Vulnerabilities

Join the Telegram channel Posted by psy on Aug 17 Hi Community, I am glad to present a new release of this tool: – https://ufonet.03c8.net “UFONet is a free software, P2P and cryptographic -disruptive toolkit- that allows to perform DoS and DDoS attacks; on the Layer 7 (APP/HTTP) through the […]

Join the Telegram channel Posted by Q C on Aug 14 Advisory: two vulnerabilities found in MikroTik’s RouterOS Details ======= Product: MikroTik’s RouterOS Vendor URL: https://mikrotik.com/ Vendor Status: fixed version released CVE: – Credit: Qian Chen(@cq674350529) of Qihoo 360 Nirvan Team Product Description ================== RouterOS is the operating system used […]

Join the Telegram channel Posted by Pietro Oliva via Fulldisclosure on Aug 11 Vulnerability title: Avian JVM vm::arrayCopy() silent return on negative length Author: Pietro Oliva CVE: CVE-2020-17361 Vendor: ReadyTalk Product: Avian JVM Affected version: 1.2.0 Description: The issue is located in the vm::arrayCopy method defined in classpath-common.h, where multiple […]

Join the Telegram channel Posted by Pietro Oliva via Fulldisclosure on Aug 11 Vulnerability title: Avian JVM vm::arrayCopy() Multiple Integer Overflows Author: Pietro Oliva CVE: CVE-2020-17360 Vendor: ReadyTalk Product: Avian JVM Affected version: 1.2.0 Description: The issue is located in the vm::arrayCopy method defined in classpath-common.h, where multiple boundary checks […]

Join the Telegram channel Posted by Egidio Romano on Aug 11 SugarCRM < 10.1.0 (Reports Export) SQL Injection Vulnerability *• Software Link:* https://www.sugarcrm.com *• Affected Versions:* All versions prior to 10.1.0 (Q3 2020). *• Vulnerability Description:* User input passed through the encoded “current_post” parameter to ‘index.php’ (when “entryPoint” is set […]