FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl). Date published : 2020-12-26 https://security.netapp.com/advisory/ntap-20210129-0007/ https://github.com/FasterXML/jackson-databind/issues/2999
Autobahn|Python before 20.12.3 allows redirect header injection. Date published : 2020-12-26 https://autobahn.readthedocs.io/en/latest/changelog.html https://github.com/crossbario/autobahn-python/pull/1439
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated...
Beijing Huorong Internet Security 5.0.55.2 allows a non-admin user to escalate privileges by injecting code into a process, and then waiting for a Huorong services restart or a system reboot. Date published : 2020-12-26...
DEXT5Upload 2.7.1262310 and earlier is affected by Directory Traversal in handler/dext5handler.jsp. This could allow remote files to be downloaded via a dext5CMD=downloadRequest action with traversal in the fileVirtualPath parameter (the attacker must provide the...
Flamingo (aka FlamingoIM) through 2020-09-29 allows ../ directory traversal because the only ostensibly unpredictable part of a file-transfer request is an MD5 computation; however, this computation occurs on the client side, and the computation...
Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::addUser. Date published : 2020-12-26 https://github.com/balloonwj/flamingo/issues/47
Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::addGroup. Date published : 2020-12-26 https://github.com/balloonwj/flamingo/issues/47
Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::updateUserInfoInDb. Date published : 2020-12-26 https://github.com/balloonwj/flamingo/issues/47
Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::updateUserTeamInfoInDbAndMemory. Date published : 2020-12-26 https://github.com/balloonwj/flamingo/issues/47
struct2json before 2020-11-18 is affected by a Buffer Overflow because strcpy is used for S2J_STRUCT_GET_string_ELEMENT. Date published : 2020-12-26 https://github.com/armink/struct2json/issues/13
** DISPUTED ** The serializer module in OAID Tengine lite-v1.0 has a Buffer Overflow and crash. NOTE: another person has stated "I don’t think there is an proof of overflow so far." Date published...
Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to cause a persistent denial of service (segmentation fault) via a long /goform/langSwitch langSelectionOnly parameter. Date published : 2020-12-25 https://bugcrowd.com/disclosures/72d7246b-f77f-4f7f-9bd1-fdc35663cc92/linksys-re6500-unauthenticated-rce-working-across-multiple-fw-versions https://downloads.linksys.com/support/assets/releasenotes/ExternalReleaseNotes_RE6500_1.0.012.001.txt
Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote authenticated users to execute arbitrary commands via shell metacharacters in a filename to the upload_settings.cgi page. Date published : 2020-12-25 https://bugcrowd.com/disclosures/72d7246b-f77f-4f7f-9bd1-fdc35663cc92/linksys-re6500-unauthenticated-rce-working-across-multiple-fw-versions https://downloads.linksys.com/support/assets/releasenotes/ExternalReleaseNotes_RE6500_1.0.012.001.txt