The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/detail.php?subdomain=SSRF. Date published : 2020-11-30 http://packetstormsecurity.com/files/160358/WordPress-Canto-1.3.0-Server-Side-Request-Forgery.html https://gist.github.com/p4nk4jv/87aebd999ce4b28063943480e95fd9e0
ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer...
SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter. Date published : 2020-11-30 https://www.synology.com/security/advisory/Synology_SA_20_25 https://github.com/thomasfady/Synology_SA_20_25
Multiple cross-site scripting (XSS) vulnerabilities in Synology SafeAccess before 1.2.3-0234 allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) profile parameter. Date published : 2020-11-30 https://www.synology.com/security/advisory/Synology_SA_20_25 https://github.com/thomasfady/Synology_SA_20_25
Quick Heal Total Security before 19.0 allows attackers with local admin rights to obtain access to files in the File Vault via a brute-force attack on the password. Date published : 2020-11-30 How I...
Quick Heal Total Security before version 19.0 transmits quarantine and sysinfo files via clear text. Date published : 2020-11-30 How I Received 3 CVEs in Quick Heal Total Security
Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify sensitive anti virus settings via a brute-attack on the settings password. Date published : 2020-11-30 How I Received 3 CVEs...
hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver. Date published : 2020-11-30 https://security.netapp.com/advisory/ntap-20201210-0005/ https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05492.html
File upload vulnerability exists in UCMS 1.5.0, and the attacker can take advantage of this vulnerability to obtain server management permission. Date published : 2020-11-30 https://github.com/BigTiger2020/UCMS/blob/main/UCMS%20v1.5.0%20Arbitrary%20file%20upload%20vulnerability%20get%20shell.md https://sunian19.github.io/2020/09/11/UCMS%20v1.5.0%20Arbitrary%20file%20upload%20vulnerability/
Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows attackers to change the password of a user. Date published : 2020-11-30 https://github.com/AvaterXXX/PbootCMS/blob/master/CSRF.md
Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation....
An issue was discovered on Canon MF237w 06.07 devices. An "Improper Handling of Length Parameter Inconsistency" issue in the IPv4/ICMPv4 component, when handling a packet sent by an unauthenticated network attacker, may expose Sensitive...
containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access...
Affected versions of Automation for Jira – Server allowed remote attackers to read and render files as mustache templates in files inside the WEB-INF/classes & /jira/bin directories via a template injection vulnerability in Jira...