CVE-2021-37436 - Amazon Echo Dot devices through 2021-07-02 sometimes allow attackers, who have physical access to a device after a factory reset, to obtain sensitive information via a series of complex hardware and software attacks. NOTE: reportedly, there were vendor marketing statements about safely removing personal content via a factory reset. Also, the vendor has reportedly indicated that they are working on mitigations.
24/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-37436
Partager : LinkedIn / Twitter / Facebook

CVE-2021-32783 - Contour is a Kubernetes ingress controller using Envoy proxy. In Contour before version 1.17.1 a specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contour normally prevents from access outside the Envoy container. This can be used to shut down Envoy remotely (a denial of service), or to expose the existence of any Secret that Envoy is using for its configuration, including most notably TLS Keypairs. However, it *cannot* be used to get the *content* of those secrets. Since this attack allows access to the administration interface, a variety of administration options are available, such as shutting down the Envoy or draining traffic. In general, the Envoy admin interface cannot easily be used for making changes to the cluster, in-flight requests, or backend services, but it could be used to shut down or drain Envoy, change traffic routing, or to retrieve secret metadata, as mentioned above. The issue will be addressed in Contour v1.18.0 and a cherry-picked patch release, v1.17.1, has been released to cover users who cannot upgrade at this time. For more details refer to the linked GitHub Security Advisory.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-32783
Partager : LinkedIn / Twitter / Facebook

CVE-2021-32686 - PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback and destroy, due to the accepted socket having no group lock. Second, the SSL socket parent/listener may get destroyed during handshake. Both issues were reported to happen intermittently in heavy load TLS connections. They cause a crash, resulting in a denial of service. These are fixed in version 2.11.1.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-32686
Partager : LinkedIn / Twitter / Facebook

CVE-2021-3169 - An issue in Jumpserver 2.6.2 and below allows attackers to create a connection token through an API which does not have access control and use it to access sensitive assets.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-3169
Partager : LinkedIn / Twitter / Facebook

CVE-2021-25809 - UCMS 1.5.0 was discovered to contain a physical path leakage via an error message returned by the adminchannelscache() function in top.php.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-25809
Partager : LinkedIn / Twitter / Facebook

CVE-2021-25808 - A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-25808
Partager : LinkedIn / Twitter / Facebook

CVE-2020-20741 - Incorrect Access Control in Beckhoff Automation GmbH & Co. KG CX9020 with firmware version CX9020_CB3011_WEC7_HPS_v602_TC31_B4016.6 allows remote attackers to bypass authentication via the "CE Remote Display Tool" as it does not close the incoming connection on the Windows CE side if the credentials are incorrect.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-20741
Partager : LinkedIn / Twitter / Facebook

CVE-2021-25791 - Multiple stored cross site scripting (XSS) vulnerabilities in the "Update Profile" module of Online Doctor Appointment System 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in the First Name, Last Name, and Address text fields.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-25791
Partager : LinkedIn / Twitter / Facebook

CVE-2021-25790 - Multiple stored cross site scripting (XSS) vulnerabilities in the "Register" module of House Rental and Property Listing 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in all text fields except for Phone Number and Alternate Phone Number.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-25790
Partager : LinkedIn / Twitter / Facebook

CVE-2021-23412 - All versions of package gitlogplus are vulnerable to Command Injection via the main functionality, as options attributes are appended to the command to be executed without sanitization.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-23412
Partager : LinkedIn / Twitter / Facebook

CVE-2021-3159 - A stored cross site scripting (XSS) vulnerability in the /sys/attachment/uploaderServlet component of Landray EKP V12.0.9.R.20160325 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG, SHTML, or MHT file.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-3159
Partager : LinkedIn / Twitter / Facebook

CVE-2021-25208 - Arbitrary file upload vulnerability in SourceCodester Travel Management System v 1.0 allows attackers to execute arbitrary code via the file upload to updatepackage.php.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-25208
Partager : LinkedIn / Twitter / Facebook

CVE-2021-25206 - Arbitrary file upload vulnerability in SourceCodester Responsive Ordering System v 1.0 allows attackers to execute arbitrary code via the file upload to Product_model.php.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-25206
Partager : LinkedIn / Twitter / Facebook

CVE-2021-25204 - Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote attackers to inject arbitrary web script or HTM via the subject field to feedback_process.php.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-25204
Partager : LinkedIn / Twitter / Facebook

CVE-2021-25203 - Arbitrary file upload vulnerability in Victor CMS v 1.0 allows attackers to execute arbitrary code via the file upload to \CMSsite-master\admin\includes\admin_add_post.php.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-25203
Partager : LinkedIn / Twitter / Facebook

CVE-2021-25201 - SQL injection vulnerability in Learning Management System v 1.0 allows remote attackers to execute arbitrary SQL statements through the id parameter to obtain sensitive database information.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-25201
Partager : LinkedIn / Twitter / Facebook

CVE-2021-25207 - Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows attackers to execute arbitrary code via the file upload to prodViewUpdate.php.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-25207
Partager : LinkedIn / Twitter / Facebook

CVE-2021-20333 - Sending specially crafted commands to a MongoDB Server may result in artificial log entries being generated or for log entries to be split. This issue affects MongoDB Server v3.6 versions prior to 3.6.20; MongoDB Server v4.0 versions prior to 4.0.21; MongoDB Server v4.2 versions prior to 4.2.10;
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-20333
Partager : LinkedIn / Twitter / Facebook

CVE-2021-26799 - Cross Site Scripting (XSS) vulnerability in admin/files/edit in Omeka Classic
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-26799
Partager : LinkedIn / Twitter / Facebook

CVE-2020-14032 - ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-14032
Partager : LinkedIn / Twitter / Facebook

CVE-2021-24036 - Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution. This issue affects versions of folly prior to v2021.07.22.00. This issue affects HHVM versions prior to 4.80.5, all versions between 4.81.0 and 4.102.1, all versions between 4.103.0 and 4.113.0, and versions 4.114.0, 4.115.0, 4.116.0, 4.117.0, 4.118.0 and 4.118.1.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-24036
Partager : LinkedIn / Twitter / Facebook

CVE-2021-36222 - ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-36222
Partager : LinkedIn / Twitter / Facebook

CVE-2021-35942 - The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-35942
Partager : LinkedIn / Twitter / Facebook

CVE-2021-35464 - ForgeRock AM server 6.x before 7, and OpenAM 14.6.3, has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted /ccversion/Version request to the server. The vulnerability exists due to incorrect usage of Sun ONE Application Framework (JATO).
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-35464
Partager : LinkedIn / Twitter / Facebook

CVE-2021-35063 - Suricata before 5.0.7 and 6.x before 6.0.3 has a "critical evasion."
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-35063
Partager : LinkedIn / Twitter / Facebook

CVE-2021-33032 - eQ-3 HomeMatic CCU2 2.57.5 and CCU3 3.57.5 devices allow remote code execution.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-33032
Partager : LinkedIn / Twitter / Facebook

CVE-2021-26226 - SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_user.php.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-26226
Partager : LinkedIn / Twitter / Facebook

CVE-2021-25202 - SQL injection vulnerability in SourceCodester Sales and Inventory System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to \ahira\admin\inventory.php.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-25202
Partager : LinkedIn / Twitter / Facebook

CVE-2021-25197 - Cross-site scripting (XSS) vulnerability in SourceCodester Content Management System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter to content_management_system\admin\new_content.php
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-25197
Partager : LinkedIn / Twitter / Facebook

CVE-2020-36033 - SQL injection vulnerability in SourceCodester Water Billing System 1.0 via the id parameter to edituser.php.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-36033
Partager : LinkedIn / Twitter / Facebook

CVE-2015-2100 - Multiple stack-based buffer overflows in WebGate eDVR Manager and Control Center allow remote attackers to execute arbitrary code via unspecified vectors to the (1) TCPDiscover or (2) TCPDiscover2 function in the WESPDiscovery.WESPDiscoveryCtrl.1 control.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2015-2100
Partager : LinkedIn / Twitter / Facebook

CVE-2015-2099 - Multiple buffer overflows in WebGate Control Center allow remote attackers to execute arbitrary code via unspecified vectors to the (1) GetRecFileInfo function in the FileConverter.FileConverterCtrl.1 control, (2) Login function in the LoginContoller.LoginControllerCtrl.1 control, or (3) GetThumbnail function in the WESPPlayback.WESPPlaybackCtrl.1 control.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2015-2099
Partager : LinkedIn / Twitter / Facebook

CVE-2015-2098 - Multiple stack-based buffer overflows in WebGate eDVR Manager allow remote attackers to execute arbitrary code via unspecified vectors to the (1) Connect, (2) ConnectEx, or (3) ConnectEx2 function in the WESPEvent.WESPEventCtrl.1 control; (4) AudioOnlySiteChannel function in the WESPPlayback.WESPPlaybackCtrl.1 control; (5) Connect or (6) ConnectEx function in the WESPPTZ.WESPPTZCtrl.1 control; (7) SiteChannel property in the WESPPlayback.WESPPlaybackCtrl.1 control; (8) SiteName property in the WESPPlayback.WESPPlaybackCtrl.1 control; or (9) OpenDVrSSite function in the WESPPTZ.WESPPTZCtrl.1 control.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2015-2098
Partager : LinkedIn / Twitter / Facebook

CVE-2021-37403 - OX App Suite before 7.10.3-rev32 and 7.10.4 before 7.10.4-rev18 allows XSS via a code snippet (user-generated content) when a sharing link is created and an App Loader relative URL is used.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-37403
Partager : LinkedIn / Twitter / Facebook

CVE-2021-37402 - OX App Suite before 7.10.3-rev32 and 7.10.4 before 7.10.4-rev18 allows XSS via binary data that is mishandled when the legacy dataretrieval endpoint has been enabled.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-37402
Partager : LinkedIn / Twitter / Facebook

CVE-2021-33478 - The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. This, for example, affects certain Cisco IP Phone and Wireless IP Phone products before 2021-07-07. Exploitation is possible only when the attacker can disassemble the device in order to control the voltage/current for chip pins.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-33478
Partager : LinkedIn / Twitter / Facebook

CVE-2021-29657 - arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD KVM guest can bypass access control on host OS MSRs when there are nested guests, aka CID-a58d9166a756. This occurs because of a TOCTOU race condition associated with a VMCB12 double fetch in nested_svm_vmrun.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-29657
Partager : LinkedIn / Twitter / Facebook

CVE-2021-26699 - OX App Suite before 7.10.3-rev4 and 7.10.4 before 7.10.4-rev4 allows SSRF via a shared SVG document that is mishandled by the imageconverter component when the .png extension is used.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-26699
Partager : LinkedIn / Twitter / Facebook

CVE-2021-26698 - OX App Suite before 7.10.3-rev32 and 7.10.4 before 7.10.4-rev18 allows XSS via a code snippet (user-generated content) when a sharing link is created and the dl parameter is used.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-26698
Partager : LinkedIn / Twitter / Facebook

CVE-2021-26232 - SQL injection vulnerability in SourceCodester Simple College Website v 1.0 allows remote attackers to execute arbitrary SQL statements via the id parameter to news.php.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-26232
Partager : LinkedIn / Twitter / Facebook

CVE-2021-26231 - SQL injection vulnerability in SourceCodester Fantastic Blog CMS v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to category.php.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-26231
Partager : LinkedIn / Twitter / Facebook

CVE-2021-26230 - Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the user information to save_user.php.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-26230
Partager : LinkedIn / Twitter / Facebook

CVE-2021-26229 - SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_stud.php.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-26229
Partager : LinkedIn / Twitter / Facebook

CVE-2021-26228 - SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_class1.php.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-26228
Partager : LinkedIn / Twitter / Facebook

CVE-2021-26227 - Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the student information parameters to edit_stud.php.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-26227
Partager : LinkedIn / Twitter / Facebook

CVE-2020-5370 - Dell EMC OpenManage Enterprise (OME) versions prior to 3.4 contain an arbitrary file overwrite vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to overwrite arbitrary files via directory traversal sequences using a crafted tar file to inject malicious RPMs which may cause a denial of service or perform unauthorized actions.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-5370
Partager : LinkedIn / Twitter / Facebook

CVE-2020-5316 - Dell SupportAssist for Business PCs versions 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3 and Dell SupportAssist for Home PCs version 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3, 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, 3.2.1, 3.2.2, 3.3, 3.3.1, 3.3.2, 3.3.3, 3.4 contain an uncontrolled search path vulnerability. A locally authenticated low privileged user could exploit this vulnerability to cause the loading of arbitrary DLLs by the SupportAssist binaries, resulting in the privileged execution of arbitrary code.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-5316
Partager : LinkedIn / Twitter / Facebook

CVE-2021-34700 - A vulnerability in the CLI interface of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read arbitrary files on the underlying file system of an affected system. This vulnerability exists because access to sensitive information on an affected system is not sufficiently controlled. An attacker could exploit this vulnerability by gaining unauthorized access to sensitive information on an affected system. A successful exploit could allow the attacker to create forged authentication requests and gain unauthorized access to the web UI of an affected system.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-34700
Partager : LinkedIn / Twitter / Facebook

CVE-2021-26765 - SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the sid parameter to edit-sub.php.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-26765
Partager : LinkedIn / Twitter / Facebook

CVE-2021-26764 - SQL injection vulnerability in PHPGurukul Student Record System v 4.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit-std.php.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-26764
Partager : LinkedIn / Twitter / Facebook

CVE-2021-26762 - SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the cid parameter to edit-course.php.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-26762
Partager : LinkedIn / Twitter / Facebook

CVE-2021-1618 - Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to do one or both of the following: Execute a command using crafted input Upload a file that has been altered using path traversal techniques A successful exploit could allow the attacker to read and write arbitrary files or execute arbitrary commands as root on an affected system. For more information about these vulnerabilities, see the Details section of this advisory.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-1618
Partager : LinkedIn / Twitter / Facebook

CVE-2021-1617 - Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to do one or both of the following: Execute a command using crafted input Upload a file that has been altered using path traversal techniques A successful exploit could allow the attacker to read and write arbitrary files or execute arbitrary commands as root on an affected system. For more information about these vulnerabilities, see the Details section of this advisory.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-1617
Partager : LinkedIn / Twitter / Facebook

CVE-2021-1614 - A vulnerability in the Multiprotocol Label Switching (MPLS) packet handling function of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to gain access to information stored in MPLS buffer memory. This vulnerability is due to insufficient handling of malformed MPLS packets that are processed by a device that is running Cisco SD-WAN Software. An attacker could exploit this vulnerability by sending a crafted MPLS packet to an affected device that is running Cisco SD-WAN Software or Cisco SD-WAN vManage Software. A successful exploit could allow the attacker to gain unauthorized access to sensitive information.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-1614
Partager : LinkedIn / Twitter / Facebook

CVE-2021-1601 - Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from an external interface. These vulnerabilities are due to insufficient restrictions for IPv4 or IPv6 packets that are received on the external management interface. An attacker could exploit these vulnerabilities by sending specific traffic to this interface on an affected device. A successful exploit could allow the attacker to access sensitive internal services and make configuration changes on the affected device.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-1601
Partager : LinkedIn / Twitter / Facebook

CVE-2021-1600 - Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from an external interface. These vulnerabilities are due to insufficient restrictions for IPv4 or IPv6 packets that are received on the external management interface. An attacker could exploit these vulnerabilities by sending specific traffic to this interface on an affected device. A successful exploit could allow the attacker to access sensitive internal services and make configuration changes on the affected device.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-1600
Partager : LinkedIn / Twitter / Facebook

CVE-2021-1599 - A vulnerability in the web-based management interface of Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack against a user. This vulnerability is due to insufficient input validation of a parameter that is used by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary code in the context of the interface, access sensitive, browser-based information, or cause an affected device to reboot under certain conditions.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-1599
Partager : LinkedIn / Twitter / Facebook

CVE-2021-1518 - A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. This vulnerability is due to insufficient sanitization of user input on specific REST API commands. An attacker could exploit this vulnerability by sending a crafted HTTP request to the API subsystem of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system. To exploit this vulnerability, an attacker would need valid low-privileged user credentials.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-1518
Partager : LinkedIn / Twitter / Facebook

CVE-2021-34431 - In Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client that had connected with MQTT v5 sent a crafted CONNECT message to the broker a memory leak would occur, which could be used to provide a DoS attack against the broker.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-34431
Partager : LinkedIn / Twitter / Facebook

CVE-2021-29149 - A local bypass security restrictions vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-29149
Partager : LinkedIn / Twitter / Facebook

CVE-2021-29148 - A local cross-site scripting (XSS) vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-29148
Partager : LinkedIn / Twitter / Facebook

CVE-2021-29143 - A remote execution of arbitrary commands vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-29143
Partager : LinkedIn / Twitter / Facebook

CVE-2021-22001 - In UAA versions prior to 75.3.0, sensitive information like relaying secret of the provider was revealed in response when deletion request of an identity provider( IdP) of type “oauth 1.0” was sent to UAA server.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-22001
Partager : LinkedIn / Twitter / Facebook

CVE-2021-30110 - dttray.exe in Greyware Automation Products Inc Domain Time II before 5.2.b.20210331 allows remote attackers to execute arbitrary code via a URL to a malicious update in a spoofed response to the UDP query used to check for updates.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-30110
Partager : LinkedIn / Twitter / Facebook

CVE-2019-20467 - An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. The device by default has a TELNET interface available (which is not advertised or functionally used, but is nevertheless available). Two backdoor accounts (root and default) exist that can be used on this interface. The usernames and passwords of the backdoor accounts are the same on all devices. Attackers can use these backdoor accounts to obtain access and execute code as root within the device.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2019-20467
Partager : LinkedIn / Twitter / Facebook

CVE-2021-35522 - A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-35522
Partager : LinkedIn / Twitter / Facebook

CVE-2021-35521 - A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-35521
Partager : LinkedIn / Twitter / Facebook

CVE-2021-35520 - A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-35520
Partager : LinkedIn / Twitter / Facebook

CVE-2021-30486 - SysAid 20.3.64 b14 is affected by Blind and Stacker SQL injection via AssetManagementChart.jsp (GET computerID), AssetManagementChart.jsp (POST group1), AssetManagementList.jsp (GET computerID or group1), or AssetManagementSummary.jsp (GET group1).
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-30486
Partager : LinkedIn / Twitter / Facebook

CVE-2021-30049 - SysAid 20.3.64 b14 is affected by Cross Site Scripting (XSS) via a /KeepAlive.jsp?stamp= URI.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-30049
Partager : LinkedIn / Twitter / Facebook

CVE-2021-22523 - XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions. The vulnerability could allow the control of web browser and hijacking user sessions.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-22523
Partager : LinkedIn / Twitter / Facebook

CVE-2021-22522 - Reflected Cross-Site Scripting vulnerability in Micro Focus Verastream Host Integrator, affecting version version 7.8 Update 1 and earlier versions. The vulnerability could allow disclosure of confidential data.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-22522
Partager : LinkedIn / Twitter / Facebook

CVE-2021-20596 - NULL Pointer Dereference in MELSEC-F Series FX3U-ENET firmware version 1.14 and prior, FX3U-ENET-L firmware version 1.14 and prior and FX3U-ENET-P502 firmware version 1.14 and prior allows a remote unauthenticated attacker to cause a DoS condition in communication by sending specially crafted packets. Control by MELSEC-F series PLC is not affected and system reset is required for recovery.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-20596
Partager : LinkedIn / Twitter / Facebook

CVE-2021-28131 - Impala sessions use a 16 byte secret to verify that the session is not being hijacked by another user. However, these secrets appear in the Impala logs, therefore Impala users with access to the logs can use another authenticated user's sessions with specially constructed requests. This means the attacker is able to execute statements for which they don't have the necessary privileges otherwise. Impala deployments with Apache Sentry or Apache Ranger authorization enabled may be vulnerable to privilege escalation if an authenticated attacker is able to hijack a session or query from another authenticated user with privileges not assigned to the attacker. Impala deployments with audit logging enabled may be vulnerable to incorrect audit logging as a user could undertake actions that were logged under the name of a different authenticated user. Constructing an attack requires a high degree of technical sophistication and access to the Impala system as an authenticated user. Mitigation: If an Impala deployment uses Apache Sentry, Apache Ranger or audit logging, then users should upgrade to a version of Impala with the fix for IMPALA-10600. The Impala 4.0 release includes this fix. This hides session secrets from the logs to eliminate the risk of any attack using this mechanism. In lieu of an upgrade, restricting access to logs that expose secrets will reduce the risk of an attack. Restricting access to the Impala deployment to trusted users will also reduce the risk of an attack. Log redaction techniques can be used to redact secrets from the logs.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-28131
Partager : LinkedIn / Twitter / Facebook

CVE-2021-36934 - Windows Elevation of Privilege Vulnerability
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-36934
Partager : LinkedIn / Twitter / Facebook

CVE-2021-1096 - NVIDIA Windows GPU Display Driver for Windows contains a vulnerability in the NVIDIA kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where dereferencing a NULL pointer may lead to a system crash.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-1096
Partager : LinkedIn / Twitter / Facebook

CVE-2021-1095 - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handlers for all control calls with embedded parameters where dereferencing an untrusted pointer may lead to denial of service.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-1095
Partager : LinkedIn / Twitter / Facebook

CVE-2021-1094 - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an out of bounds array access may lead to denial of service or information disclosure.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-1094
Partager : LinkedIn / Twitter / Facebook

CVE-2021-1093 - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-1093
Partager : LinkedIn / Twitter / Facebook

CVE-2021-1092 - NVIDIA GPU Display Driver for Windows contains a vulnerability in the NVIDIA Control Panel application where it is susceptible to a Windows file system symbolic link attack where an unprivileged attacker can cause the applications to overwrite privileged files, resulting in potential denial of service or data loss.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-1092
Partager : LinkedIn / Twitter / Facebook

CVE-2021-1091 - NVIDIA GPU Display driver for Windows contains a vulnerability where an unprivileged user can create a file hard link that causes the driver to overwrite a file that requires elevated privilege to modify, which could lead to data loss or denial of service.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-1091
Partager : LinkedIn / Twitter / Facebook

CVE-2021-1090 - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for control calls where the software reads or writes to a buffer by using an index or pointer that references a memory location after the end of the buffer, which may lead to data tampering or denial of service.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-1090
Partager : LinkedIn / Twitter / Facebook

CVE-2021-1089 - NVIDIA GPU Display Driver for Windows contains a vulnerability in nvidia-smi where an uncontrolled DLL loading path may lead to arbitrary code execution, denial of service, information disclosure, and data tampering.
22/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-1089
Partager : LinkedIn / Twitter / Facebook

CVE-2021-32756 - ManageIQ is an open-source management platform. In versions prior to jansa-4, kasparov-2, and lasker-1, there is a flaw in the MiqExpression module of ManageIQ where a low privilege user could enter a crafted Ruby string which would be evaluated. Successful exploitation will allow an attacker to execute arbitrary code with root privileges on the host system. There are patches for this issue in releases named jansa-4, kasparov-2, and lasker-1. If possible, restrict users, via RBAC, to only the part of the application that they need access to. While MiqExpression is widely used throughout the product, restricting users can limit the surface of the attack.
21/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-32756
Partager : LinkedIn / Twitter / Facebook

CVE-2021-35482 - An issue was discovered in Barco MirrorOp Windows Sender before 2.5.4.70. An attacker in the local network is able to achieve Remote Code Execution (with user privileges of the local user) on any device that tries to connect to a WePresent presentation system.
21/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-35482
Partager : LinkedIn / Twitter / Facebook

CVE-2021-34816 - An Argument Injection issue in the plugin management of Etherpad 1.8.13 allows privileged users to execute arbitrary code on the server by installing plugins from an attacker-controlled source.
21/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-34816
Partager : LinkedIn / Twitter / Facebook

CVE-2021-32745 - Collabora Online is a collaborative online office suite. A reflected XSS vulnerability was found in Collabora Online prior to version 6.4.9-5. An attacker could inject unescaped HTML into a variable as they created the Collabora Online iframe, and execute scripts inside the context of the Collabora Online iframe. This would give access to a small set of user settings stored in the browser, as well as the session's authentication token which was also passed in at iframe creation time. The issue is patched in Collabora Online 6.4.9-5. Collabora Online 4.2 is not affected.
21/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-32745
Partager : LinkedIn / Twitter / Facebook

CVE-2020-19499 - An issue was discovered in heif::Box_iref::get_references in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impact due to an invalid memory read.
21/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-19499
Partager : LinkedIn / Twitter / Facebook

CVE-2020-19498 - Floating point exception in function Fraction in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impacts.
21/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-19498
Partager : LinkedIn / Twitter / Facebook

CVE-2020-19497 - Integer overflow vulnerability in Mat_VarReadNextInfo5 in mat5.c in tbeu matio (aka MAT File I/O Library) 1.5.17, allows attackers to cause a Denial of Service or possibly other unspecified impacts.
21/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-19497
Partager : LinkedIn / Twitter / Facebook

CVE-2020-19492 - There is a floating point exception in ReadImage that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.
21/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-19492
Partager : LinkedIn / Twitter / Facebook

CVE-2020-19491 - There is an invalid memory access bug in cgif.c that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.
21/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-19491
Partager : LinkedIn / Twitter / Facebook

CVE-2020-19490 - tinyexr 0.9.5 has a integer overflow over-write in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code.
21/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-19490
Partager : LinkedIn / Twitter / Facebook

CVE-2020-19488 - An issue was discovered in box_code_apple.c:119 in Gpac MP4Box 0.8.0, allows attackers to cause a Denial of Service due to an invalid read on function ilst_item_Read.
21/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-19488
Partager : LinkedIn / Twitter / Facebook

CVE-2020-19481 - An issue was discovered in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid memory read in gf_m2ts_process_pmt in media_tools/mpegts.c that can cause a denial of service via a crafted MP4 file.
21/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-19481
Partager : LinkedIn / Twitter / Facebook

CVE-2020-19475 - An issue has been found in function CCITTFaxStream::lookChar in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid write of size 2 .
21/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-19475
Partager : LinkedIn / Twitter / Facebook

CVE-2020-19474 - An issue has been found in function Gfx::doShowText in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an Use After Free .
21/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-19474
Partager : LinkedIn / Twitter / Facebook

CVE-2020-19473 - An issue has been found in function DCTStream::decodeImage in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an uncaught floating point exception.
21/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-19473
Partager : LinkedIn / Twitter / Facebook

CVE-2020-19472 - An issue has been found in function DCTStream::readHuffSym in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 2 .
21/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-19472
Partager : LinkedIn / Twitter / Facebook

CVE-2020-19471 - An issue has been found in function DCTStream::decodeImage in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 4 .
21/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-19471
Partager : LinkedIn / Twitter / Facebook

Les annonces ayant été modifiées dernièrement

CVE-2021-33910 - basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.
24/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-33910
Partager : LinkedIn / Twitter / Facebook

CVE-2021-32786 - mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9, `oidc_validate_redirect_url()` does not parse URLs the same way as most browsers do. As a result, this function can be bypassed and leads to an Open Redirect vulnerability in the logout functionality. This bug has been fixed in version 2.4.9 by replacing any backslash of the URL to redirect with slashes to address a particular breaking change between the different specifications (RFC2396 / RFC3986 and WHATWG). As a workaround, this vulnerability can be mitigated by configuring `mod_auth_openidc` to only allow redirection whose destination matches a given regular expression.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-32786
Partager : LinkedIn / Twitter / Facebook

CVE-2021-32785 - mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When mod_auth_openidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache (`OIDCCacheEncrypt off`, `OIDCSessionType server-cache`, `OIDCCacheType redis`), `mod_auth_openidc` wrongly performed argument interpolation before passing Redis requests to `hiredis`, which would perform it again and lead to an uncontrolled format string bug. Initial assessment shows that this bug does not appear to allow gaining arbitrary code execution, but can reliably provoke a denial of service by repeatedly crashing the Apache workers. This bug has been corrected in version 2.4.9 by performing argument interpolation only once, using the `hiredis` API. As a workaround, this vulnerability can be mitigated by setting `OIDCCacheEncrypt` to `on`, as cache keys are cryptographically hashed before use when this option is enabled.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-32785
Partager : LinkedIn / Twitter / Facebook

CVE-2021-34268 - An issue in the USBH_ParseDevDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) via a malformed USB device packet.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-34268
Partager : LinkedIn / Twitter / Facebook

CVE-2021-34267 - An in the USBH_MSC_InterfaceInit() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) when the system tries to communicate with the connected endpoint.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-34267
Partager : LinkedIn / Twitter / Facebook

CVE-2021-34262 - A buffer overflow vulnerability in the USBH_ParseEPDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to execute arbitrary code.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-34262
Partager : LinkedIn / Twitter / Facebook

CVE-2021-34261 - An issue in USBH_ParseCfgDesc() of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service due to the system hanging when trying to set a remote wake-up feature.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-34261
Partager : LinkedIn / Twitter / Facebook

CVE-2021-34260 - A buffer overflow vulnerability in the USBH_ParseInterfaceDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to execute arbitrary code.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-34260
Partager : LinkedIn / Twitter / Facebook

CVE-2021-34259 - A buffer overflow vulnerability in the USBH_ParseCfgDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to execute arbitrary code.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-34259
Partager : LinkedIn / Twitter / Facebook

CVE-2021-25213 - SQL injection vulnerability in SourceCodester Travel Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the catid parameter to subcat.php.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-25213
Partager : LinkedIn / Twitter / Facebook

CVE-2021-25211 - Arbitrary file upload vulnerability in SourceCodester Ordering System v 1.0 allows attackers to execute arbitrary code, via the file upload to ordering\admin\products\edit.php.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-25211
Partager : LinkedIn / Twitter / Facebook

CVE-2021-25209 - SQL injection vulnerability in SourceCodester Theme Park Ticketing System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to view_user.php .
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-25209
Partager : LinkedIn / Twitter / Facebook

CVE-2021-25205 - SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 allows remote attackers to execute arbitrary SQL statements, via the update parameter to empViewUpdate.php .
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-25205
Partager : LinkedIn / Twitter / Facebook

CVE-2020-22284 - A buffer overflow vulnerability in the zepif_linkoutput() function of Free Software Foundation lwIP git head version and version 2.1.2 allows attackers to access sensitive information via a crafted 6LoWPAN packet.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-22284
Partager : LinkedIn / Twitter / Facebook

CVE-2020-22283 - A buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif() function of Free Software Foundation lwIP version git head allows attackers to access sensitive information via a crafted ICMPv6 packet.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-22283
Partager : LinkedIn / Twitter / Facebook

CVE-2021-3540 - By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. This issue was fixed in version 11.1.0.0.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-3540
Partager : LinkedIn / Twitter / Facebook

CVE-2021-3198 - By abusing the 'install rpm url' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. This issue was fixed in version 11.1.0.0.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-3198
Partager : LinkedIn / Twitter / Facebook

CVE-2021-3619 - Rapid7 Velociraptor 0.5.9 and prior is vulnerable to a post-authentication persistent cross-site scripting (XSS) issue, where an authenticated user could abuse MIME filetype sniffing to embed executable code on a malicious upload. This issue was fixed in version 0.6.0. Note that login rights to Velociraptor is nearly always reserved for trusted and verified users with IT security backgrounds.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-3619
Partager : LinkedIn / Twitter / Facebook

CVE-2021-31581 - The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 (and later), Akkadian Provisioning Manager 5.0.2 (and later), and Akkadian Appliance Manager 3.3.0.314-4a349e0 (and later).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-31581
Partager : LinkedIn / Twitter / Facebook

CVE-2021-31580 - The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be bypassed by switching the OpenSSH channel from `shell` to `exec` and providing the ssh client a single execution parameter. This issue was resolved in Akkadian OVA appliance version 3.0 (and later), Akkadian Provisioning Manager 5.0.2 (and later), and Akkadian Appliance Manager 3.3.0.314-4a349e0 (and later).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-31580
Partager : LinkedIn / Twitter / Facebook

CVE-2021-31579 - Akkadian Provisioning Manager Engine (PME) ships with a hard-coded credential, akkadianuser:haakkadianpassword. This issue was resolved in Akkadian OVA appliance version 3.0 (and later), Akkadian Provisioning Manager 5.0.2 (and later), and Akkadian Appliance Manager 3.3.0.314-4a349e0 (and later).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-31579
Partager : LinkedIn / Twitter / Facebook

CVE-2021-27332 - Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the class_name parameter to update_class.php.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-27332
Partager : LinkedIn / Twitter / Facebook

CVE-2021-26224 - Cross-site scripting (XSS) vulnerability in SourceCodester Fantastic-Blog-CMS V 1.0 allows remote attackers to inject arbitrary web script or HTML via the search field to search.php.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-26224
Partager : LinkedIn / Twitter / Facebook

CVE-2021-26223 - SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to view_pay.php.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-26223
Partager : LinkedIn / Twitter / Facebook

CVE-2021-25212 - SQL injection vulnerability in SourceCodester Alumni Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to manage_event.php.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-25212
Partager : LinkedIn / Twitter / Facebook

CVE-2021-25210 - Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to manage_event.php.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-25210
Partager : LinkedIn / Twitter / Facebook

CVE-2020-7390 - Sage X3 Stored XSS Vulnerability on ‘Edit’ Page of User Profile. An authenticated user can pass XSS strings the "First Name," "Last Name," and "Email Address" fields of this web application component. Updates are available for on-premises versions of Version 12 (components shipped with Syracuse 12.10.0 and later) of Sage X3. Other on-premises versions of Sage X3 are unaffected or unsupported by the vendor.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-7390
Partager : LinkedIn / Twitter / Facebook

CVE-2020-7389 - Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass OS commands via this variable used by the web application. Note, this developer configuration should not be deployed in production.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-7389
Partager : LinkedIn / Twitter / Facebook

CVE-2020-7388 - Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By editing the client side authentication request, an attacker can bypass credential validation. While exploiting this does require knowledge of the installation path, that information can be learned by exploiting CVE-2020-7387. This issue was fixed in AdxAdmin 93.2.53, which ships with updates for on-premises versions of Sage X3 including Version 9 (components shipped with Syracuse 9.22.7.2 and later), Sage X3 HR & Payroll Version 9 (those components that ship with Syracuse 9.24.1.3), Version 11 (components shipped with Syracuse 11.25.2.6 and later), and Version 12 (components shipped with Syracuse 12.10.2.8 and later) of Sage X3. Other on-premises versions of Sage X3 are unsupported by the vendor.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-7388
Partager : LinkedIn / Twitter / Facebook

CVE-2020-7387 - Sage X3 Installation Pathname Disclosure. A specially crafted packet can elicit a response from the AdxDSrv.exe component that reveals the installation directory of the product. Note that this vulnerability can be combined with CVE-2020-7388 to achieve full RCE. This issue was fixed in AdxAdmin 93.2.53, which ships with updates for on-premises versions of Sage X3 Version 9 (components shipped with Syracuse 9.22.7.2 and later), Sage X3 HR & Payroll Version 9 (those components that ship with Syracuse 9.24.1.3), Version 11 (components shipped with Syracuse 11.25.2.6 and later), and Version 12 (components shipped with Syracuse 12.10.2.8 and later) of Sage X3. Other on-premises versions of Sage X3 are unsupported by the vendor.
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2020-7387
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2444 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2444
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2441 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2441
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2440 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2440
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2437 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2437
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2432 - Vulnerability in the Java SE product of Oracle Java SE (component: JNDI). The supported version that is affected is Java SE: 7u301. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2432
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2429 - Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2429
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2428 - Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2428
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2427 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2427
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2426 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2426
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2425 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2425
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2424 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2424
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2422 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2422
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2418 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2418
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2417 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: GIS). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data and unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2417
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2412 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2412
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2411 - Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: JS module). Supported versions that are affected are 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2411
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2410 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2410
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2409 - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2409
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2408 - Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Notification Configuration). The supported version that is affected is 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PT PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PT PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PT PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PT PeopleTools accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2408
Partager : LinkedIn / Twitter / Facebook

CVE-2021-2407 - Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.57, 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
23/07/2021 | https://nvd.nist.gov/vuln/detail/CVE-2021-2407
Partager : LinkedIn / Twitter / Facebook