Monthly Archive: January 2020

The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest...

A vulnerability exists in the Aruba AirWave Management Platform 8.x prior to 8.2 in the management interface of an underlying system component called RabbitMQ, which could let a malicious user obtain sensitive information. This...

Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive...

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to...

In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit...

Remote Authentication Bypass in Senior Rubiweb 6.2.34.28 and 6.2.34.37 allows admin access to sensitive information of affected users using vulnerable versions. The attacker only needs to provide the correct URL. Date published : 2020-01-31...

Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "it is beta-quality software and don’t put too much money in it." Date published : 2020-01-31...

Lightning Network Daemon (lnd) before 0.7 allows attackers to trigger loss of funds because of Incorrect Access Control. Date published : 2020-01-31 https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-September/002174.html https://github.com/lightningnetwork/lnd/commits/master

c-lightning before 0.7.1 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "It can be used for testing, but it should not be used for real funds." Date...

In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter. Date published : 2020-01-31 http://packetstormsecurity.com/files/156103/IceWarp-WebMail-11.4.4.1-Cross-Site-Scripting.html https://cxsecurity.com/issue/WLB-2020010205

School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=deleteadmin CSRF to delete a user. Date published : 2020-01-31 https://github.com/J3rryBl4nks/SchoolERPCSRF

School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=addadmin CSRF to add an administrative user. Date published : 2020-01-31 https://github.com/J3rryBl4nks/SchoolERPCSRF

Biscom Secure File Transfer (SFT) 5.0.1050 through 5.1.1067 and 6.0.1000 through 6.0.1003 allows Insecure Direct Object Reference (IDOR) by an authenticated sender because of an error in a file-upload feature. This is fixed in...

controllers/page_apply.php in Simplejobscript.com SJS through 1.66 is prone to unauthenticated Remote Code Execution by uploading a PHP script as a resume. Date published : 2020-01-31 https://github.com/niteosoft/simplejobscript/issues/10