Monthly Archive: May 2020

The GlobalProtect Portal feature in PAN-OS does not set a new session identifier after a successful user login, which allows session fixation attacks, if an attacker is able to control a user’s session ID....

A flaw was found in Keycloak before version 11.0.0, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject arbitrarily serialized Java Objects, which would then...

WordPress Plugin Simple File List before 4.2.8 is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input. Date published : 2020-05-13 https://ctulhu.me/2020/05/16/cve-2020-12832/ https://plugins.trac.wordpress.org/changeset/2302759

** DISPUTED ** An issue was discovered in FRRouting FRR (aka Free Range Routing) through 7.3.1. When using the split-config feature, the init script creates an empty config file with world-readable default permissions, leading...

TRENDnet ProView Wireless camera TV-IP512WN 1.0R 1.0.4 is vulnerable to an unauthenticated stack-based buffer overflow in handling RTSP packets. This may result in remote code execution or denial of service. The issue is in...

The iubenda-cookie-law-solution plugin before 2.3.5 for WordPress does not restrict URL sanitization to http protocols. Date published : 2020-05-13 https://github.com/iubenda/iubenda-cookie-class/commit/545e0586320ae6f16204ba548cf533ef75dc2fbd iubenda | All-in-one Compliance for GDPR / CCPA Cookie Consent + more

The direct_mail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query. Date published : 2020-05-13 https://typo3.org/security/advisory/typo3-ext-sa-2020-005 https://typo3.org/help/security-advisories

The direct_mail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl. Date published : 2020-05-13 https://typo3.org/security/advisory/typo3-ext-sa-2020-005 https://typo3.org/help/security-advisories

The direct_mail extension through 5.2.3 for TYPO3 has Broken Access Control for newsletter subscriber tables. Date published : 2020-05-13 https://typo3.org/security/advisory/typo3-ext-sa-2020-005 https://typo3.org/help/security-advisories

The direct_mail extension through 5.2.3 for TYPO3 allows Denial of Service via log entries. Date published : 2020-05-13 https://typo3.org/security/advisory/typo3-ext-sa-2020-005 https://typo3.org/help/security-advisories

The Western Digital WD Discovery application before 3.8.229 for MyCloud Home on Windows and macOS is vulnerable to CSRF, with impacts such as stealing data, modifying disk contents, or exhausting disk space. Date published...

In Autoswitch Python Virtualenv before version 0.16.0, a user who enters a directory with a malicious `.venv` file could run arbitrary code without any user interaction. This is fixed in version: 1.16.0 Date published...

The SVG Sanitizer extension for TYPO3 has a cross-site scripting vulnerability in versions before 1.0.3. Slightly invalid or incomplete SVG markup is not correctly processed and thus not sanitized at all. Albeit the markup...

In TYPO3 CMS 9.0.0 through 9.5.16 and 10.0.0 through 10.4.1, it has been discovered that the backend user interface and install tool are vulnerable to a same-site request forgery. A backend user can be...