Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded APP_KEY in /opt/axess/etc/default/axess. Date published : 2020-06-26 https://pierrekim.github.io/blog/2020-03-09-zyxel-secumanager-0day-vulnerabilities.html https://www.zyxel.com/support/vulnerabilities-of-CloudCNM-SecuManager.shtml
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak Data.fs permissions. Date published : 2020-06-26 https://pierrekim.github.io/blog/2020-03-09-zyxel-secumanager-0day-vulnerabilities.html https://www.zyxel.com/support/vulnerabilities-of-CloudCNM-SecuManager.shtml
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/var/blobstorage/ permissions. Date published : 2020-06-26 https://pierrekim.github.io/blog/2020-03-09-zyxel-secumanager-0day-vulnerabilities.html https://www.zyxel.com/support/vulnerabilities-of-CloudCNM-SecuManager.shtml
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication. Date published : 2020-06-26 https://pierrekim.github.io/blog/2020-03-09-zyxel-secumanager-0day-vulnerabilities.html https://www.zyxel.com/support/vulnerabilities-of-CloudCNM-SecuManager.shtml
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem. Date published : 2020-06-26 https://pierrekim.github.io/blog/2020-03-09-zyxel-secumanager-0day-vulnerabilities.html https://www.zyxel.com/support/vulnerabilities-of-CloudCNM-SecuManager.shtml
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication. Date published : 2020-06-26 https://pierrekim.github.io/blog/2020-03-09-zyxel-secumanager-0day-vulnerabilities.html https://www.zyxel.com/support/vulnerabilities-of-CloudCNM-SecuManager.shtml
Support Incident Tracker (aka SiT! or SiTracker) 3.67 p2 allows post-authentication SQL injection via the site_edit.php typeid or site parameter, the search_incidents_advanced.php search_title parameter, or the report_qbe.php criteriafield parameter. Date published : 2020-06-26 https://code610.blogspot.com/2020/06/postauth-sqli-in-sitracker-v367-p2.html
NeDi 1.9C is vulnerable to reflected cross-site scripting. The Devices-Config.php file improperly validates user input. An attacker can exploit this vulnerability by crafting arbitrary JavaScript in the sta GET parameter. Date published : 2020-06-26...
NeDi 1.9C is vulnerable to reflected cross-site scripting. The Other-Converter.php file improperly validates user input. An attacker can exploit this vulnerability by crafting arbitrary JavaScript in the txt GET parameter. Date published : 2020-06-26...
In Jiangmin Antivirus 16.0.13.129, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220440. Date...
In Philips Ultrasound ClearVue Versions 3.2 and prior, Ultrasound CX Versions 5.0.2 and prior, Ultrasound EPIQ/Affiniti Versions VM5.0 and prior, Ultrasound Sparq Version 3.0.2 and prior and Ultrasound Xperius all versions, an attacker may...
An issue was discovered in Mattermost Mobile Apps before 1.31.2 on iOS. Unintended third-party servers could sometimes obtain authorization tokens, aka MMSA-2020-0022. Date published : 2020-06-26 https://mattermost.com/security-updates/
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of...
A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm’s module, authenc. When a payload longer than 4 bytes, and is not following...