Monthly Archive: September 2020

An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer...

A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2,...

An arbitrary code execution vulnerability exists in the rendering functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. When drawing the contents of a page using colors from an indexed colorspace, the application can miscalculate...

An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. While searching for an object identifier in a malformed document that is missing from the cross-reference table,...

An exploitable vulnerability exists in the object stream parsing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when updating its cross-reference table. When processing an object stream from a PDF document, the application will...

An exploitable code execution vulnerability exists in the JPEG2000 Stripe Decoding functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when decoding sub-samples. While initializing tiles with sub-sample data, the application can miscalculate a pointer...

An issue was discovered in DotPlant2 before 2020-09-14. In class Pay2PayPayment in payment/Pay2PayPayment.php, there is an XXE vulnerability in the checkResult function. The user input ($_POST[‘xml’]) is used for simplexml_load_string without sanitization. NOTE: This...

SaferVPN before 5.0.3.3 on Windows could allow low-privileged users to create or overwrite arbitrary files, which could cause a denial of service (DoS) condition, because a symlink from %LOCALAPPDATA%SaferVPNLog is followed. Date published :...

webTareas through 2.1 allows XSS in clients/editclient.php, extensions/addextension.php, administration/add_announcement.php, administration/departments.php, administration/locations.php, expenses/claim_type.php, projects/editproject.php, and general/newnotifications.php. Date published : 2020-09-17 https://medium.com/@tehwinsam/webtareas-2-1-c8b406c68c2a https://sourceforge.net/p/webtareas/tickets/40/

webTareas through 2.1 allows files/Default/ Directory Listing. Date published : 2020-09-17 https://medium.com/@tehwinsam/webtareas-2-1-c8b406c68c2a https://sourceforge.net/p/webtareas/tickets/40/

webTareas through 2.1 allows upload of the dangerous .exe and .shtml file types. Date published : 2020-09-17 https://medium.com/@tehwinsam/webtareas-2-1-c8b406c68c2a https://sourceforge.net/p/webtareas/tickets/40/

ZoneMinder before 1.34.21 has XSS via the connkey parameter to download.php or export.php. Date published : 2020-09-17 https://forums.zoneminder.com/viewforum.php?f=1 https://github.com/ZoneMinder/zoneminder/commit/9268db14a79c4ccd444c2bf8d24e62b13207b413

The Reset Password add-on before 1.2.0 for Alfresco has a broken algorithm (involving an increment) that allows a malicious user to change any user’s account password include the admin account. Date published : 2020-09-17...

The Reset Password add-on before 1.2.0 for Alfresco suffers from CMIS-SQL Injection, which allows a malicious user to inject a query within the email input field. Date published : 2020-09-17 https://amriunix.com/post/alfresco-reset-password-add-on-0-day-vulnerabilities/