Security
Headlines
HeadlinesLatestCVEs

Tag

#ssl

CVE-2020-2322: Jenkins Security Advisory 2020-12-03

Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to generate load and to generate memory leaks.

CVE
#csrf#vulnerability#git#ssrf#docker#ssl
CVE-2020-25656: keyboard, reorder user buffer handling in vt_do_kdgkb_ioctl

A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.

CVE-2020-25654: [ClusterLabs] FYI: Pacemaker vulnerability CVE-2020-25654

An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration.

CVE-2020-28367: [security] Go 1.15.5 and Go 1.14.12 are released

Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via malicious gcc flags specified via a #cgo directive.

CVE-2020-25695: PostgreSQL: Security Information

A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVE-2020-27387: Add HorizontCMS 1.0.0-beta exploit module and documentation by ErikWynter · Pull Request #14340 · rapid7/metasploit-framework

An unrestricted file upload issue in HorizontCMS through 1.0.0-beta allows an authenticated remote attacker (with access to the FileManager) to upload and execute arbitrary PHP code by uploading a PHP payload, and then using the FileManager's rename function to provide the payload (which will receive a random name on the server) with the PHP extension, and finally executing the PHP file via an HTTP GET request to /storage/<php_file_name>. NOTE: the vendor has patched this while leaving the version number at 1.0.0-beta.

CVE-2020-25201: consul/CHANGELOG.md at main · hashicorp/consul

HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5.

RHSA-2020:4847: Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update

An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2015-9251: jquery: Cross-site scripting via cross-domain ajax requests * CVE-2016-10735: bootstrap: XSS in the data-target attribute * CVE-2018-14040: bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute * CVE-2018-14042: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip...

CVE-2020-14750: Oracle Security Alert - CVE-2020-14750

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).