A memory corruption vulnerability is present in bspatch as shipped in Colin Percival’s bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an attacker to bypass the sanity…
>> ARCHIVE: 2020-07
Multiple Rittal Products based on the same software suffer from CLI menu bypass, insecure configuration, hard-coded backdoor account, outdated component, command injection, and privilege escalation vulnerabilities. Products include but are…
Aruba ClearPass Policy Manager 6.7.0 – Unauthenticated Remote Command Execution
Barangay Management System 1.0 – Authentication Bypass
HelloWeb 2.0 – Arbitrary File Download
Savsoft Quiz 5 – Persistent Cross-Site Scripting
WordPress Plugin Powie’s WHOIS Domain Check 0.9.31 – Persistent Cross-Site Scripting
FrootVPN 4.8 – ‘frootvpn’ Unquoted Service Path
Sickbeard version 0.1 suffers from a remote command injection vulnerability.
BIG-IP versions 15.0.0 through 15.1.0.3, 14.1.0 through 14.1.2.5, 13.1.0 through 13.1.3.3, 12.1.0 through 12.1.5.1, and 11.6.1 through 11.6.5.1 suffer from Traffic Management User Interface (TMUI) arbitrary file read and command…