Researchers discovered a way to inject data through the passphrase property of the gnupg.GPG.encrypt() and gnupg.GPG.decrypt() methods when symmetric encryption is used. The supplied passphrase is not validated for newlines, and the library passes --passphrase-fd=0 to the gpg executable, which expects the passphrase on the first line of stdin, and the ciphertext to be decrypted or plaintext to be encrypted on subsequent lines. By supplying a passphrase containing a newline an attacker can control/modify the ciphertext/plaintext being decrypted/encrypted. Proof of concept exploit included. Version 0.4.3 is affected.
2ddd6ea3428cff6a5351b694f600825f17bf24b9cc0a6b871e114db2d991529a
Podcast Generator version 2.7 suffers from a persistent cross site scripting vulnerability.
342aa0add9d97bf1e5a03940d7b2d050192f55a9959995061ac92669ad0ea45a
Apple Security Advisory 2019-1-24-1 - iTunes 12.9.3 for Windows is now available and addresses code execution and cross site scripting vulnerabilities.
ac79794ec22441e2867245a8673787a895a1818b2a307cea606a45fb20502f9a
Green CMS version 2.x suffers from arbitrary file and directory download vulnerabilities.
7a59de12b3748877d64521ce09e47e0f8cc72dbfdf74601538a71773948eac29
Green CMS version 2.x suffers from a remote SQL injection vulnerability.
bf9d26094abaa46d3909203a826a37b8642c913de2d637a38daa95492576c897
Joomla RSFirewall component version 2.11.25 suffers from a database disclosure vulnerability.
cc831fedf778341c9441a1d649f14fbc4dde0f211990168812eb2d59b1b240ec
Lua version 5.3.5 suffers from a use-after-free vulnerability.
e4fa1f2a58aeecca822a55e272763709ae37bde58311cf5071a4a4b56331b1ad
WordPress Wisechat plugin version 2.6.3 suffers from a forced tab redirection flow that can aid in phishing attacks.
735a795a37627d01a0cb21c77897831a4970caff4a6ac87e4926f646c947d658
CA Automic Workload Automation Web Interface versions 12.0, 12.1, and 12.2 suffer from cross site scripting vulnerabilities.
c31a0d7f43b1fc69972bfcf43db6eacf665be4a8ff535f86886fe96b5634cd57
Endian Firewall Community release version 3.3.0 suffers from multiple cross site scripting vulnerabilities.
77efbdae60d700d9006292a6073020971d2b9a1fb71fff2e7ebb7addbe8101d3
CA Technologies Support is alerting customers to a potential risk with CA Automic Workload Automation Automic Web Interface (AWI). A vulnerability exists that can allow an attacker to potentially conduct persistent cross site scripting (XSS) attacks. The vulnerability has a medium risk rating and concerns insufficient output sanitization, which can allow an attacker to potentially conduct persistent cross site scripting (XSS) attacks. Versions 12.0, 12.1 and 12.2 are affected.
2d0f5efc3794a546ccb3a1a16e6a7ffb08045f0e8c7fd8e494d47a2b7001e01d
Red Hat Security Advisory 2019-0160-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.4.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.
0eab7472c7f430ba1c73c0806d5414fccb11a327c2106d82bf61ac2ec3906bbf
Ubuntu Security Notice 3868-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass same-origin restrictions, or execute arbitrary code.
85233d2f28c9005d6f996d2675c0d1f4b94b69c26083039521f3cc4a116d3f42
Ubuntu Security Notice 3869-1 - Ivan Zhakov discovered that Subversion incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service.
74ce9c4546b2646e8f35d2590f209dd0480300722e89c38524888e895003b6af
Red Hat Security Advisory 2019-0159-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.4.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.
4b293c377b9c126c1f64c864bad6bb138798a4a720559e51bba799a78c547adc
Splunk Enterprise version 7.2.3 authenticated remote reverse shell code execution exploit.
b6118470c9d2715eff34c6d16eae7f5de6cc9ad08abf24dee9adf93603da43c9
MySQL user-defined (Linux) x32 / x86_64 sys_execfunction local privilege escalation exploit. Can be leveraged against versions 4.x and 5.x.
e02a501fdb4102e5f71e848ff9b84f09cf44dd7eb311fd41c2c28f7b0c71ba5b
SirsiDynix e-Library version 3.5.x suffers from a cross site scripting vulnerability.
ff68cc093cad71b3daf1be92223c3d972c0471970400b0371cd0c0dce3e39c4d
Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.
9d4a00625065f25058f8966e7fb11f9f72db25507b4dd9c05f57e14447c33295
RedTeam Pentesting discovered a command injection vulnerability in the web-based certificate generator feature of the Cisco RV320 router. Versions 1.4.2.15 through 1.4.2.19 are affected. Fixed in version 1.4.2.20.
0ef1e407d0628e9e533465222b68937646fa1649db7cb36d50953a7f19722bfc
RedTeam Pentesting discovered that the Cisco RV320 router exposes sensitive diagnostic data without authentication through the device's web interface. Versions affected include 1.4.2.15 and 1.4.2.17.
fdf7195ccf0d6541be985c8d496c6247eb5c5e6f97854845e3c59933dda9393d
RedTeam Pentesting discovered that the configuration of a Cisco RV320 router may be exported without authentication through the device's web interface. Affected versions include 1.4.2.15 and 1.4.2.17.
942511fa9b0bd63bd49cf08b8956b08f9864c3d173a12a505da9fb6a9e650162
RVAsec is a Richmond, VA based security convention that brings top industry speakers to the Mid-Atlantic region. In its seventh year, RVAsec 2018 attracted over 650 security professionals from across the country. For 2019, the conference is a two day and three track format, with a mixed focus on technical and management/business presentations. It will take place May 22nd through the 23rd, 2019 in Richmond, VA, USA.
8974d2d1e248d9eb8b49d845d9b6a320091e9741f834a83e500764e6494e4e41
ImpressCMS version 1.3.11 suffers from a remote SQL injection vulnerability.
1f92f65e0c60882962f5d6c4b59a7be2a58d708a412519adac5add21a7aa75f5
task_swap_mach_voucher() on iOS and macOS have an issue where task_swap_mach_voucher() does not respect MIG semantics leading to a use-after-free condition.
0257494f6d9310ec9e5e1c1bff8a123fa3b6a565f2650f06da253e0be3adc7d9