Monthly Archive: April 2022

PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure. An attacker capable of exploiting this vulnerability may be able to successfully complete an MFA...

A misconfiguration of RSA in PingID iOS app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login. Date published : 2022-04-30 https://docs.pingidentity.com/bundle/pingid/page/ejd1642076304199.html https://www.pingidentity.com/en/resources/downloads/pingid.html

A misconfiguration of RSA in PingID Android app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login. Date published : 2022-04-30 https://docs.pingidentity.com/bundle/pingid/page/zvy1641459415679.html https://www.pingidentity.com/en/resources/downloads/pingid.html

A misconfiguration of RSA in PingID Windows Login prior to 2.7 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass. Date published : 2022-04-30 https://docs.pingidentity.com/bundle/pingid/page/klc1641469599716.html https://www.pingidentity.com/en/resources/downloads/pingid.html

Multiple components in Apache NiFi 0.0.1 to 1.16.0 do not restrict XML External Entity references in the default configuration. The Standard Content Viewer service attempts to resolve XML External Entity references when viewing formatted...

An issue was discovered in MediaWiki through 1.37.2. The SecurePoll extension allows a leak because sorting by timestamp is supported, Date published : 2022-04-30 https://gerrit.wikimedia.org/r/q/93758c4c13b972d240a6313e0472df1667118893 https://gerrit.wikimedia.org/r/q/I9d3b9a942ea71d777ec32121fa36262f549d283d

Wondershare LTD Dr. Fone as of 2021-12-06 version is affected by Remote code execution. Due to software design flaws an unauthenticated user can communicate over UDP with the "InstallAssistService.exe" service(the service is running under...

Wondershare Dr. Fone Latest version as of 2021-12-06 is vulnerable to Incorrect Access Control. A normal user can send manually crafted packets to the ElevationService.exe and execute arbitrary code without any validation with SYSTEM...

Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various files from the server without any authentication or authorization. Date published : 2022-04-29 https://www.cisa.gov/uscert/ics/advisories/icsa-22-109-05

Elcomplus SmartPTT SCADA Server web application does not, or cannot, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. Date published : 2022-04-29 https://www.cisa.gov/uscert/ics/advisories/icsa-22-109-05

A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object followed by...

A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based...

A cross-site scripting (XSS) vulnerability exists in the "contact us" plugin for Subrion CMS

The Magic CMS MSVOD v10 video system has a SQL injection vulnerability. Attackers can use vulnerabilities to obtain sensitive information in the database. Date published : 2022-04-29 https://www.cnvd.org.cn/flaw/show/CNVD-2021-35892