Security News

CVE-2020-10281

National Vulnerability Database - Fri, 07/03/2020 - 11:15
This vulnerability applies to the Micro Air Vehicle Link (MAVLink) protocol and allows a remote attacker to gain access to sensitive information provided it has access to the communication medium. MAVLink is a header-based protocol that does not perform encryption to improve transfer (and reception speed) and efficiency by design. The increasing popularity of the protocol (used accross different autopilots) has led to its use in wired and wireless mediums through insecure communication channels exposing sensitive information to a remote attacker with ability to intercept network traffic.
Categories: Security News

CVE-2020-10282

National Vulnerability Database - Fri, 07/03/2020 - 11:15
The Micro Air Vehicle Link (MAVLink) protocol presents no authentication mechanism on its version 1.0 (nor authorization) whichs leads to a variety of attacks including identity spoofing, unauthorized access, PITM attacks and more. According to literature, version 2.0 optionally allows for package signing which mitigates this flaw. Another source mentions that MAVLink 2.0 only provides a simple authentication system based on HMAC. This implies that the flying system overall should add the same symmetric key into all devices of network. If not the case, this may cause a security issue, that if one of the devices and its symmetric key are compromised, the whole authentication system is not reliable.
Categories: Security News

CVE-2020-7282

National Vulnerability Database - Fri, 07/03/2020 - 10:15
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
Categories: Security News

CVE-2020-7283

National Vulnerability Database - Fri, 07/03/2020 - 10:15
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to create and edit files via symbolic link manipulation in a location they would otherwise not have access to. This is achieved through running a malicious script or program on the target machine.
Categories: Security News

CVE-2020-7281

National Vulnerability Database - Fri, 07/03/2020 - 10:15
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
Categories: Security News

CVE-2020-15518

National Vulnerability Database - Fri, 07/03/2020 - 07:15
VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup & Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O requests.
Categories: Security News

CVE-2019-20419

National Vulnerability Database - Thu, 07/02/2020 - 22:15
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to execute arbitrary code via a DLL hijacking vulnerability in Tomcat. The affected versions are before version 8.5.5, and from version 8.6.0 before 8.7.2.
Categories: Security News

CVE-2020-14172

National Vulnerability Database - Thu, 07/02/2020 - 22:15
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to achieve template injection via the Web Resources Manager. The affected versions are before version 8.8.1.
Categories: Security News

CVE-2020-14173

National Vulnerability Database - Thu, 07/02/2020 - 22:15
The file upload feature in Atlassian Jira Server and Data Center in affected versions allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability. The affected versions are before version 8.5.4, from version 8.6.0 before 8.6.2, and from version 8.7.0 before 8.7.1.
Categories: Security News

CVE-2019-20418

National Vulnerability Database - Thu, 07/02/2020 - 21:15
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to prevent users from accessing the instance via an Application Denial of Service vulnerability in the /rendering/wiki endpoint. The affected versions are before version 8.8.0.
Categories: Security News

CVE-2020-15469

National Vulnerability Database - Thu, 07/02/2020 - 16:15
In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference.
Categories: Security News

CVE-2020-8161

National Vulnerability Database - Thu, 07/02/2020 - 15:15
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
Categories: Security News

CVE-2020-8163

National Vulnerability Database - Thu, 07/02/2020 - 15:15
The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the `locals` argument of a `render` call to perform a RCE.
Categories: Security News

CVE-2020-8166

National Vulnerability Database - Thu, 07/02/2020 - 15:15
A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token.
Categories: Security News

CVE-2020-8176

National Vulnerability Database - Thu, 07/02/2020 - 15:15
A cross-site scripting vulnerability exists in koa-shopify-auth v3.1.61-v3.1.62 that allows an attacker to inject JS payloads into the `shop` parameter on the `/shopify/auth/enable_cookies` endpoint.
Categories: Security News

CVE-2020-8179

National Vulnerability Database - Thu, 07/02/2020 - 15:15
Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to inject tasks into other users decks.
Categories: Security News

CVE-2020-8185

National Vulnerability Database - Thu, 07/02/2020 - 15:15
A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.
Categories: Security News

CVE-2020-8188

National Vulnerability Database - Thu, 07/02/2020 - 15:15
We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description below:View only users can run certain custom commands which allows them to assign themselves unauthorized roles and escalate their privileges.
Categories: Security News

CVE-2020-11074 (prestashop)

National Vulnerability Database - Thu, 07/02/2020 - 13:15
In PrestaShop from version 1.5.3.0 and before version 1.7.7.6, there is a stored XSS when using the name of a quick access item. The problem is fixed in 1.7.7.6.
Categories: Security News

CVE-2020-15079

National Vulnerability Database - Thu, 07/02/2020 - 13:15
In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, there is improper access control in Carrier page, Module Manager and Module Positions. The problem is fixed in version 1.7.6.6
Categories: Security News

Pages