Monthly Archive: March 2020

UPS companion software v1.05 & Prior is affected by ‘Eval Injection’ vulnerability. The software does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call e.g.”eval” in “Update...

Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.149 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension. Date published...

The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. An attacker can use this vulnerability to execute shell commands as root on versions...

The command-line "safety" package for Python has a potential security issue. There are two Python characteristics that allow malicious code to “poison-pill” command-line Safety package detection routines by disguising, or obfuscating, other malicious or...

A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika’s PSDParser in versions 1.0-1.23. Date published : 2020-03-23 https://lists.apache.org/thread.html/rd8c1b42bd0e31870d804890b3f00b13d837c528f7ebaf77031323172%40%3Cdev.tika.apache.org%3E https://www.oracle.com/security-alerts/cpujul2020.html

A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika’s PSDParser in versions 1.0-1.23. Date published : 2020-03-23 https://lists.apache.org/thread.html/r463b1a67817ae55fe022536edd6db34e8f9636971188430cbcf8a8dd%40%3Cdev.tika.apache.org%3E https://www.oracle.com/security-alerts/cpujul2020.html

There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and Transfer-Encoding and Content length headers. Upgrade to versions 7.1.9 and 8.0.6...

rConfig before 3.9.5 allows command injection by sending a crafted GET request to lib/crud/search.crud.php since the nodeId parameter is passed directly to the exec function without being escaped. Date published : 2020-03-23 https://www.exploit-db.com/exploits/48241 https://github.com/rconfig/rconfig/commit/3385f906427d228c48b914625136bf620f4ca0a9

Motorola FX9500 devices allow remote attackers to conduct absolute path traversal attacks, as demonstrated by PL/SQL Server Pages files such as /include/viewtagdb.psp. Date published : 2020-03-23 https://www.youtube.com/watch?v=Lv-STOyQCVY

Motorola FX9500 devices allow remote attackers to read database files. Date published : 2020-03-23 https://www.youtube.com/watch?v=Lv-STOyQCVY

** DISPUTED ** In OpenWrt LuCI git-20.x, remote unauthenticated attackers can retrieve the list of installed packages and services. NOTE: the vendor disputes the significance of this report because, for instances reachable by an...

Zim through 0.72.1 creates temporary directories with predictable names. A malicious user could predict and create Zim’s temporary directories and prevent other users from being able to start Zim, resulting in a denial of...

CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the "Select Role of the User" page. NOTE: A contributor to the CodeIgniter framework argues that the issue should...

HashiCorp Vault and Vault Enterprise versions 0.11.0 through 1.3.3 may, under certain circumstances, have existing nested-path policies grant access to Namespaces created after-the-fact. Fixed in 1.3.4. Date published : 2020-03-23 https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#134-march-19th-2020 https://www.hashicorp.com/blog/category/vault/