PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open. Date published : 2020-03-18 https://metacpan.org/source/JKAMPHAUS/PerlSpeak-2.01/Changes https://rt.cpan.org/Public/Bug/Display.html?id=132173
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus). Date published : 2020-03-18 https://security.netapp.com/advisory/ntap-20200403-0002/ https://github.com/FasterXML/jackson-databind/issues/2660
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). Date published : 2020-03-18 https://security.netapp.com/advisory/ntap-20200403-0002/ https://github.com/FasterXML/jackson-databind/issues/2659
Docker Desktop allows local privilege escalation to NT AUTHORITYSYSTEM because it mishandles the collection of diagnostics with Administrator privileges, leading to arbitrary DACL permissions overwrites and arbitrary file writes. This affects Docker Desktop Enterprise...
LogicalDoc before 8.3.3 allows SQL Injection. LogicalDoc populates the list of available documents by querying the database. This list could be filtered by modifying some of the parameters. Some of them are not properly...
Subrion CMS 4.1.5 (and possibly earlier versions) allow CSRF to change the administrator password via the panel/members/edit/1 URI. Date published : 2020-03-17 https://github.com/intelliants/subrion/issues/638
The Hustle (aka wordpress-popup) plugin through 6.0.5 for WordPress allows Directory Traversal to obtain a directory listing via the views/admin/dashboard/ URI. Date published : 2020-03-17 https://pastebin.com/ndDJT3d3 Hustle – Email Marketing, Lead Generation, Optins, Popups
cPanel before 82.0.18 allows WebDAV authentication bypass because the connection-sharing logic is incorrect (SEC-534). Date published : 2020-03-17 https://documentation.cpanel.net/display/CL/82+Change+Log
cPanel before 82.0.18 allows stored XSS via WHM Backup Restoration (SEC-533). Date published : 2020-03-17 https://documentation.cpanel.net/display/CL/82+Change+Log
cPanel before 82.0.18 allows attackers to conduct arbitrary chown operations as root during log processing (SEC-532). Date published : 2020-03-17 https://documentation.cpanel.net/display/CL/82+Change+Log
cPanel before 82.0.18 allows attackers to read an arbitrary database via MySQL dump streaming (SEC-531). Date published : 2020-03-17 https://documentation.cpanel.net/display/CL/82+Change+Log
In cPanel before 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers (SEC-525). Date published : 2020-03-17 https://documentation.cpanel.net/display/CL/82+Change+Log
cPanel before 82.0.18 allows self-XSS because JSON string escaping is mishandled (SEC-520). Date published : 2020-03-17 https://documentation.cpanel.net/display/CL/82+Change+Log
cPanel before 82.0.18 allows authentication bypass because of misparsing of the format of the password file (SEC-516). Date published : 2020-03-17 https://documentation.cpanel.net/display/CL/82+Change+Log