Monthly Archive: April 2020

IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. By placing a specially crafted file, an attacker could exploit this vulnerability to load other DLL files located...

IBM UrbanCode Deploy (UCD) 7.0.3.0 and 7.0.4.0 could allow an authenticated user to impersonate another user if the server is configured to enable Distributed Front End (DFE). IBM X-Force ID: 174955. Date published :...

A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential XSS attacks due to the lack of...

bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input. Date published...

Nanometrics Centaur through 4.3.23 and TitanSMA through 4.2.20 mishandle access control for the syslog log. Date published : 2020-04-23 https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5562.php

Fifthplay S.A.M.I before 2019.3_HP2 allows unauthenticated stored XSS via a POST request. Date published : 2020-04-23 https://www.fifthplay.com/faq/ https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5561.php

The AirDisk Pro app 5.5.3 for iOS allows XSS via the devicename parameter (shown next to the UI logo). Date published : 2020-04-23 https://www.vulnerability-lab.com/get_content.php?id=2203

The AirDisk Pro app 5.5.3 for iOS allows XSS via the deleteFile parameter of the Delete function. Date published : 2020-04-23 https://www.vulnerability-lab.com/get_content.php?id=2203

The AirDisk Pro app 5.5.3 for iOS allows XSS via the createFolder parameter of the Create Folder function. Date published : 2020-04-23 https://www.vulnerability-lab.com/get_content.php?id=2203

DONG JOO CHO File Transfer iFamily 2.1 allows directory traversal related to the ./etc/ path. Date published : 2020-04-23 https://www.vulnerability-lab.com/get_content.php?id=2199

The keygen protocol implementation in Binance tss-lib before 1.2.0 allows attackers to generate crafted h1 and h2 parameters in order to compromise a signing round or obtain sensitive information from other parties. Date published...

BigBlueButton before 2.2.4 allows XSS via closed captions because dangerouslySetInnerHTML in React is used. Date published : 2020-04-23 https://github.com/bigbluebutton/bigbluebutton/pull/9017 https://github.com/bigbluebutton/bigbluebutton/releases/tag/v2.2.4

BigBlueButton before 2.2.5 allows remote attackers to obtain sensitive files via Local File Inclusion. Date published : 2020-04-23 https://github.com/bigbluebutton/bigbluebutton/compare/v2.2.4…v2.2.5 Yes, the fix to the reported vulnerability (thanks to @thibeault_chenu for responsible disclosure) is in...

OpenConnect through 8.08 mishandles negative return values from X509_check_ function calls, which might assist attackers in performing man-in-the-middle attacks. Date published : 2020-04-23 https://security.gentoo.org/glsa/202006-15 https://gitlab.com/openconnect/openconnect/-/merge_requests/96