In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%TotalDefenseConsumerISS9bdTDUpdate2 used by AMRT.exe allows local attackers to hijack bdcore.dll, which leads to privilege escalation when the AMRT service loads the DLL. Date...
In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%TotalDefenseConsumerISS9 used by ccschedulersvc.exe allows local attackers to hijack dotnetproxy.exe, which leads to privilege escalation when the ccSchedulerSVC service runs the executable. Date...
In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances ‘s->dsp’ index to read next opcode. This can lead to an infinite loop...
Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an unauthenticated attacker to read the application’s error log via components/api.py. Date published : 2019-09-23 https://github.com/home-assistant/home-assistant/pull/13836 https://github.com/home-assistant/home-assistant/releases/tag/0.67.0
All versions up to V81511329.1008 of ZTE ZXV10 B860A products are impacted by input validation vulnerability. Due to input validation, unauthorized users can take advantage of this vulnerability to control the user terminal system....
In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter. Date published : 2019-09-23 https://seclists.org/bugtraq/2020/Jan/25 https://www.debian.org/security/2020/dsa-4604
ZZZCMS zzzphp v1.7.2 has an insufficient protection mechanism against PHP Code Execution, because passthru bypasses an str_ireplace operation. Date published : 2019-09-23 http://www.iwantacve.cn/index.php/archives/348/
NoneCMS v1.3 has CSRF in public/index.php/admin/admin/dele.html, as demonstrated by deleting the admin user. Date published : 2019-09-23 http://www.iwantacve.cn/index.php/archives/337/
ZZZCMS zzzphp v1.7.2 does not properly restrict file upload in plugins/ueditor/php/controller.php?upfolder=news&action=catchimage, as demonstrated by uploading a .htaccess or .php5 file. Date published : 2019-09-23 http://www.iwantacve.cn/index.php/archives/333/
WTCMS 1.0 allows index.php?g=admin&m=index&a=index CSRF with resultant XSS. Date published : 2019-09-23 http://www.iwantacve.cn/index.php/archives/344/
In radare2 before 3.9.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it’s possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability...
In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized. Date published : 2019-09-23 https://security.netapp.com/advisory/ntap-20191031-0005/ https://support.f5.com/csp/article/K48351130?utm_source=f5support&utm_medium=RSS
ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c. Date published : 2019-09-23 https://www.debian.org/security/2020/dsa-4712 https://github.com/ImageMagick/ImageMagick/issues/1558
ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image. Date published : 2019-09-23 https://github.com/ImageMagick/ImageMagick/issues/1557 http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html