Remotely alerts

CVE-2021-38389

on Oct. 20, 2021, 10:17 p.m.

Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code.

Learn more

Tags:  MitigationThird Party AdvisoryUS Government Resource

CVE-2021-33023

on Oct. 20, 2021, 10:16 p.m.

Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code.

Learn more

Tags:  MitigationThird Party AdvisoryUS Government Resource

CVE-2021-40617

on Oct. 19, 2021, 2 a.m.

An SQL Injection vulnerability exists in openSIS Community Edition version 8.0 via ForgotPassUserName.php.

Learn more

Tags:  ExploitIssue TrackingMitigationThird Party Advisory

CVE-2021-27664

on Oct. 18, 2021, 6:59 p.m.

Under certain configurations an unauthenticated remote user could be given access to credentials stored in the exacqVision Server.

Learn more

Tags:  MitigationThird Party AdvisoryUS Government Resource

CVE-2021-32785

on May 10, 2022, 6:02 p.m.

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When mod_auth_openidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache (`OIDCCacheEncrypt off`, `OIDCSessionType server-cache`, `OIDCCacheType redis`), `mod_auth_openidc` wrongly performed argument interpolation before passing Redis requests …

Learn more

Tags:  MitigationThird Party Advisory

CVE-2021-27665

on Oct. 16, 2021, 12:42 a.m.

An unauthenticated remote user could exploit a potential integer overflow condition in the exacqVision Server with a specially crafted script and cause denial-of-service condition.

Learn more

Tags:  MitigationThird Party AdvisoryUS Government Resource

CVE-2021-33849

on Oct. 14, 2021, 3:19 p.m.

A Cross-Site Scripting (XSS) attack can cause arbitrary code (JavaScript) to run in a user’s browser while the browser is connected to a trusted website. The attack targets your application's users and not the application itself while using your application as the attack's vehicle. The XSS payload executes whenever the user changes the form values …

Learn more

Tags:  ExploitMitigationThird Party Advisory

CVE-2021-25740

on Oct. 14, 2021, 9:15 a.m.

A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack.

Learn more

Tags:  Mailing ListMitigationThird Party Advisory

CVE-2020-8561

on Oct. 14, 2021, 9:15 a.m.

A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the log level is set to 10, they can view the redirected responses and headers in the …

Learn more

Tags:  Mailing ListMitigation

CVE-2020-26259

on Oct. 13, 2021, 2:15 a.m.

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling. The vulnerability may allow a remote attacker to delete arbitrary know files on the host as log as the executing process has sufficient rights …

Learn more

Tags:  ExploitMitigationThird Party Advisory

CVE-2020-26258

on Oct. 13, 2021, 2:15 a.m.

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, a Server-Side Forgery Request vulnerability can be activated when unmarshalling. The vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. If you …

Learn more

Tags:  MitigationThird Party Advisory

CVE-2021-41530

on Oct. 12, 2021, 10:07 p.m.

Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured.

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-41100

on Oct. 12, 2021, 7:40 p.m.

Wire-server is the backing server for the open source wire secure messaging application. In affected versions it is possible to trigger email address change of a user with only the short-lived session token in the `Authorization` header. As the short-lived token is only meant as means of authentication by the client for less critical requests …

Learn more

Tags:  MitigationThird Party Advisory

CVE-2021-25741

on Nov. 30, 2021, 10:42 p.m.

A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem.

Learn more

Tags:  Mailing ListMitigation

CVE-2020-24683

on Oct. 7, 2021, 7:05 p.m.

The affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user authentication which relies on validation at the client node (client-side authentication). This is not as secure as having the server validate a client application before allowing a connection. Therefore, if the network communication or endpoints for these applications are …

Learn more

Tags:  MitigationVendor Advisory

CVE-2020-24680

on Oct. 7, 2021, 7:05 p.m.

In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stored in a database.

Learn more

Tags:  MitigationVendor Advisory

CVE-2020-24679

on Oct. 7, 2021, 7:05 p.m.

A S+ Operations and S+ Historian service is subject to a DoS by special crafted messages. An attacker might use this flaw to make it crash or even execute arbitrary code on the machine where the service is hosted.

Learn more

Tags:  MitigationVendor Advisory

CVE-2020-24678

on Oct. 7, 2021, 7:05 p.m.

An authenticated user might execute malicious code under the user context and take control of the system. S+ Operations or S+ Historian database is affected by multiple vulnerabilities such as the possibility to allow remote authenticated users to gain high privileges.

Learn more

Tags:  MitigationVendor Advisory

CVE-2020-24677

on Oct. 7, 2021, 7:05 p.m.

Vulnerabilities in the S+ Operations and S+ Historian web applications can lead to a possible code execution and privilege escalation, redirect the user somewhere else or download unwanted data.

Learn more

Tags:  MitigationVendor Advisory

CVE-2020-24675

on Oct. 7, 2021, 7:05 p.m.

In S+ Operations and S+ History, it is possible that an unauthenticated user could inject values to the Operations History server (or standalone S+ History server) and ultimately write values to the controlled process.

Learn more

Tags:  MitigationVendor Advisory

CVE-2020-24674

on Oct. 7, 2021, 7:05 p.m.

In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected. Authenticated but Unauthorized remote users could execute a Denial-of-Service (DoS) attack, execute arbitrary code, or obtain more privilege than intended on the machines.

Learn more

Tags:  MitigationVendor Advisory

CVE-2020-24673

on Oct. 7, 2021, 7:04 p.m.

In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating …

Learn more

Tags:  MitigationVendor Advisory

CVE-2018-1313

on Oct. 7, 2021, 9:15 a.m.

In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network packet can be used to request the Derby Network Server to boot a database whose location and contents are under the user's control. If the Derby Network Server is not running with a Java Security Manager policy file, the attack is successful. If the server is …

Learn more

Tags:  MitigationThird Party Advisory

CVE-2021-23054

on Oct. 4, 2021, 6:07 p.m.

On version 16.x before 16.1.0, 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site scripting (XSS) vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system. Note: Software versions which have reached End of Technical Support …

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-34354

on Oct. 4, 2021, 3:58 p.m.

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Photo Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Photo Station: Photo Station 6.0.18 ( 2021/09/01 ) and later

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-34356

on Oct. 4, 2021, 3:54 p.m.

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Photo Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Photo Station: Photo Station 6.0.18 ( 2021/09/01 ) and later

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-38675

on Oct. 4, 2021, 3:53 p.m.

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Image2PDF. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Image2PDF: Image2PDF 2.1.5 ( 2021/08/17 ) and later

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-34355

on Oct. 4, 2021, 3:51 p.m.

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Photo Station: Photo Station 5.4.10 ( 2021/08/19 ) and later Photo Station 5.7.13 ( 2021/08/19 ) and later …

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-23031

on Sept. 30, 2021, 2:42 p.m.

On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.1, 13.1.x before 13.1.4, 12.1.x before 12.1.6, and 11.6.x before 11.6.5.3, an authenticated user may perform a privilege escalation on the BIG-IP Advanced WAF and ASM Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-23026

on Sept. 29, 2021, 7:21 p.m.

BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x and all versions of BIG-IQ 8.x, 7.x, and 6.x are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-23030

on Sept. 29, 2021, 7:10 p.m.

On BIG-IP Advanced WAF and BIG-IP ASM version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x, when a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not …

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-23027

on Sept. 28, 2021, 6:51 p.m.

On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, and 14.1.x before 14.1.4.3, a DOM based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) …

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-38304

on Sept. 28, 2021, 6:41 p.m.

Improper input validation in the National Instruments NI-PAL driver in versions 20.0.0 and prior may allow a privileged user to potentially enable escalation of privilege via local access.

Learn more

Tags:  MitigationPatchVendor Advisory

CVE-2021-23029

on Sept. 27, 2021, 4:50 p.m.

On version 16.0.x before 16.0.1.2, insufficient permission checks may allow authenticated users with guest privileges to perform Server-Side Request Forgery (SSRF) attacks through F5 Advanced Web Application Firewall (WAF) and the BIG-IP ASM Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-23039

on Sept. 27, 2021, 4:37 p.m.

On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.2.8, and all versions of 13.1.x and 12.1.x, when IPSec is configured on a BIG-IP system, undisclosed requests from an authorized remote (IPSec) peer, which already has a negotiated Security Association, can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have …

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-23035

on Sept. 27, 2021, 4:09 p.m.

On BIG-IP 14.1.x before 14.1.4.4, when an HTTP profile is configured on a virtual server, after a specific sequence of packets, chunked responses can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-23038

on Sept. 27, 2021, 3:43 p.m.

On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have …

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-23037

on Sept. 27, 2021, 2:22 p.m.

On all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are …

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-32724

on Sept. 27, 2021, 2:21 p.m.

check-spelling is a github action which provides CI spell checking. In affected versions and for a repository with the [check-spelling action](https://github.com/marketplace/actions/check-spelling) enabled that triggers on `pull_request_target` (or `schedule`), an attacker can send a crafted Pull Request that causes a `GITHUB_TOKEN` to be exposed. With the `GITHUB_TOKEN`, it's possible to push commits to the repository bypassing …

Learn more

Tags:  MitigationThird Party Advisory

CVE-2021-39163

on Dec. 21, 2021, 2:18 p.m.

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable homeserver is in the room …

Learn more

Tags:  MitigationThird Party Advisory

CVE-2021-23028

on Sept. 24, 2021, 7:19 p.m.

On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.2, and 13.1.x before 13.1.4, when JSON content profiles are configured for URLs as part of an F5 Advanced Web Application Firewall (WAF)/BIG-IP ASM security policy and applied to a virtual server, undisclosed requests may cause the BIG-IP ASM bd process to terminate. Note: Software …

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-23036

on Sept. 24, 2021, 6:58 p.m.

On version 16.0.x before 16.0.1.2, when a BIG-IP ASM and DataSafe profile are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-40444

on Dec. 15, 2021, 6:46 p.m.

Microsoft MSHTML Remote Code Execution Vulnerability

Learn more

Tags:  MitigationPatchVendor Advisory

CVE-2018-1000036

on Dec. 14, 2021, 9:46 p.m.

In MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file.

Learn more

Tags:  ExploitIssue TrackingThird Party AdvisoryPatchVDB EntryMitigationVendor Advisory

CVE-2021-40146

on Sept. 23, 2021, 4:59 p.m.

A Remote Code Execution (RCE) vulnerability was discovered in the Any23 YAMLExtractor.java file and is known to affect Any23 versions < 2.5. RCE vulnerabilities allow a malicious actor to execute any code of their choice on a remote machine over LAN, WAN, or internet. RCE belongs to the broader class of arbitrary code execution (ACE) …

Learn more

Tags:  Mailing ListVendor AdvisoryIssue TrackingMitigation

CVE-2021-28499

on Sept. 23, 2021, 3:37 p.m.

In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, user account passwords set in clear text could leak to users without any password. This issue affects: Arista Metamako Operating System MOS-0.18 and post releases in the MOS-0.1x train All releases in the MOS-0.2x train MOS-0.31.1 and prior releases in …

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-28498

on Sept. 23, 2021, 3:32 p.m.

In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, user enable passwords set in clear text could result in unprivileged users getting complete access to the systems. This issue affects: Arista Metamako Operating System MOS-0.13 and post releases in the MOS-0.1x train MOS-0.26.6 and prior releases in the MOS-0.2x …

Learn more

Tags:  MitigationVendor Advisory

CVE-2020-12038

on Sept. 23, 2021, 1:34 p.m.

Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer software: Version 32 and prior) is vulnerable. A memory corruption vulnerability exists in the algorithm that matches square …

Learn more

Tags:  MitigationPatchThird Party AdvisoryUS Government Resource

CVE-2021-28497

on Sept. 22, 2021, 4:50 p.m.

In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, the bash shell might be accessible to unprivileged users in situations where they should not have access. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train MOS-0.26.6 and below releases in the MOS-0.2x …

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-28495

on Sept. 22, 2021, 4:34 p.m.

In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, user authentication can be bypassed when API access is enabled via the JSON-RPC APIs. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train MOS-0.13 and post releases in the MOS-0.1x train MOS-0.26.6 and …

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-28494

on Sept. 22, 2021, 4:01 p.m.

In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, authentication is bypassed by unprivileged users who are accessing the Web UI. This issue affects: Arista Metamako Operating System MOS-0.34.0 and prior releases

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-28493

on Sept. 22, 2021, 2:22 p.m.

In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, a user may be able to execute commands despite not having the privileges to do so. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train MOS-0.32.0 and prior releases

Learn more

Tags:  MitigationVendor AdvisoryThird Party AdvisoryExploitPatch

CVE-2020-7565

on Jan. 31, 2022, 7:55 p.m.

A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to break the encryption key when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller.

Learn more

Tags:  Vendor AdvisoryMitigation

CVE-2021-34527

on July 2, 2022, 9:08 p.m.

Windows Print Spooler Remote Code Execution Vulnerability

Learn more

Tags:  MitigationPatchVendor Advisory

CVE-2021-22904

on Sept. 20, 2021, 1:51 p.m.

The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token Authentication logic in Action Controller due to a too permissive regular expression. Impacted code uses `authenticate_or_request_with_http_token` or `authenticate_with_http_token` for request authentication.

Learn more

Tags:  ExploitMitigationPatchVendor Advisory

CVE-2021-30128

on Sept. 20, 2021, 12:15 p.m.

Apache OFBiz has unsafe deserialization prior to 17.12.07 version

Learn more

Tags:  Mailing ListMitigationVendor Advisory

CVE-2020-24672

on July 8, 2022, 6:24 p.m.

A vulnerability in Base Software for SoftControl allows an attacker to insert and run arbitrary code in a computer running the affected product. This issue affects: .

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-32802

on Aug. 11, 2022, 1:15 a.m.

Nextcloud server is an open source, self hosted personal cloud. Nextcloud supports rendering image previews for user provided file content. For some image types, the Nextcloud server was invoking a third-party library that wasn't suited for untrusted user-supplied content. There are several security concerns with passing user-generated content to this library, such as Server-Side-Request-Forgery, file …

Learn more

Tags:  MitigationThird Party Advisory

CVE-2020-24676

on Sept. 14, 2021, 3:23 p.m.

In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks. An unprivileged (but authenticated) user could execute arbitrary code and result in privilege escalation, depending on the user that the service runs as.

Learn more

Tags:  MitigationVendor Advisory

CVE-2020-8316

on Sept. 14, 2021, 1:39 p.m.

A vulnerability was reported in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to read files on the system with elevated privileges.

Learn more

Tags:  MitigationVendor Advisory

CVE-2018-17555

on Sept. 13, 2021, 11:35 a.m.

The web component on ARRIS TG2492LG-NA 061213 devices allows remote attackers to obtain sensitive information via the /snmpGet oids parameter.

Learn more

Tags:  ExploitThird Party AdvisoryMitigationUS Government ResourcePatchVendor AdvisoryVDB EntryTechnical Description

CVE-2018-18070

on Sept. 13, 2021, 11:15 a.m.

An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12 on Mercedes-Benz C-Class 2018 vehicles. Defining or receiving a specific navigation route might cause the system to freeze and reboot after a few transmissions. When the system next starts, it tries to re-calculate the route, which will cause a boot loop. (Under certain circumstances, it …

Learn more

Tags:  Third Party AdvisoryPatchVendor AdvisoryMitigationUS Government Resource

CVE-2021-20027

on Sept. 13, 2021, 10:39 a.m.

A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls.

Learn more

Tags:  MitigationVendor AdvisoryPatch

CVE-2021-35238

on Sept. 9, 2021, 9:50 p.m.

User with Orion Platform Admin Rights could store XSS through URL POST parameter in CreateExternalWebsite website.

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-23426

on Sept. 9, 2021, 7:02 p.m.

This affects all versions of package Proto. It is possible to inject pollute the object property of an application using Proto by leveraging the merge function.

Learn more

Tags:  ExploitMitigationThird Party Advisory

CVE-2021-37719

on Sept. 9, 2021, 5:54 p.m.

A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.

Learn more

Tags:  Vendor AdvisoryMitigationThird Party Advisory

CVE-2017-9036

on Sept. 9, 2021, 5:47 p.m.

Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows local users to gain privileges by leveraging an unrestricted quarantine directory.

Learn more

Tags:  ExploitThird Party AdvisoryMitigationUS Government ResourcePatchVendor AdvisoryIssue TrackingMailing ListVDB EntryTechnical Description

CVE-2020-19048

on Sept. 9, 2021, 5:34 p.m.

Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Title" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'.

Learn more

Tags:  ExploitThird Party AdvisoryUS Government ResourceTechnical DescriptionMitigationPatchVendor Advisory

CVE-2018-2503

on Sept. 9, 2021, 5:17 p.m.

By default, the SAP NetWeaver AS Java keystore service does not sufficiently restrict the access to resources that should be protected. This has been fixed in SAP NetWeaver AS Java (ServerCore versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50).

Learn more

Tags:  Vendor AdvisoryMitigationPatchThird Party Advisory

CVE-2021-35221

on Sept. 9, 2021, 1:41 p.m.

Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.

Learn more

Tags:  MitigationPatchVendor Advisory

CVE-2018-20299

on Sept. 9, 2021, 1:15 p.m.

An issue was discovered in several Bosch Smart Home cameras (360 degree indoor camera and Eyes outdoor camera) with firmware before 6.52.4. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface, because there is a buffer overflow in the RCP+ parser of the web server.

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-22003

on Sept. 9, 2021, 12:58 p.m.

VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443. A malicious actor with network access to port 7443 may attempt user enumeration or brute force the login endpoint, which may or may not be practical based on lockout policy configuration and password complexity for the target account.

Learn more

Tags:  PatchVendor AdvisoryMitigation

CVE-2019-13013

on Sept. 8, 2021, 5:22 p.m.

Little Snitch versions 4.3.0 to 4.3.2 have a local privilege escalation vulnerability in their privileged helper tool. The privileged helper tool implements an XPC interface which is available to any process and allows directory listings and copying files as root.

Learn more

Tags:  MitigationVendor Advisory

CVE-2018-6084

on Sept. 8, 2021, 5:21 p.m.

Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via an executable file.

Learn more

Tags:  MitigationExploitIssue TrackingVendor Advisory

CVE-2021-35239

on Sept. 8, 2021, 3:55 p.m.

A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink.

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-32781

on July 2, 2022, 6:31 p.m.

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions after Envoy sends a locally generated response it must stop further processing of request or response data. However when local response is generated due the internal buffer overflow while request or response is processed by …

Learn more

Tags:  Vendor AdvisoryThird Party AdvisoryVDB EntryPatchMitigationUS Government ResourceExploit

CVE-2020-15955

on Aug. 31, 2021, 3:49 p.m.

In s/qmail through 4.0.07, an active MitM can inject arbitrary plaintext commands into a STARTTLS encrypted session between an SMTP client and s/qmail. This allows e-mail messages and user credentials to be sent to the MitM attacker.

Learn more

Tags:  Technical DescriptionThird Party AdvisoryMitigationPatchVendor AdvisoryBroken Link

CVE-2020-35685

on Aug. 26, 2021, 6:21 p.m.

An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. (Proper …

Learn more

Tags:  MitigationThird Party Advisory

CVE-2020-35684

on Aug. 26, 2021, 6:21 p.m.

An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the …

Learn more

Tags:  MitigationThird Party Advisory

CVE-2021-31401

on Aug. 26, 2021, 6:09 p.m.

An issue was discovered in tcp_rcv() in nptcp.c in HCC embedded InterNiche 4.0.1. The TCP header processing code doesn't sanitize the value of the IP total length field (header length + data length). With a crafted IP packet, an integer overflow occurs whenever the value of the IP data length is calculated by subtracting the …

Learn more

Tags:  MitigationThird Party Advisory

CVE-2020-35683

on Aug. 26, 2021, 5:43 p.m.

An issue was discovered in HCC Nichestack 3.0. The code that parses ICMP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the ICMP checksum. When the IP payload size is set to be smaller than the size of the IP header, the ICMP checksum computation …

Learn more

Tags:  MitigationThird Party Advisory

CVE-2021-3459

on Aug. 25, 2021, 1:51 a.m.

A privilege escalation vulnerability was reported in the MM1000 device configuration web server, which could allow privileged shell access and/or arbitrary privileged commands to be executed on the adapter.

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-3458

on Aug. 25, 2021, 1:26 a.m.

The Motorola MM1000 device configuration portal can be accessed without authentication, which could allow adapter settings to be modified.

Learn more

Tags:  MitigationVendor Advisory

CVE-2018-7798

on Jan. 31, 2022, 8:31 p.m.

A Insufficient Verification of Data Authenticity (CWE-345) vulnerability exists in the Modicon M221, all versions, which could cause a change of IPv4 configuration (IP address, mask and gateway) when remotely connected to the device.

Learn more

Tags:  MitigationVendor Advisory

CVE-2018-7821

on Jan. 31, 2022, 7:55 p.m.

An Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet/IP adapter is activated.

Learn more

Tags:  Vendor AdvisoryExploitMitigationTechnical DescriptionThird Party Advisory

CVE-2021-0012

on Nov. 9, 2021, 8:15 p.m.

Use after free in some Intel(R) Graphics Driver before version 27.20.100.8336, 15.45.33.5164, and 15.40.47.5166 may allow an authenticated user to potentially enable denial of service via local access.

Learn more

Tags:  PatchVendor AdvisoryIssue TrackingThird Party AdvisoryExploitMitigation

CVE-2021-38527

on Aug. 19, 2021, 6:37 p.m.

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.14, EX6100v2 before 1.0.1.98, EX6150v2 before 1.0.1.98, EX6250 before 1.0.0.132, EX6400 before 1.0.2.158, EX6400v2 before 1.0.0.132, EX6410 before 1.0.0.132, EX6420 before 1.0.0.132, EX7300 before 1.0.2.158, EX7300v2 before 1.0.0.132, EX7320 before 1.0.0.132, EX7700 before 1.0.0.216, EX8000 before 1.0.1.232, R7800 before …

Learn more

Tags:  Vendor AdvisoryMitigation

CVE-2019-10953

on Jan. 31, 2022, 8:48 p.m.

ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets.

Learn more

Tags:  MitigationThird Party AdvisoryUS Government Resource

CVE-2021-22902

on Aug. 18, 2021, 7:13 p.m.

The actionpack ruby gem (a framework for handling and responding to web requests in Rails) before 6.0.3.7, 6.1.3.2 suffers from a possible denial of service vulnerability in the Mime type parser of Action Dispatch. Carefully crafted Accept headers can cause the mime type parser in Action Dispatch to do catastrophic backtracking in the regular expression …

Learn more

Tags:  ExploitMitigationPatchVendor Advisory

CVE-2021-28372

on Aug. 18, 2021, 1:45 p.m.

ThroughTek's Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek (TUTK) device given a valid 20-byte uniquely assigned identifier (UID). This could result in an attacker hijacking a victim's connection and forcing them into supplying credentials needed to access the victim TUTK device.

Learn more

Tags:  ExploitMitigationThird Party Advisory

CVE-2019-3870

on Aug. 17, 2021, 2:46 p.m.

A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will …

Learn more

Tags:  MitigationPatchVendor Advisory

CVE-2019-1625

on Aug. 12, 2021, 9:34 p.m.

A vulnerability in the CLI of Cisco SD-WAN Solution could allow an authenticated, local attacker to elevate lower-level privileges to the root user on an affected device. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by authenticating to the targeted device and executing commands that could lead to elevated …

Learn more

Tags:  Vendor AdvisoryVDB EntryThird Party AdvisoryPatchMitigation

CVE-2019-11580

on Aug. 12, 2021, 6:15 p.m.

Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code execution on systems running a vulnerable version of Crowd or Crowd …

Learn more

Tags:  MitigationIssue TrackingVendor Advisory

CVE-2021-21562

on Aug. 11, 2021, 6:27 p.m.

Dell EMC PowerScale OneFS contains an untrusted search path vulnerability. This vulnerability allows a user with (ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE) and (ISI_PRIV_SYS_UPGRADE or ISI_PRIV_AUDIT) to provide an untrusted path which can lead to run resources that are not under the application’s direct control.

Learn more

Tags:  MitigationVendor Advisory

CVE-2019-19299

on Aug. 10, 2021, 11:15 a.m.

A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions). The streaming service (default port 5410/tcp) of the SiVMS/SiNVR Video Server applies weak cryptography when exposing device (camera) passwords. This could allow an unauthenticated remote attacker to read and decrypt the passwords and conduct further attacks.

Learn more

Tags:  MitigationVendor Advisory

CVE-2020-20741

on Aug. 9, 2021, 5:43 p.m.

Incorrect Access Control in Beckhoff Automation GmbH & Co. KG CX9020 with firmware version CX9020_CB3011_WEC7_HPS_v602_TC31_B4016.6 allows remote attackers to bypass authentication via the "CE Remote Display Tool" as it does not close the incoming connection on the Windows CE side if the credentials are incorrect.

Learn more

Tags:  MitigationPatchVendor Advisory

CVE-2017-4960

on Aug. 6, 2021, 1:08 p.m.

An issue was discovered in Cloud Foundry release v247 through v252, UAA stand-alone release v3.9.0 through v3.11.0, and UAA Bosh Release v21 through v26. There is a potential to subject the UAA OAuth clients to a denial of service attack.

Learn more

Tags:  Vendor AdvisoryMitigationPatch

CVE-2016-6636

on Aug. 6, 2021, 1:07 p.m.

The OAuth authorization implementation in Pivotal Cloud Foundry (PCF) before 242; UAA 2.x before 2.7.4.7, 3.x before 3.3.0.5, and 3.4.x before 3.4.4; UAA BOSH before 11.5 and 12.x before 12.5; Elastic Runtime before 1.6.40, 1.7.x before 1.7.21, and 1.8.x before 1.8.1; and Ops Manager 1.7.x before 1.7.13 and 1.8.x before 1.8.1 mishandles redirect_uri subdomains, which …

Learn more

Tags:  Vendor AdvisoryMitigation

CVE-2021-20094

on Aug. 5, 2021, 9:15 p.m.

A denial of service vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to crash the CodeMeter Runtime Server.

Learn more

Tags:  MitigationVendor Advisory

CVE-2021-20093

on Aug. 5, 2021, 9:15 p.m.

A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to disclose heap memory contents or crash the CodeMeter Runtime Server.

Learn more

Tags:  MitigationVendor Advisory