QNAP MusicStation and MalwareRemover are affected by arbitrary file upload and command injection vulnerabilities, leading to pre-authentication remote command execution with root privileges on the NAS.
dddda20f7202ce5358af06526c5259d1f75a28b841ba2fcc6fd3fd23682bb880
WordPress LifterLMS plugin version 4.21.0 suffers from a persistent cross site scripting vulnerability.
20b27b98b2e22747764f7a39e413c4251aa23f2a701c00e2bc61df557d7309b3
Selenium version 3.141.59 remote code execution exploit.
31a04d36d587ab0a205023d11f001f9667bf27577d83ddca22b7e833833f61a8
An upgrade account is included in the IoT Controller OVA that provides the vendor undocumented access via Secure Copy (SCP).
f6519f57eed331c93ca5644c3a83e240cb6fe2ee50133663e8ee3dad642af551
The IoT Controller web application includes a NodeJS module, node-red, which has the capability for users to read or write to local files on the IoT Controller. With the elevated privileges the web application runs as, this allowed for reading and writing to any file on the IoT Controller filesystem.
ab0f31561d42610f5ba5969c33fa30d3f807865c8f1eaac846a5b376b04319c7
A Python script (web.py) for a Dockerized webservice contains a directory traversal vulnerability, which can be leveraged by an authenticated attacker to view the contents of directories on the IoT Controller.
671f09dc7253e2fd4b96a2bd934c4db733ea5c114369ba82a1d81b35d72836f3
An undocumented, administrative-level, hard-coded web application account exists in the IoT Controller OVA which cannot be changed by the customer.
2486beac57efb14715dc2756e1ddce5fd0beb0268fa52ef3547894a1a7be04a5
Hard-coded, system-level credentials exist on the Ruckus IoT Controller OVA image, and are exposed to attackers who mount the filesystem.
df1716ceee1afc4991054f7d3e009a901d7b28289e89a2bebb461c0a64b3b1d9
API keys for CommScope Ruckus are included in the IoT Controller OVA image, and are exposed to attackers who mount the filesystem.
b4f5b79b878528d1365915db1dfcf08d2ea164bfda75ebc9baab1499e553cb33
Three API endpoints for the IoT Controller are accessible without authentication. Two of the endpoints result in information leakage and consumption of computing/storage resources. The third API endpoint that does not require authentication allows for a factory reset of the IoT Controller.
a8546049f222180c6bd593bbd28ea7a598ba7bbcd08ac8c48b4f8ac76357ba7c
Ubuntu Security Notice 4969-2 - USN-4969-1 fixed a vulnerability in DHCP. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly handled lease file parsing. A remote attacker could possibly use this issue to cause DHCP to crash, resulting in a denial of service. Various other issues were also addressed.
e9cc2d12e74cf591ba5ef27f62ce025cf56eca8cf710a2e58d5e1102895452d6
Ubuntu Security Notice 4969-1 - Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly handled lease file parsing. A remote attacker could possibly use this issue to cause DHCP to crash, resulting in a denial of service.
be06ea6c2a98df3627755ff70eeb0760f093153455bffd6255cef51b438c3d29
Red Hat Security Advisory 2021-2139-01 - Red Hat Data Grid is a distributed, in-memory data store. This release of Red Hat Data Grid 8.2.0 serves as a replacement for Red Hat Data Grid 8.1.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, code execution, denial of service, information leakage, and server-side request forgery vulnerabilities.
26b79e23d99e81d46adcd853630427afc565a8681dad9bf539101220d92dd7b9
Gentoo Linux Security Advisory 202105-39 - Multiple vulnerabilities have been found in Ceph, the worst of which could result in privilege escalation. Versions less than 14.2.21 are affected.
7ab3522f846f6a648172b2520a0ceaea2ea557ede4081b724f6d25d68464c1a9
Red Hat Security Advisory 2021-2136-01 - An Openshift Logging bug fix release addresses an index validation issue.
8f9746dfa68f5ebe03798d9f8686052c21773b749d26577fe45138585199782b
Ubuntu Security Notice 4968-1 - It was discovered that LZ4 incorrectly handled certain memory operations. If a user or automated system were tricked into uncompressing a specially- crafted LZ4 file, a remote attacker could use this issue to cause LZ4 to crash, resulting in a denial of service, or possibly execute arbitrary code.
836e6f2c1fadbf1f7e75b0617c9bff905779ac807e186968f98c72a2f7cf62a7
Gentoo Linux Security Advisory 202105-38 - A vulnerability in nginx could lead to remote code execution. Versions less than 1.21.0 are affected.
20572af334a8f1e1ee046ba9e037e28de9c8585c3e1753cd1216bebc3019b5be
Pandora FMS version 6.0SP3 suffers from a cross site scripting vulnerability.
3b6f367e28fda80ee9013841f4548d6f8dac15f5ef5c2407f7565d83c29588af
The QImage class can read out-of-bounds when reading a specially-crafted PNG file, where a tag byte offset goes out of bounds. This could potentially allow an attacker to determine values in memory based on the QImage pixels, if QT is used to process untrusted images.
f89e3b09d6fb627d5b5269e3b5d3b0c770cd2aefc3bbd97c7b659ae459e07be2
Postbird version 0.8.4 suffers from a javascript injection vulnerability that allows for cross site scripting and local file inclusion.
a50f986fffa593ec901590f6e7af89c7caa33805339e420f6058a47850eb4854
An off-by-one error in ngx_resolver_copy() while processing DNS responses allows a network attacker to write a dot character ('.', 0x2E) out of bounds in a heap allocated buffer. The vulnerability can be triggered by a DNS response in reply to a DNS request from nginx when the resolver primitive is configured. A specially crafted packet allows overwriting the least significant byte of next heap chunk metadata with 0x2E. A network attacker capable of providing DNS responses to a nginx server can achieve Denial-of-Service and likely remote code execution. Due to the lack of DNS spoofing mitigations in nginx and the fact that the vulnerable function is called before checking the DNS Transaction ID, remote attackers might be able to exploit this vulnerability by flooding the victim server with poisoned DNS responses in a feasible amount of time.
3dfbbfc75ab8248919c960e6279f4525444e77d8b1532e2dc80da38820b690c4
Unicorn is a lightweight multi-platform, multi-architecture CPU emulator framework.
64fba177dec64baf3f11c046fbb70e91483e029793ec6a3e43b028ef14dc0d65
Gentoo Linux Security Advisory 202105-15 - Multiple vulnerabilities have been found in Prosŏdy IM, the worst of which could result in a Denial of Service condition. Versions less than 0.11.9 are affected.
f08be14d04709fb2b80d149bb91ae9406334d8659f93c161e700edfa779b129c
Apple Security Advisory 2021-05-25-6 - watchOS 7.5 addresses buffer overflow, code execution, cross site scripting, denial of service, out of bounds read, and use-after-free vulnerabilities.
bf5980198ddb010accfb5c43551d1ca9d78cd0ef77f89bcf61101d0efc901f78
Apple Security Advisory 2021-05-25-2 - macOS Big Sur 11.4 addresses buffer overflow, bypass, code execution, cross site scripting, denial of service, information leakage, null pointer, out of bounds read, out of bounds write, path sanitization, and use-after-free vulnerabilities.
b7bacb029f8caaf126c79185f04a21c9db5d08fb8a900666c62f076ff293a421