Security
Headlines
HeadlinesLatestCVEs

Headline

WordPress 4.9.6 Arbitrary File Deletion

WordPress version 4.9.6 arbitrary file deletion exploit. Original discovery of this vulnerability is attributed to VulnSpy in June of 2018.

Packet Storm
#vulnerability#dos#sql#vulnerability#ubuntu#vulnerability#sql#ubuntu#vulnerability

Related news

CVE-2020-23109: Heap overflow in heif_colorconversion.cc:2263 · Issue #207 · strukturag/libheif

Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file.

CVE-2021-34584

Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.

CVE-2021-34586

In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition.

CVE-2021-34583

Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.

CVE-2020-28969

Aplioxio PDF ShapingUp 5.0.0.139 contains a buffer overflow which allows attackers to cause a denial of service (DoS) via a crafted PDF file.

CVE-2020-22674: Segmentation fault (ASAN: SEGV on unknown address) in the FixTrackID function of isom_intern.c:133 · Issue #1346 · gpac/gpac

An issue was discovered in gpac 0.8.0. An invalid memory dereference exists in the function FixTrackID located in isom_intern.c, which allows attackers to cause a denial of service (DoS) via a crafted input.

CVE-2021-21684: Jenkins Security Advisory 2021-10-06

Jenkins Git Plugin 4.8.2 and earlier does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripting (XSS) vulnerability.

CVE-2021-35503: FileRun Blog

Afian FileRun 2021.03.26 allows stored XSS via an HTTP X-Forwarded-For header that is mishandled when rendering Activity Logs.

MedSec Network Utility Tool

MedSec is a network utility tool developed to perform some network, security administrator, and pentesting tasks. Basic functionality includes port scans, host discovery, banner grabbing, dns checks, subdomain enumeration, and more.

CVE-2021-33583

REINER timeCard 6.05.07 installs a Microsoft SQL Server with an sa password that is hardcoded in the TCServer.jar file.

CVE-2021-33583:

REINER timeCard 6.05.07 installs a Microsoft SQL Server with an sa password that is hardcoded in the TCServer.jar file.

CVE-2021-40106: 8.5.6 Release Notes :: Concrete CMS

An issue was discovered in Concrete CMS through 8.5.5. There is unauthenticated stored XSS in blog comments via the website field.

CVE-2021-40105: HackerOne

An issue was discovered in Concrete CMS through 8.5.5. There is XSS via Markdown Comments.

CVE-2021-40097: HackerOne

An issue was discovered in Concrete CMS through 8.5.5. Authenticated path traversal leads to to remote code execution via uploaded PHP code, related to the bFilename parameter.

CVE-2021-40103: HackerOne

An issue was discovered in Concrete CMS through 8.5.5. Path Traversal can lead to Arbitrary File Reading and SSRF.

CVE-2021-40104: HackerOne

An issue was discovered in Concrete CMS through 8.5.5. There is an SVG sanitizer bypass.

CVE-2021-40099: HackerOne

An issue was discovered in Concrete CMS through 8.5.5. Fetching the update json scheme over HTTP leads to remote code execution.

CVE-2021-40100: 8.5.6 Release Notes :: Concrete CMS

An issue was discovered in Concrete CMS through 8.5.5. Stored XSS can occur in Conversations when the Active Conversation Editor is set to Rich Text.

CVE-2021-22950: 8.5.6 Release Notes :: Concrete CMS

Concrete CMS prior to 8.5.6 had a CSFR vulnerability allowing attachments to comments in the conversation section to be deleted.Credit for discovery: "Solar Security Research Team"

CVE-2020-8561: [Security Advisory] CVE-2020-8561: Webhook redirect in kube-apiserver

A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the log level is set to 10, they can view the redirected responses and headers in the logs.

CVE-2021-39535: A Segmentation fault in libxsmm_gemm_generator · Issue #398 · hfp/libxsmm

An issue was discovered in libxsmm through v1.16.1-93. A NULL pointer dereference exists in JIT code. It allows an attacker to cause Denial of Service.

CVE-2020-21049: Release v1.8.5 security update · saitoha/libsixel

An invalid read in the stb_image.h component of libsixel prior to v1.8.5 allows attackers to cause a denial of service (DOS) via a crafted PSD file.

CVE-2020-21048: Release v1.8.4 security update · saitoha/libsixel

An issue in the dither.c component of libsixel prior to v1.8.4 allows attackers to cause a denial of service (DOS) via a crafted PNG file.

CVE-2021-36582: GitHub - l00neyhacker/CVE-2021-36582: CVE-2021-36582

In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., aspx) to the server and then call upon it to receive a reverse shell from the victim server. The files are uploaded to /Content/Template/root/reverse-shell.aspx and can be simply triggered by browsing that URL.

CVE-2021-36581: GitHub - l00neyhacker/CVE-2021-36581: CVE-2021-36581

Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. It is possible to upload any file extension to the server. The server does not verify the extension of the file and the tester was able to upload an aspx to the server.

CVE-2021-25737: CVE-2021-25737: Holes in EndpointSlice Validation Enable Host Network Hijack · Issue #102106 · kubernetes/kubernetes

A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs.

CVE-2021-22204: Update to 12.24 · exiftool/exiftool@cf0f4e7

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image

CVE-2020-24723: CVE-2020–24723

Cross Site Scripting (XSS) vulnerability in the Registration page of the admin panel in PHPGurukul User Registration & Login and User Management System With admin panel 2.1.

Packet Storm: Latest News

CUPS IPP Attributes LAN Remote Code Execution