A stack-based buffer overflow on DrayTek Vigor2960, Vigor3900, and Vigor300B devices before 1.5.1.1 allows remote attackers to execute arbitrary code via the formuserphonenumber parameter in an authusersms action to mainfunction.cgi. Date published : 2020-06-23...
An issue was discovered in F-Secure SAFE 17.7 on macOS. Due to incorrect client version verification, an attacker can connect to a privileged XPC service, and execute privileged commands on the system. NOTE: the...
An issue was discovered in F-Secure SAFE 17.7 on macOS. The XPC services use the PID to identify the connecting client, which allows an attacker to perform a PID reuse attack and connect to...
GNS3 ubridge through 0.9.18 on macOS, as used in GNS3 server before 2.1.17, allows a local attacker to read arbitrary files because it handles configuration-file errors by printing the configuration file while executing in...
The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to delete, move, or copy arbitrary files via IOCTL code 0x222124. Date published : 2020-06-23 https://theevilbit.github.io/posts/ https://www.iobit.com/en/iobit-unlocker.php
The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to unlock a file and kill processes (even ones running as SYSTEM) that hold a handle, via IOCTL code 0x222124. Date published : 2020-06-23...
Pi-hole through 5.0 allows code injection in piholedhcp (the Static DHCP Leases section) by modifying Teleporter backup files and then restoring them. This occurs in settings.php. To exploit this, an attacker would request a...
On TP-Link TL-WR740N v4 and TL-WR740ND v4 devices, an attacker with access to the admin panel can inject HTML code and change the HTML context of the target pages and stations in the access-control...
An issue was discovered in io/gpx/GPXDocumentReader.java in TuxGuitar 1.5.4. It uses misconfigured XML parsers, leading to XXE while loading GP6 (.gpx) and GP7 (.gp) tablature files. Date published : 2020-06-23 https://logicaltrust.net/blog/2020/06/tuxguitar.html https://sourceforge.net/p/tuxguitar/bugs/126/
An issue was discovered in savestruct_internal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game’s state. A file can be modified to put any Lua code inside, leading...
An issue was discovered in map.c in FreedroidRPG 1.0rc2. It assumes lengths of data sets read from saved game files. It copies data from a file into a fixed-size heap-allocated buffer without size verification,...
XSS exists in PRTG Network Monitor 20.1.56.1574 via crafted map properties. An attacker with Read/Write privileges can create a map, and then use the Map Designer Properties screen to insert JavaScript code. This can...
modulesusersadminedit.php in NukeViet 4.4 allows CSRF to change a user’s password via an admin/index.php?nv=users&op=edit&userid= URI. The old password is not needed. Date published : 2020-06-23 https://nukeviet.vn/en/ https://www.exploit-db.com/exploits/48489
modulesusersadminadd_user.php in NukeViet 4.4 allows CSRF to add a user account via the admin/index.php?nv=users&op=user_add URI. Date published : 2020-06-23 https://nukeviet.vn/en/ https://www.exploit-db.com/exploits/48489