Monthly Archive: May 2021

CVE-2020-26678

vFairs 3.3 is affected by Remote Code Execution. Any user logged in to a vFairs virtual conference or event can abuse the functionality to upload a profile picture in order to place a malicious...

CVE-2020-26677

Any user logged in to a vFairs 3.3 virtual conference or event can perform SQL injection with a malicious query to the API. Date published : 2021-05-26 Home v5 https://api.vfairs.com/v1/users/

CVE-2020-25724

A flaw was found in RESTEasy, where an incorrect response to an HTTP request is provided. This flaw allows an attacker to gain access to privileged information. The highest threat from this vulnerability is...

CVE-2020-25697

A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the server...

CVE-2020-25669

A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still...

CVE-2020-25634

A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials. This flaw allows an attacker to view sensitive information or modify service APIs. Versions before 3scale-2.10.0-ER1 are...

CVE-2020-22024

Buffer Overflow vulnerability in FFmpeg 4.2 at the lagfun_frame16 function in libavfilter/vf_lagfun.c, which could let a remote malicious user cause Denial of Service. Date published : 2021-05-26 https://trac.ffmpeg.org/ticket/8310