remark42 before 1.6.1 allows XSS, as demonstrated by "Locator: Locator{URL:" followed by an XSS payload. This is related to backend/app/store/comment.go and backend/app/store/service/service.go. Date published : 2021-03-27 https://github.com/umputun/remark42/compare/v1.6.0…v1.6.1 https://vuln.ryotak.me/advisories/19
Unauthenticated stored cross-site scripting (XSS) exists in multiple TP-Link products including WIFI Routers (Wireless AC routers), Access Points, ADSL + DSL Gateways and Routers, which affects TD-W9977v1, TL-WA801NDv5, TL-WA801Nv6, TL-WA802Nv5, and Archer C3150v2 devices...
The custom menu item options page in SolarWinds Orion Platform before 2020.2.5 allows Reverse Tabnabbing in the context of an administrator account. Date published : 2021-03-26 https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm https://support.solarwinds.com/SuccessCenter/s/
An issue was discovered in the Linux kernel before 5.11.9. drivers/vhost/vdpa.c has a use-after-free because v->config_ctx has an invalid value upon re-opening a character device, aka CID-f6bbf0010ba0. Date published : 2021-03-26 https://security.netapp.com/advisory/ntap-20210513-0005/ https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.9
An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service (GPF) because the stub-up sequence has race conditions during an update of the...
An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving...
MicroSeven MYM71080i-B 2.0.5 through 2.0.20 devices send admin credentials in cleartext to pnp.microseven.com TCP port 7007. An attacker on the same network as the device can capture these credentials. Date published : 2021-03-26 https://blog.microseven.com...
BTCPay Server before 1.0.6.0, when the payment button is used, has a privacy vulnerability. Date published : 2021-03-26 https://blog.btcpayserver.org/btcpay-server-1-0-6-0/ https://github.com/btcpayserver/btcpayserver/releases
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a setuid (and/or setgid) file. When a component is run as an argument of the runpicEhealth executable, the script code will be...
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a malicious library in the writable RPATH,...
CA eHealth Performance Manager through 6.3.2.12 is affected by Improper Restriction of Excessive Authentication Attempts. An attacker is able to perform an arbitrary number of /web/frames/ authentication attempts using different passwords, and eventually gain...
CA eHealth Performance Manager through 6.3.2.12 is affected by Cross Site Scripting (XSS). The impact is: An authenticated remote user is able to inject arbitrary web script or HTML due to incorrect sanitization of...
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. A regular user must create a malicious library in the writable RPATH, to be dynamically linked...
An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access. Date published : 2021-03-26 https://security.samsungmobile.com/securityUpdate.smsb https://security.samsungmobile.com