Monthly Archive: May 2021

Arbitrary PHP code execution vulnerability in Drupal Core under certain circumstances. An attacker could trick an administrator into visiting a malicious site that could result in creating a carefully named directory on the file...

Open Redirect vulnerability in Drupal Core allows a user to be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL. This issue affects: Drupal Drupal Core 7...

An issue was discovered in SolarWinds Serv-U before 15.2.2. Unauthenticated attackers can retrieve cleartext passwords via macro Injection. NOTE: this had a distinct fix relative to CVE-2020-35481. Date published : 2021-05-04 https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2-2_release_notes.htm

Apache Unomi prior to version 1.5.5 allows CRLF log injection because of the lack of escaping in the log statements. Date published : 2021-05-04 http://unomi.apache.org/security/cve-2021-31164

Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis 6.2 before 6.2.3 could be exploited to corrupt the...

Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer could be exploited using the...

The Package Manager of CODESYS Development System 3 before 3.5.17.0 does not check the validity of packages before installation and may be used to install CODESYS packages with malicious content. Date published : 2021-05-04...

Insecure Permissions in Centreon Web versions 19.10.18, 20.04.8, and 20.10.2 allows remote attackers to bypass validation by changing any file extension to ".gif", then uploading it in the "Administration/ Parameters/ Images" section of the...

SolarWinds Serv-U before 15.2 is affected by Cross Site Scripting (XSS) via the HTTP Host header. Date published : 2021-05-04 https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2_release_notes.htm https://github.com/matrix

The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source. Date published : 2021-05-04 https://security.netapp.com/advisory/ntap-20210618-0007/ https://github.com/handlebars-lang/handlebars.js/commit/f0589701698268578199be25285b2ebea1c1e427

All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity. Date published : 2021-05-04 https://github.com/jbgutierrez/path-parse/issues/8 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1279028

In IoT Devices SDK, there is an implementation of calloc() that doesn’t have a length check. An attacker could pass in memory objects larger than the buffer and wrap around to have a smaller...

Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required. Date published : 2021-05-04 http://packetstormsecurity.com/files/162604/Dell-DBUtil_2_3.sys-IOCTL-Memory-Read-Write.html http://packetstormsecurity.com/files/162739/DELL-dbutil_2_3.sys-2.3-Arbitrary-Write-Privilege-Escalation.html

The IBM FlashSystem 900 user management GUI is vulnerable to stored cross-site scripting in code versions 1.5.2.8 and prior and 1.6.1.2 and prior. This vulnerability allows users to embed arbitrary JavaScript code in the...