KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of the source parameter. Date published : 2021-01-26 http://packetstormsecurity.com/files/161208/Klog-Server-2.4.1-Command-Injection.html https://docs.unsafe-inline.com/0day/klog-server-authenticated-command-injection
packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust store, Date published : 2021-01-26 https://github.com/wekan/wekan/issues/3482 https://github.com/wekan/wekan/pull/3483/commits/31f89121fecca5a761b05cc3a26d4f237e90b484
An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by...
Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow via a long sessionKey to the goform/login URI. Date published : 2021-01-26 https://twitter.com/j0nh4t/status/1349649975479840769
On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator access. Date published : 2021-01-26 https://github.com/nieldk/vulnerabilities/blob/main/zyxel%20nbg2105/Admin%20bypass https://www.zyxel.com/support/SupportLandingSR.shtml?c=gb&l=en&kbid=M-01490&md=NBG2105
Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command. Date published : 2021-01-26 http://packetstormsecurity.com/files/161613/Zen-Cart-1.5.7b-Remote-Code-Execution.html https://github.com/MucahitSaratar/zencart_auth_rce_poc
Node-RED-Dashboard before 2.26.2 allows ui_base/js/..%2f directory traversal to read files. Date published : 2021-01-26 https://github.com/node-red/node-red-dashboard/releases/tag/2.26.2 https://github.com/node-red/node-red-dashboard/issues/669
SmartAgent 3.1.0 allows a ViewOnly attacker to create a SuperUser account via the /#/CampaignManager/users URI. Date published : 2021-01-26 https://orionhridoy.me https://packetstormsecurity.com/files/160906/SmartAgent-3.1.0-Privilege-Escalation.html
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash...
It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space (in the Autolink...
It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs...
node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file. Date published : 2021-01-26 https://github.com/Foddy/node-red-contrib-huemagic/issues/217
Open5GS 2.1.3 listens on 0.0.0.0:3000 and has a default password of 1423 for the admin account. Date published : 2021-01-26 https://github.com/open5gs/open5gs/issues/764
The Application Development Clients component of TIBCO Software Inc.’s TIBCO BPM Enterprise and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically allows a low privileged attacker with network access...