Mida eFramework version 2.8.9 suffers from a remote code execution vulnerability.
f225e35594bf7ff572af9b86a1394a6aJoplin version 1.0.245 suffers from a cross site scripting vulnerability that can lead to allowing for remote code execution.
00da71016d73cb06ead4d170f5e72d1cUbuntu Security Notice 4541-1 - Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars discovered that Gnuplot did not properly validate string sizes in the df_generate_ascii_array_entry function. An attacker could possibly use this issue to cause a heap buffer overflow, resulting in a denial of service attack or arbitrary code execution. Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars discovered that Gnuplot did not properly validate string sizes in the PS_options function when the Gnuplot postscript terminal is used as a backend. An attacker could possibly use this issue to cause a buffer overflow, resulting in a denial of service attack or arbitrary code execution. Various other issues were also addressed.
a2d584e45b3bcb0222cfcf7ec75368abApple Security Advisory 2020-09-24-1 - macOS Catalina 10.15.6 Supplemental Update, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave are now available and address code execution and out of bounds read vulnerabilities.
515938eea09c5011442b4fd556e8582eBigTree CMS version 4.4.10 suffers from a remote code execution vulnerability.
353327fef903019f8b589b0223caf8baRed Hat Security Advisory 2020-3807-01 - The org.ovirt.engine-root is a core component of oVirt. Issues addressed include code execution and cross site scripting vulnerabilities.
780c083fc00b5826b5832bcbc0efebb5Online Food Ordering System version 1.0 suffers from a remote code execution vulnerability.
45b4d72b18145baad0b4ccdcaf01e06cThis Metasploit module exploits an authenticated command injection vulnerability in Artica Proxy, combined with an authentication bypass discovered on the same version, it is possible to trigger the vulnerability without knowing the credentials. The application runs in a virtual appliance and successful exploitation of this vulnerability yields remote code execution as root on the remote system.
2f2103c5669ae141590617b76ac578f0An unauthenticated Java object deserialization vulnerability exists in the CLI component for Jenkins versions 2.56 and below. The readFrom method within the Command class in the Jenkins CLI remoting component deserializes objects received from clients without first checking / sanitizing the data. Because of this, a malicious serialized object contained within a serialized SignedObject can be sent to the Jenkins endpoint to achieve code execution on the target.
aa3a16d8907d8d916ffb35f7f9dc700dComodo Unified Threat Management Web Console version 2.7.0 suffers from a remote code execution vulnerability.
e8a98806bdfaf3bf9d3fdfa1f17a5049Seat Reservation System version 1.0 suffers from an unauthenticated file upload vulnerability that allows for remote code execution.
f3302d01404a38c2cf0a759d35184237B-swiss 3 Digital Signage System version 3.6.5 suffers from an authenticated arbitrary PHP code execution vulnerability. The vulnerability is caused due to the improper verification of uploaded files in index.php script thru the rec_poza POST parameter. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script file that will be stored in the /usr/users directory. Due to an undocumented and hidden maintenance account admin_m which has the highest privileges in the application, an attacker can use these hard-coded credentials to authenticate and use the vulnerable image upload functionality to execute code on the server.
b8122e7dc5d8a3a0549b1366c4226983Apple Security Advisory 2020-09-16-5 - Xcode 12.0 is now available and addresses a code execution vulnerability.
aa20697b990b4cc8e09f4015dfba8ae1Apple Security Advisory 2020-09-16-3 - Safari 14.0 is now available and addresses code execution, cross site scripting, out of bounds write, and use-after-free vulnerabilities.
ae29185c1601a94111093736fc67de83Apple Security Advisory 2020-09-16-1 - iOS 14.0 and iPadOS 14.0 are now available and address code execution, cross site scripting, out of bounds read, and out of bounds write vulnerabilities.
bf2d39afbca775367e4876e819239e81TP-Link cloud cameras NCXXX series (NC200, NC210, NC220, NC230, NC250, NC260, NC450) are vulnerable to an authenticated command injection vulnerability. In all devices except NC210, despite a check on the name length in swSystemSetProductAliasCheck, no other checks are in place in order to prevent shell metacharacters from being introduced. The system name would then be used in swBonjourStartHTTP as part of a shell command where arbitrary commands could be injected and executed as root. NC210 devices cannot be exploited directly via /setsysname.cgi due to proper input validation. NC210 devices are still vulnerable since swBonjourStartHTTP did not perform any validation when reading the alias name from the configuration file. The configuration file can be written, and code execution can be achieved by combining this issue with CVE-2020-12110.
65581bfcfd69f6bd2c8b8917eda921c4Mantis Bug Tracker version 2.3.0 suffers from a remote code execution vulnerability.
b8224e074922b7417247b27948ca6d30SpamTitan version 7.07 suffers from an authenticated remote code execution vulnerability.
ca2b9bc9d086483e304d942fc84321d8Microsoft SQL Server Reporting Services 2016 suffers from a remote code execution vulnerability.
ce6d37b9f76993c4ef670912502b7095VTENEXT 19 CE suffers from a remote code execution vulnerability.
7e1925aab1a49335535c175d97fc5fbaTea LaTex version 1.0 suffers from an unauthenticated remote code execution vulnerability.
eacc96ce287373be9a31e4ae72cf492bCuteNews version 2.1.2 remote code execution exploit.
e176c78c1c1e2baa2f5c4ade2915f4fbRed Hat Security Advisory 2020-3616-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include bypass, code execution, and cross site scripting vulnerabilities.
2a08694d7af59fd8bf40152477cd5a0eThe Qualcomm Adreno GPU shares a global mapping called a "scratch" buffer with the Adreno KGSL kernel driver. The contents of the scratch buffer can be overwritten by untrusted GPU commands. This results in a logic error in the Adreno driver's ringbuffer allocation code, which can be used to corrupt ringbuffer data. A race condition exists between the ringbuffer corruption and a GPU context switch, and this results in a bypass of the GPU protected mode setting. This ultimately means that an attacker can read and write arbitrary physical addresses from userland by running GPU commands while protected mode disabled, which results in arbitrary kernel code execution.
1b8910b13d2d3595dcd217d98080e491All versions up to and prior to Hyland OnBase Foundation EP1 (tested: 19.8.9.1000) and OnBase 18 (tested: 18.0.0.32) perform insecure deserialization practices that can lead to code execution.
3c981b4ffeff1009ea3009c81627d773
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed