. Ordinary permissions can be elevated to administrator permissions, resulting in local arbitrary code execution. An attacker can combine other vulnerabilities to further achieve the purpose of remote code execution.
๐@cveNotify
GitHub
CVE/2021/CVE-2021-34202 at main ยท secnotes/CVE
Some Awesome and Simple CVE. Contribute to secnotes/CVE development by creating an account on GitHub.
๐จ CVE-2021-34201
D-Link DIR-2640-US 1.01B04 is vulnerable to Buffer Overflow. There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640). Local ordinary users can overwrite the global variables in the .bss section, causing the process crashes or changes.
๐@cveNotify
D-Link DIR-2640-US 1.01B04 is vulnerable to Buffer Overflow. There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640). Local ordinary users can overwrite the global variables in the .bss section, causing the process crashes or changes.
๐@cveNotify
GitHub
CVE/2021/CVE-2021-34201 at main ยท secnotes/CVE
Some Awesome and Simple CVE. Contribute to secnotes/CVE development by creating an account on GitHub.
๐จ CVE-2021-34203
D-Link DIR-2640-US 1.01B04 is vulnerable to Incorrect Access Control. Router ac2600 (dir-2640-us), when setting PPPoE, will start quagga process in the way of whole network monitoring, and this function uses the original default password and port. An attacker can easily use telnet to log in, modify routing information, monitor the traffic of all devices under the router, hijack DNS and phishing attacks. In addition, this interface is likely to be questioned by customers as a backdoor, because the interface should not be exposed.
๐@cveNotify
D-Link DIR-2640-US 1.01B04 is vulnerable to Incorrect Access Control. Router ac2600 (dir-2640-us), when setting PPPoE, will start quagga process in the way of whole network monitoring, and this function uses the original default password and port. An attacker can easily use telnet to log in, modify routing information, monitor the traffic of all devices under the router, hijack DNS and phishing attacks. In addition, this interface is likely to be questioned by customers as a backdoor, because the interface should not be exposed.
๐@cveNotify
GitHub
CVE/2021/CVE-2021-34203 at main ยท secnotes/CVE
Some Awesome and Simple CVE. Contribute to secnotes/CVE development by creating an account on GitHub.
๐จ CVE-2021-34204
D-Link DIR-2640-US 1.01B04 is affected by Insufficiently Protected Credentials. D-Link AC2600(DIR-2640) stores the device system account password in plain text. It does not use linux user management. In addition, the passwords of all devices are the same, and they cannot be modified by normal users. An attacker can easily log in to the target router through the serial port and obtain root privileges.
๐@cveNotify
D-Link DIR-2640-US 1.01B04 is affected by Insufficiently Protected Credentials. D-Link AC2600(DIR-2640) stores the device system account password in plain text. It does not use linux user management. In addition, the passwords of all devices are the same, and they cannot be modified by normal users. An attacker can easily log in to the target router through the serial port and obtain root privileges.
๐@cveNotify
GitHub
CVE/2021/CVE-2021-34204 at main ยท secnotes/CVE
Some Awesome and Simple CVE. Contribute to secnotes/CVE development by creating an account on GitHub.
๐จ CVE-2020-26801
A stored cross-site scripting (XSS) vulnerability was discovered in /Forms/device_vars_1 on TrippLite SU2200RTXL2Ua with firmware version 12.04.0055. This vulnerability allows authenticated attackers to obtain other users' information via a crafted POST request.
๐@cveNotify
A stored cross-site scripting (XSS) vulnerability was discovered in /Forms/device_vars_1 on TrippLite SU2200RTXL2Ua with firmware version 12.04.0055. This vulnerability allows authenticated attackers to obtain other users' information via a crafted POST request.
๐@cveNotify
๐จ CVE-2021-31655
Cross Site Scripting (XSS) vulnerability in TRENDnet TV-IP110WN V1.2.2.64 V1.2.2.65 V1.2.2.68 via the profile parameter. in a GET request in view.cgi.
๐@cveNotify
Cross Site Scripting (XSS) vulnerability in TRENDnet TV-IP110WN V1.2.2.64 V1.2.2.65 V1.2.2.68 via the profile parameter. in a GET request in view.cgi.
๐@cveNotify
GitHub
Vuls/TRENDnet TV-IP110WN/CVE-2021-31655.md at main ยท yinfeidi/Vuls
Contribute to yinfeidi/Vuls development by creating an account on GitHub.
๐จ CVE-2021-33287
In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application.
๐@cveNotify
In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application.
๐@cveNotify
๐จ CVE-2021-33259
Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for access, allowing for attackers to obtain users' DNS query history.
๐@cveNotify
Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for access, allowing for attackers to obtain users' DNS query history.
๐@cveNotify
๐จ CVE-2021-36697
With an admin account, the .htaccess file in Artica Pandora FMS <=755 can be overwritten with the File Manager component. The new .htaccess file contains a Rewrite Rule with a type definition. A normal PHP file can be uploaded with this new "file type" and the code can be executed with an HTTP request.
๐@cveNotify
With an admin account, the .htaccess file in Artica Pandora FMS <=755 can be overwritten with the File Manager component. The new .htaccess file contains a Rewrite Rule with a type definition. A normal PHP file can be uploaded with this new "file type" and the code can be executed with an HTTP request.
๐@cveNotify
K4M1Ll0
CVE Chained Exploit htaccess PandoraFMS
cve-chained-exploit-htaccess
๐จ CVE-2021-36698
Pandora FMS through 755 allows XSS via a new Event Filter with a crafted name.
๐@cveNotify
Pandora FMS through 755 allows XSS via a new Event Filter with a crafted name.
๐@cveNotify
K4M1Ll0
CVE Chained Exploit htaccess PandoraFMS
cve-chained-exploit-htaccess
๐จ CVE-2021-3380
Insecure direct object reference (IDOR) vulnerability in ICREM H8 SSRMS allows attackers to disclose sensitive information via the Print Invoice Functionality.
๐@cveNotify
Insecure direct object reference (IDOR) vulnerability in ICREM H8 SSRMS allows attackers to disclose sensitive information via the Print Invoice Functionality.
๐@cveNotify
๐จ CVE-2020-27413
An issue was discovered in Mahavitaran android application 7.50 and below, allows local attackers to read cleartext username and password while the user is logged into the application.
๐@cveNotify
An issue was discovered in Mahavitaran android application 7.50 and below, allows local attackers to read cleartext username and password while the user is logged into the application.
๐@cveNotify