Whitepaper called I Got My Eye On You - Security Vulnerabilities In D-Link's Baby Monitor.
2c2970a1fc89c799e0699134614fd02b348d4262f0e120d66d7f16e295a0c9f9Ubuntu Security Notice 4422-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
7dcd993fd50205837696e35bde7c81e5db307327f344ba35a08787e7cf80312bRed Hat Security Advisory 2020-2906-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.10.0. Issues addressed include information leakage and use-after-free vulnerabilities.
ecc8103f2dfcc12785881ad593cefc17fb7a731e11e7a97ea8a8337d158917feThis Metasploit module exploits multiple vulnerabilities together in order to achieve remote code execution in Trend Micro Web Security versions prior to 6.5 SP2 Patch 4 (Build 1901).
9664c9cbae3eb80a568d35406cf2acc152b6130f2cb92627857e239b45ba2249Apartment Visitors Management System Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
1ce810af8f7172c7c37fd05e29671178a45c119726a6307bc1f3d207774c06d4Red Hat Security Advisory 2020-2907-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.10.0. Issues addressed include information leakage and use-after-free vulnerabilities.
a9e027161869f1986b9b6068aacd456cf1e54e2b2daa71f55c38e118eadb8e92BSA Radar version 1.6.7234.24750 suffers from a local file inclusion vulnerability.
a5e4591cdb29ce3091eb250f24b6a6f3970ce7a137c3d39d49b038763d282fa3Red Hat Security Advisory 2020-2902-01 - Scanner Access Now Easy is a universal scanner interface. The SANE application programming interface provides standardized access to any raster image scanner hardware. Issues addressed include a buffer overflow vulnerability.
fddb3b42a10f7304b4af56b4634432e24241823c6315846fd38143a6555f7dd0Cyber Cafe Management System from phpgurukul.com suffers from multiple remote SQL injection vulnerabilities. One allows for authentication bypass.
e5ac28857c7d844bbcdc7aa8916414c95f91750ab85c3717d81de642b9a3cf18Teachers Record Management System version 1.0 suffers from a remote SQL injection vulnerability.
5dd8f20ad5e6344f4277209100603d6b898b39c5356e93c1737c54112d7a9311Client Management System version 1.0 suffers from a remote SQL injection vulnerability.
2ff070df59ef7dc08ba4cf8b4ad5cbddc12cee40199cf99715b02b43e3908a14Red Hat Security Advisory 2020-2878-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
c769f46a3124b583bc8dadf43224c6e7e847781de370b027535ddf166888aec4BIG-IP versions 15.0.0 through 15.1.0.3, 14.1.0 through 14.1.2.5, 13.1.0 through 13.1.3.3, 12.1.0 through 12.1.5.1, and 11.6.1 through 11.6.5.1 suffer from Traffic Management User Interface (TMUI) arbitrary file read and command execution vulnerabilities. Checker CVE-2020-5902 is a scanning tool to look for vulnerable instances.
4455c097b1284508ebec37b188b4d83ade674a489a919e13a32be4d51586405eVerint Impact 360 version 15.1 suffers from a cross site request forgery vulnerability.
8c1ec5a43ee4412962b923d2c0abe80de645b915f6144f18aa147efd40de3464Verint Impact 360 version 15.1 suffers from an open redirection vulnerability.
f865cfc6fcac1fa347c28f60b5047a71f7ccd1d751dcc60cb93b1f3ddbca5721Verint Impact 360 version 15.1 has an issue where the helpURL parameter in wfo/help/help_popup.jsp can be changed to embed arbitrary content inside of an iFrame. Attackers may use this in conjunction with social engineering to embed malicious scripts or phishing pages on a site where this product is installed, given the attacker can convince a victim to visit a crafted link.
037db083b292ddba6c882f5cb6d036f5ab65f22b3161e14d9ede682bd0105457Various V-SOL OLTs suffer from multiple backdoor issues, hardcoded RSA keys, potential command injection, and insecure management vulnerabilities.
20f5c0e255904786d117f0970a2860bba9487e20530393ccb85c7c54cba91c1eGoogle's PlayServices has a built-in backdoor which allows Google Inc, or anybody who has access to some device owner's Google account to remotely silently deploy any apps (at least those listed in the AppStore).
e33e4b676a65b515729c81271908d18c840aadc2370f8a5643c5cdf980ce1785This is a whitepaper called APK Testing Report. It goes through various tooling used to analyze devices.
e7e292f4deaf2d179fba420362d70e5c6cc318e28dffe69d1e55a44b7ce8fe88
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed