Monthly Archive: April 2020

A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE...

A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE...

Insufficiently protected credentials vulnerability on Micro Focus enterprise developer and enterprise server, affecting all version prior to 4.0 Patch Update 16, and version 5.0 Patch Update 6. The vulnerability could allow an attacker to...

A heap overflow vulnerability in the Autodesk FBX-SDK versions 2019.2 and earlier may lead to arbitrary code execution on a system running it. Date published : 2020-04-17 https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002

A NULL pointer dereference vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application. Date published : 2020-04-17 https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002

An intager overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application. Date published : 2020-04-17 https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002

A use-after-free vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to code execution on a system running it. Date published : 2020-04-17 https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002

A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitary code read/write on the system running it. Date published : 2020-04-17 https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002

A buffer overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitrary code execution on a system running it. Date published : 2020-04-17 https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002

An improper signature validation vulnerability in Autodesk Dynamo BIM versions 2.5.1 and 2.5.0 may lead to code execution through maliciously crafted DLL files. Date published : 2020-04-17 https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0001

Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user’s browser session. Updated input validation techniques have been implemented to...

In OpenMRS 2.9 and prior, the export functionality of the Data Exchange Module does not properly redirect to a login page when an unauthenticated user attempts to access it. This allows the export of...

In OpenMRS 2.9 and prior, he import functionality of the Data Exchange Module does not properly redirect to a login page when an unauthenticated user attempts to access it. This allows unauthenticated users to...

In OpenMRS 2.9 and prior, the app parameter for the ActiveVisit’s page is vulnerable to cross-site scripting. Date published : 2020-04-17 https://www.tenable.com/security/research/tra-2020-18