libubox in OpenWrt before 18.06.7 and 19.x before 19.07.1 has a tagged binary data JSON serialization vulnerability that may cause a stack based buffer overflow. Date published : 2020-03-16 https://openwrt.org/advisory/2020-01-31-2 https://github.com/openwrt/openwrt/commits/master
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account...
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from...
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in...
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Transfer Protocol (SMTP) account data is...
Nagios Log Server 2.1.3 allows XSS by visiting /profile and entering a crafted name field that is mishandled on the /admin/users page. Any malicious user with limited access can store an XSS payload in...
Nagios Log Server 2.1.3 has CSRF. Date published : 2020-03-16 https://assets.nagios.com/downloads/nagios-log-server/CHANGES.TXT https://medium.com/@fixitt6/multiple-vulnerabilities-in-nagios-log-server-2-1-3-af7c160edc60
Nagios Log Server 2.1.3 has Incorrect Access Control. Date published : 2020-03-16 https://assets.nagios.com/downloads/nagios-log-server/CHANGES.TXT https://medium.com/@fixitt6/multiple-vulnerabilities-in-nagios-log-server-2-1-3-af7c160edc60
Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small negative number as a large positive number during a bzero call. Date published : 2020-03-16 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DNGKXVDB43E3KQRA6W5QZT3Z46XZLQM/ https://herolab.usd.de/security-advisories/
Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nasty_metachars interprets n as the character and the character n (not as the n newline sequence). This can cause command injection. Date published : 2020-03-16...
Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation. Date published : 2020-03-16 https://support.citrix.com/article/CTX263526 https://support.citrix.com/search
Unraid 6.8.0 allows authentication bypass. Date published : 2020-03-16 http://packetstormsecurity.com/files/157275/Unraid-6.8.0-Authentication-Bypass-Arbitrary-Code-Execution.html https://forums.unraid.net/forum/7-announcements/
Unraid through 6.8.0 allows Remote Code Execution. Date published : 2020-03-16 http://packetstormsecurity.com/files/157275/Unraid-6.8.0-Authentication-Bypass-Arbitrary-Code-Execution.html https://forums.unraid.net/forum/7-announcements/
index.php?sec=godmode/extensions&sec2=extensions/files_repo in Pandora FMS v7.0 NG allows authenticated administrators to upload malicious PHP scripts, and execute them via base64 decoding of the file location. This affects v7.0NG.742_FIX_PERL2020. Date published : 2020-03-16 https://github.com/TheCyberGeek/CVE-2020-5844 https://pandorafms.com