Monthly Archive: June 2021

In various functions of CryptoPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...

In various functions of DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...

In handle_rc_metamsg_cmd of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User...

In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is...

In the Settings app, there is a possible way to disable an always-on VPN due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed....

In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User...

In updateDrawable of StatusBarIconView.java, there is a possible permission bypass due to an uncaught exception. This could lead to local escalation of privilege by running foreground services without notifying the user, with User execution...

Greenbone Security Assistant (GSA) before 7.0.3 and Greenbone OS (GOS) before 5.0.0 allow Host Header Injection. Date published : 2021-06-21 https://github.com/greenbone/gsa/pull/318 https://github.com/greenbone/gsa/releases/tag/v7.0.3

Greenbone Security Assistant (GSA) before 8.0.2 and Greenbone OS (GOS) before 5.0.10 allow XSS during 404 URL handling in gsad. Date published : 2021-06-21 https://github.com/greenbone/gsa/blob/master/CHANGELOG.md#802—2020-05-13 https://github.com/greenbone/gsa/issues/1601

An issue was discovered in the stripTags and unescapeHTML components in Prototype 1.7.3 where an attacker can cause a Regular Expression Denial of Service (ReDOS) through stripping crafted HTML tags. Date published : 2021-06-21...

Akaunting

Cross Site Scripting (XSS) vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php. Date published : 2021-06-21 http://metinfo.com https://github.com/lvyyevd/cms/blob/master/metinfo/metinfo7.0.0.md

Cross Site Scripting (XSS) vulnerability in HisiPHP 2.0.8 via the group name in addgroup.html. Date published : 2021-06-21 https://github.com/hisiphp/hisiphp/issues/7

White Shark System (WSS) 1.3.2 has a SQL injection vulnerability. The vulnerability stems from the default_task_edituser.php files failing to filter the csa_to_user parameter. Remote attackers can exploit the vulnerability to obtain database sensitive information....