Monthly Archive: January 2021

An issue was discovered in the im crate through 2020-11-09 for Rust. Because TreeFocus does not have bounds on its Send trait or Sync trait, a data race can occur. Date published : 2021-01-22...

An issue was discovered in the reffers crate through 2020-12-01 for Rust. ARefss can contain a !Send,!Sync object, leading to a data race and memory corruption. Date published : 2021-01-22 https://rustsec.org/advisories/RUSTSEC-2020-0094.html

An issue was discovered in the async-h1 crate before 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy. Date published : 2021-01-22 https://rustsec.org/advisories/RUSTSEC-2020-0093.html

ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated. Date published : 2021-01-22 https://security.netapp.com/advisory/ntap-20210304-0003/ http://www.openwall.com/lists/oss-security/2021/01/18/2

This affects the package vis-timeline before 7.4.4. An attacker with the ability to control the items of a Timeline element can inject additional script code into the generated application. Date published : 2021-01-22 https://github.com/visjs/vis-timeline/issues/838...

In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible way to access contacts due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not...

In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-140729426...

** DISPUTED ** The Yale WIPC-303W 2.21 through 2.31 camera is vulnerable to remote command execution (RCE) through command injection via the HTTP API. NOTE: This may be a duplicate of CVE-2020-10176 . Date...

An issue was discovered in ming-soft MCMS v5.0, where a malicious user can exploit SQL injection without logging in through /mcms/view.do. Date published : 2021-01-22 https://github.com/ming-soft/MCMS/issues/45

Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices before 10.04k allows remote attackers to read a session-file and obtain plain-text user credentials. Date published : 2021-01-22 https://github.com/Outpost24/Pyrescom-Termod-PoC https://outpost24.com/blog/multiple-vulnerabilities-discovered-in-Pyrescom-Termod4-smart-device

Local file inclusion in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to traverse directories and read sensitive files via the Maintenance > Logs menu and manipulating the file-path in the...

Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to arbitrary commands as root on the devices. Date published : 2021-01-22 https://github.com/Outpost24/Pyrescom-Termod-PoC https://outpost24.com/blog/multiple-vulnerabilities-discovered-in-Pyrescom-Termod4-smart-device

APfell 1.4 is vulnerable to authenticated reflected cross-site scripting (XSS) in /apiui/command_ through the payloadtypes_callback function, which allows an attacker to steal remote admin/user session and/or adding new users to the administration panel. Date...

A specially crafted Markdown document could cause the execution of malicious JavaScript code in Caret Editor before 4.0.0-rc22. Date published : 2021-01-22 http://seclists.org/fulldisclosure/2021/Jan/59 http://packetstormsecurity.com/files/161072/Caret-Editor-4.0.0-rc21-Remote-Code-Execution.html