Vulnerabilities Archives - RedPacket Security

CVE prog

Vulnerabilities

CVE-2020-3702

September 26, 2021 admin CONFIRM, CVE, CVE-2020-3702, Vendor Advisory, vulnerability

u’Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic’ in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150

CVE prog

Vulnerabilities

CVE-2021-37576

September 26, 2021 admin CVE, CVE-2021-37576, exploit, MISC, vulnerability

arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.

CVE prog

Vulnerabilities

CVE-2021-38160

September 26, 2021 admin CVE, CVE-2021-38160, MISC, Release Notes, vulnerability

** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.

CVE prog

Vulnerabilities

CVE-2021-38166

September 26, 2021 admin CVE, CVE-2021-38166, MISC, patch, vulnerability

In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability.

CVE prog

Vulnerabilities

CVE-2021-40490

September 26, 2021 admin CVE, CVE-2021-40490, MISC, patch, vulnerability

A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.

CVE prog

Vulnerabilities

CVE-2021-40490

September 26, 2021 admin CVE, CVE-2021-40490, MISC, patch, vulnerability

A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.

CVE prog

Vulnerabilities

CVE-2021-39253

September 25, 2021 admin CVE, CVE-2021-39253, MISC, Third Party Advisory, vulnerability

A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.

CVE prog

Vulnerabilities

CVE-2021-39254

September 25, 2021 admin CVE, CVE-2021-39254, MISC, Third Party Advisory, vulnerability

A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22.

CVE prog

Vulnerabilities

CVE-2021-3673

September 25, 2021 admin CVE, CVE-2021-3673, exploit, MISC, vulnerability

A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a crafted LE binary can lead to resource exhaustion and DoS.

CVE prog

Vulnerabilities

CVE-2021-22148

September 25, 2021 admin CVE, CVE-2021-22148, MISC, Vendor Advisory, vulnerability

Elastic Enterprise Search App Search versions before 7.14.0 was vulnerable to an issue where API keys were not bound to the same engines as their creator. This could lead to a less privileged user gaining access to unauthorized engines.

CVE prog

Vulnerabilities

CVE-2021-22149

September 25, 2021 admin CVE, CVE-2021-22149, MISC, Vendor Advisory, vulnerability

Elastic Enterprise Search App Search versions before 7.14.0 are vulnerable to an issue where API keys were missing authorization via an alternate route. Using this vulnerability, an authenticated attacker could utilize API keys belonging to higher privileged users.

CVE prog

Vulnerabilities

CVE-2019-10172

September 24, 2021 admin CONFIRM, CVE, CVE-2019-10172, Issue Tracking, vulnerability

A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes.

CVE prog

Vulnerabilities

CVE-2019-10172

September 24, 2021 admin CONFIRM, CVE, CVE-2019-10172, Issue Tracking, vulnerability

A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes.

CVE prog

Vulnerabilities

CVE-2021-39123

September 24, 2021 admin CVE, CVE-2021-39123, MISC, Third Party Advisory, vulnerability

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to impact the application’s availability via a Denial of Service (DoS) vulnerability in the /rest/gadget/1.0/createdVsResolved/generate endpoint. The affected versions are before version 8.16.0.

CVE prog

Vulnerabilities

CVE-2021-41054

September 24, 2021 admin CVE, CVE-2021-41054, MISC, patch, vulnerability

tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options.

CVE prog

Vulnerabilities

CVE-2019-9489

September 24, 2021 admin CONFIRM, CVE, CVE-2019-9489, patch, vulnerability

A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5 and 9.0) could allow an attacker to modify arbitrary files on the affected product’s management console.

CVE prog

Vulnerabilities

CVE-2021-23048

September 24, 2021 admin CVE, CVE-2021-23048, MISC, Vendor Advisory, vulnerability

On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x, when GPRS Tunneling Protocol (GTP) iRules commands or a GTP profile is configured on a virtual server, undisclosed GTP messages can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

cyber security 1805632 1280

Vulnerabilities

CVE-2021-30869 – Apple / Multiple – Type confusion

September 24, 2021 admin

CVE-2021-30869 is a type confusion vulnerability impacting Apple iOS versions 12.5.4 and earlier, and macOS Catalina security update 2021-005 and earlier. A proof of concept (PoC) was not observed publicly or in the underground. Apple claimed to be aware of the vulnerability being actively exploited in the wild.

CVE prog

Vulnerabilities

CVE-2020-12010

September 23, 2021 admin CVE, CVE-2020-12010, MISC, Third Party Advisory, vulnerability

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow an authenticated user to use a specially crafted file to delete files outside the application’s control.

CVE prog

Vulnerabilities

CVE-2021-38088

September 23, 2021 admin CVE, CVE-2021-38088, MISC, Vendor Advisory, vulnerability

Acronis Cyber Protect 15 for Windows prior to build 27009 allowed local privilege escalation via binary hijacking.

CVE prog

Vulnerabilities

CVE-2021-38086

September 23, 2021 admin CVE, CVE-2021-38086, MISC, Vendor Advisory, vulnerability

Acronis Cyber Protect 15 for Windows prior to build 27009 and Acronis Agent for Windows prior to build 26226 allowed local privilege escalation via DLL hijacking.

CVE prog

Vulnerabilities

CVE-2021-24491

September 23, 2021 admin CVE, CVE-2021-24491, exploit, MISC, vulnerability

The Fileviewer WordPress plugin through 2.2 does not have CSRF checks in place when performing actions such as upload and delete files. As a result, attackers could make a logged in administrator delete and upload arbitrary files via a CSRF attack

CVE prog

Vulnerabilities

CVE-2021-28271

September 23, 2021 admin CVE, CVE-2021-28271, exploit, EXPLOIT-DB, vulnerability

Soyal Technologies SOYAL 701Server 9.0.1 suffers from an elevation of privileges vulnerability which can be used by an authenticated user to change the executable file with a binary choice. The vulnerability is due to improper permissions with the ‘F’ flag (Full) for ‘Everyone’and ‘Authenticated Users’ group.

CVE prog

Vulnerabilities

CVE-2017-3100

September 22, 2021 admin CVE, CVE-2017-3100, MISC, Vendor Advisory, vulnerability

Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 2 BitmapData class. Successful exploitation could lead to memory address disclosure.

← Previous