Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-39404: GitHub - mari0x00/MaianAffiliate-Code-execution-and-XSS

MaianAffiliate v1.0 allows an authenticated administrative user to save an XSS to the database.

CVE

Related news

CVE-2021-33816: Security Advisory 2106-01 - Trovent Security GmbH

The website builder module in Dolibarr 13.0.2 allows remote PHP code execution because of an incomplete protection mechanism in which system, exec, and shell_exec are blocked but backticks are not blocked.

CVE-2021-41772: [security] Go 1.17.3 and Go 1.16.10 are released

Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field.

CVE-2021-41566: TWCERT/CC台灣電腦網路危機處理暨協調中心-Tad TadTools - Arbitrary File Upload

The file extension of the TadTools file upload function fails to filter, thus remote attackers can upload any types of files and execute arbitrary code without logging in.

CVE-2021-39339: Vulnerability Advisories - Wordfence

The Telefication WordPress plugin is vulnerable to Open Proxy and Server-Side Request Forgery via the ~/bypass.php file due to a user-supplied URL request value that gets called by a curl requests. This affects versions up to, and including, 1.8.0.

CVE-2020-19553: Stored Cross-Scripting Vulnerability Vulnerability in WUZHI CMS <=4.1.0 · Issue #179 · wuzhicms/wuzhicms

Cross Site Scripting (XSS) vlnerability exists in WUZHI CMS up to and including 4.1.0 in the config function in coreframe/app/attachment/libs/class/ckditor.class.php.

CVE-2021-32269: A Segmentation fault in box_dump.c:3641 · Issue #1574 · gpac/gpac

An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function ilst_item_box_dump located in box_dump.c. It allows an attacker to cause Denial of Service.

CVE-2021-32268: A heap-buffer-overflow in box_dump.c:350 · Issue #1587 · gpac/gpac

Buffer overflow vulnerability in function gf_fprintf in os_file.c in gpac through 20200801, allows attackers to execute arbitrary code.

CVE-2021-32287: A global-buffer-overflow in hevcdecoderconfigrecord.cpp:311:37 · Issue #86 · nokiatech/heif

An issue was discovered in heif through v3.6.2. A global-buffer-overflow exists in the function HevcDecoderConfigurationRecord::getPicWidth() located in hevcdecoderconfigrecord.cpp. It allows an attacker to cause code Execution.

CVE-2021-32288: A global-buffer-overflow in hevcdecoderconfigrecord.cpp:317:38 · Issue #87 · nokiatech/heif

An issue was discovered in heif through v3.6.2. A global-buffer-overflow exists in the function HevcDecoderConfigurationRecord::getPicHeight() located in hevcdecoderconfigrecord.cpp. It allows an attacker to cause code Execution.

CVE-2021-32265: A global-buffer-overflow in Ap4ByteStream.cpp:783:5 · Issue #545 · axiomatic-systems/Bento4

An issue was discovered in Bento4 through v1.6.0-637. A global-buffer-overflow exists in the function AP4_MemoryByteStream::WritePartial() located in Ap4ByteStream.cpp. It allows an attacker to cause code execution or information disclosure.

CVE-2021-32270: A Segmentation fault in box_code_base.c:11579 · Issue #1586 · gpac/gpac

An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function vwid_box_del located in box_code_base.c. It allows an attacker to cause Denial of Service.

CVE-2021-32298: A global-buffer-overflow in error.c:46:18 · Issue #10 · svanderburg/libiff

An issue was discovered in libiff through 20190123. A global-buffer-overflow exists in the function IFF_errorId located in error.c. It allows an attacker to cause code Execution.

CVE-2021-39537: A heap-buffer-overflow in captoinfo.c:321:12

An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow.

CVE-2021-39548: Segmentation fault in frame_decoder.cpp:65:35 · Issue #28 · sahaRatul/sela

An issue was discovered in sela through 20200412. A NULL pointer dereference exists in the function frame::FrameDecoder::process() located in frame_decoder.c. It allows an attacker to cause Denial of Service.

CVE-2021-32294: A heap-buffer-overflow in RIFF.cpp:1151 · Issue #1 · drbye78/libgig

An issue was discovered in libgig through 20200507. A heap-buffer-overflow exists in the function RIFF::List::GetSubList located in RIFF.cpp. It allows an attacker to cause code Execution.

CVE-2021-39549: Segmentation fault in wav_file.cpp:13:46 · Issue #27 · sahaRatul/sela

An issue was discovered in sela through 20200412. A NULL pointer dereference exists in the function file::WavFile::WavFile() located in wav_file.c. It allows an attacker to cause Denial of Service.

CVE-2021-39545: Segmentation fault in rice_decoder.cpp:58:5 · Issue #31 · sahaRatul/sela

An issue was discovered in sela through 20200412. A NULL pointer dereference exists in the function rice::RiceDecoder::process() located in rice_decoder.c. It allows an attacker to cause Denial of Service.

CVE-2021-39547: Segmentation fault in sample_generator.cpp:15:18 · Issue #32 · sahaRatul/sela

An issue was discovered in sela through 20200412. A NULL pointer dereference exists in the function lpc::SampleGenerator::process() located in sample_generator.cpp. It allows an attacker to cause Denial of Service.

CVE-2021-40674: There are 3 SQL injections in Wuzhicms v4.1.0 background · Issue #198 · wuzhicms/wuzhicms

An SQL injection vulnerability exists in Wuzhi CMS v4.1.0 via the KeyValue parameter in coreframe/app/order/admin/index.php.

CVE-2021-40670: Wuzhicms v4.1.0 /coreframe/app/order/admin/card.php hava a SQL Injection Vulnerability · Issue #197 · wuzhicms/wuzhicms

SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords iparameter under the /coreframe/app/order/admin/card.php file.

CVE-2021-40669: Wuzhicms v4.1.0 /coreframe/app/promote/admin/index.php hava a SQL Injection Vulnerability · Issue #196 · wuzhicms/wuzhicms

SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords parameter under the coreframe/app/promote/admin/index.php file.

CVE-2021-41054: atftp / Code / Commit [d255bf]

tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options.

CVE-2021-38360: Vulnerability Advisories - Wordfence

The wp-publications WordPress plugin is vulnerable to restrictive local file inclusion via the Q_FILE parameter found in the ~/bibtexbrowser.php file which allows attackers to include local zip files and achieve remote code execution, in versions up to and including 0.0.

CVE-2021-40373: GitHub - maikroservice/CVE-2021-40373: CVE-2021-40373 - remote code execution

playSMS before 1.4.5 allows Arbitrary Code Execution by entering PHP code at the #tabs-information-page of core_main_config, and then executing that code via the index.php?app=main&inc=core_welcome URI.

CVE-2021-38324: Vulnerability Advisories - Wordfence

The SP Rental Manager WordPress plugin is vulnerable to SQL Injection via the orderby parameter found in the ~/user/shortcodes.php file which allows attackers to retrieve information contained in a site's database, in versions up to and including 1.5.3.

CVE-2021-32610: Release 1.4.14 · pear/Archive_Tar

In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.

CVE-2020-28948: Multiple vulnerabilities through filename manipulation (CVE-2020-28948 and CVE-2020-28949) · Issue #33 · pear/Archive_Tar

Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.

CVE-2020-28949: Multiple vulnerabilities through filename manipulation (CVE-2020-28948 and CVE-2020-28949) · Issue #33 · pear/Archive_Tar

Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.

CVE-2020-0570: 1800604 – (CVE-2020-0570) CVE-2020-0570 qt: files placed by attacker can influence the working directory and lead to malicious code execution

Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.

CVE-2020-24986: HackerOne

Concrete5 up to and including 8.5.2 allows Unrestricted Upload of File with Dangerous Type such as a .php file via File Manager. It is possible to modify site configuration to upload the PHP file and execute arbitrary commands.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907