In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths. Date published : 2019-05-23 http://www.securityfocus.com/bid/108457 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/
An issue was discovered in upgrade_firmware.cgi on VStarcam 100T (C7824WIP) CH-sys-48.53.75.119~123 and 200V (C38S) CH-sys-48.53.203.119~123 devices. A remote command can be executed through a system firmware update without authentication. The attacker can modify the...
An issue was discovered in upgrade_htmls.cgi on VStarcam 100T (C7824WIP) KR75.8.53.20 and 200V (C38S) KR203.18.1.20 devices. The web service, network, and account files can be manipulated through a web UI firmware update without any...
In OpenWrt LuCI through 0.10, the endpoints admin/status/realtime/bandwidth_status and admin/status/realtime/wireless_status of the web application are affected by a command injection vulnerability. Date published : 2019-05-23 https://github.com/openwrt/luci/commit/9e4b8a91384562e3baee724a52b72e30b1aa006d https://github.com/openwrt/luci/commits/master
Insecure permissions of the section object GlobalPandaDevicesAgentSharedMemory and the event GlobalPandaDevicesAgentSharedMemoryChange in Panda products before 18.07.03 allow attackers to queue an event (as an encrypted JSON string) to the system service AgentSvc.exe, which leads...
wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is greater than a client identity size. An attacker sends a crafted hello client packet over the network to...
In Mitsubishi Electric MELSEC-Q series Ethernet module QJ71E71-100 serial number 20121 and prior, an attacker could send crafted TCP packets against the FTP service, forcing the target devices to enter an error mode and...
In the Form Maker plugin before 1.13.3 for WordPress, it’s possible to achieve SQL injection in the function get_labels_parameters in the file form-maker/admin/models/Submissions_fm.php with a crafted value of the /models/Submissioc parameter. Date published :...
Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 with a pw prefix, e.g., if the password is admin, it will calculate the MD5 hash of pwadmin and store it in a MySQL...
Computrols CBAS 18.0.0 allows Authenticated Command Injection. Date published : 2019-05-23 https://applied-risk.com/index.php/download_file/view/196/165 https://applied-risk.com/labs/advisories
Computrols CBAS 18.0.0 allows Authentication Bypass. Date published : 2019-05-23 https://applied-risk.com/index.php/download_file/view/196/165 https://applied-risk.com/labs/advisories
Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start_pulling&id= substring. Date published : 2019-05-23 http://packetstormsecurity.com/files/155251/Computrols-CBAS-Web-19.0.0-Blind-SQL-Injection.html https://applied-risk.com/index.php/download_file/view/196/165
Computrols CBAS 18.0.0 has hard-coded encryption keys. Date published : 2019-05-23 https://applied-risk.com/index.php/download_file/view/196/165 https://applied-risk.com/labs/advisories
Computrols CBAS 18.0.0 has Default Credentials. Date published : 2019-05-23 https://applied-risk.com/index.php/download_file/view/196/165 https://applied-risk.com/labs/advisories