Files Date: 2020-10-19 to 2020-10-20 ≈ Packet Storm

Channel: Files Date: 2020-10-19 to 2020-10-20 ≈ Packet Storm

Nagios XI 5.7.3 SQL Injection

October 19, 2020, 8:11 am

Nagios XI version 5.7.3 suffers from multiple remote SQL injection vulnerabilities.

View Article

QRadar RemoteJavaScript Deserialization

October 19, 2020, 8:15 am

A Java deserialization vulnerability exists in the QRadar RemoteJavaScript Servlet. An authenticated user can call one of the vulnerable methods and cause the Servlet to deserialize arbitrary objects....

View Article

Online Student's Management System 1.0 Shell Upload

October 19, 2020, 8:18 am

Online Student's Management System version 1.0 suffers from a remote shell upload vulnerability.

View Article

Online Discussion Forum Site 1.0 Cross Site Scripting

October 19, 2020, 8:19 am

Online Discussion Forum Site version 1.0 suffers from a cross site scripting vulnerability.

View Article

OX App Suite / OX Documents 7.10.3 XSS / Server-Side Request Forgery

October 19, 2020, 8:34 am

OX App Suite and OX Documents versions 7.10.3 and some prior versions suffer from information exposure, server-side request forgery, and cross site scripting vulnerabilities.

View Article

Online Job Portal 1.0 Cross Site Scripting

October 19, 2020, 8:36 am

Online Job Portal version 1.0 suffers from a persistent cross site scripting vulnerability.

View Article

TinyMCE 5 HTML Injection

October 19, 2020, 8:41 am

TinyMCE 5 suffers from an html injection vulnerability.

View Article

Chrome XRSystem::FocusedFrameChanged and...

October 19, 2020, 8:42 am

Chrome suffers from a use-after-free vulnerability in XRSystem::FocusedFrameChanged and FocusController::NotifyFocusChangedObservers.

View Article

HiSilicon Video Encoder 1.97 File Disclosure / Path Traversal

October 19, 2020, 8:42 am

HiSilicon Video Encoder versions up to 1.97 suffer from a path traversal vulnerability that allows for file disclosure.

View Article

ReQuest Serious Play Media Player 3.0 File Disclosure / Path Traversal

October 19, 2020, 8:44 am

ReQuest Serious Play Media Player version 3.0 suffers from an unauthenticated file disclosure vulnerability when input passed through the file parameter in tail.html and file.html script is not...

View Article

HiSilicon Video Encoder Command Injection

October 19, 2020, 8:46 am

HiSilicon Video Encoder suffers from a remote command injection vulnerability. Versions affected are vendor specific.

View Article

ReQuest Serious Play F3 Media Server 7.0.3 Debug Log Disclosure

October 19, 2020, 8:48 am

ReQuest Serious Play F3 Media Server version 7.0.3 suffers from a debug log disclosure vulnerability. An unauthenticated attacker can visit the message_log page and disclose the webserver's Python...

View Article

HiSilicon Video Encoder Malicious Firmware Code Execution

October 19, 2020, 8:50 am

HiSilicon Video Encoder suffers from a remote code execution vulnerability via an unauthenticated upload of malicious firmware. Versions affected are vendor specific.

View Article

Red Hat Security Advisory 2020-4272-01

October 19, 2020, 8:51 am

Red Hat Security Advisory 2020-4272-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include...

View Article

HiSilicon Video Encoder Backdoor Password

October 19, 2020, 8:52 am

HiSilicon Video Encoder allows for full administrative access via a backdoor password. Versions affected are vendor specific.

View Article

ReQuest Serious Play F3 Media Server 7.0.3 Denial Of Service

October 19, 2020, 8:53 am

ReQuest Serious Play F3 Media Server version 7.0.3 suffers from a denial of service vulnerability. The device can be shutdown or rebooted by an unauthenticated attacker when issuing one HTTP GET request.

View Article

Jenkins 2.63 Sandbox Bypass

October 19, 2020, 8:56 am

Jenkins version 2.63 suffers from a sandbox bypass vulnerability.

View Article

Red Hat Security Advisory 2020-4274-01

October 19, 2020, 8:57 am

Red Hat Security Advisory 2020-4274-01 - The Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework. Issues...

View Article