See a list of the latest CVEs we send weekly to subscribers.
The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file.
smarty:smarty debian:debian_linux
Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.
adobe:animate_cc
A stored CSV Injection vulnerability was reported in Lenovo XClarity Controller (XCC) that could allow an administrative or other appropriately permissioned user to store malformed data in certain XCC server informational fields, that could result in crafted formulas being stored in an exported CSV file. The crafted formula is not executed on XCC itself and has no effect on the server.
lenovo:xclarity_controller
A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an authenticated user to execute code as another user.
lenovo:system_interface_foundation
The login feature in "/cgi-bin/portal" in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via any parameter. This vulnerability affects many mail system of governments, organizations, companies and universities.
openfind:mail2000
Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .
adobe:illustrator_cc
A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned DLL.
lenovo:system_interface_foundation
The "/cgi-bin/go" page in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via ACTION parameter without authentication. The code can executed for any user accessing the page. This vulnerability affects many mail system of governments, organizations, companies and universities.
openfind:mail2000
Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to information disclosure.
adobe:bridge_cc
A cross-site request forgery vulnerability in Jenkins Google Compute Engine Plugin 4.1.1 and earlier in ComputeEngineCloud#doProvision could be used to provision new agents.
jenkins:google_compute_engine
Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to information disclosure.
adobe:bridge_cc
Adobe Illustrator CC versions 23.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.
adobe:illustrator_cc
Jenkins Google Compute Engine Plugin 4.1.1 and earlier does not verify SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks.
jenkins:google_compute_engine
Missing permission checks in various API endpoints in Jenkins Google Compute Engine Plugin 4.1.1 and earlier allow attackers with Overall/Read permission to obtain limited information about the plugin configuration and environment.
jenkins:google_compute_engine
A potential vulnerability in the discontinued Customer Engagement Service (CCSDK) software version 2.0.21.1 may allow local privilege escalation.
lenovo:customer_engagement_service
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Through an undocumented sequence of keypresses, undocumented functionality is triggered. A diagnostics shell is triggered via CTRL-ALT-t, which prompts for the password returned by fds_sys_passDebugPasswd_ret(). The firmware contains access control checks that determine if remote users are allowed to access this functionality. The function that performs this check (fds_sys_remoteDebugEnable_ret in libfds.so) always return TRUE with no actual checks performed. The diagnostics menu allows for reading/writing arbitrary registers and various other configuration parameters which are believed to be related to the network interface chips.
zyxel:gs1900-8hp_firmware zyxel:gs1900-24hp_firmware zyxel:gs1900-8_firmware zyxel:gs1900-10hp_firmware zyxel:gs1900-16_firmware zyxel:gs1900-24e_firmware zyxel:gs1900-24_firmware zyxel:gs1900-48_firmware zyxel:gs1900-48hp_firmware
An XML external entity (XXE) vulnerability in CommandCenterWebServices/.*?wsdl in Raritan CommandCenter Secure Gateway before 8.0.0 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
raritan:commandcenter_secure_gateway
A potential vulnerability in the discontinued LenovoPaper software version 1.0.0.22 may allow local privilege escalation.
lenovo:paper
The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server.
apache:solr
Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes..
status:statusnet
Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the 'themename' parameter by setting default, modifying and deleting themes. A remote attacker with Zikula administrator privilege could use this flaw to execute arbitrary HTML or web script code in the context of the affected website.
ziku:zikula
Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
adobe:media_encoder
Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .
adobe:illustrator_cc
Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
adobe:media_encoder
Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
adobe:media_encoder
Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
adobe:media_encoder
A potential vulnerability reported in ThinkPad USB-C Dock Firmware version 3.7.2 may allow a denial of service.
lenovo:thinkpad_usb-c_dock_firmware
Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
adobe:media_encoder
Cross-site scripting (XSS) vulnerability in statusnet through 2010 in error message contents.
status:statusnet
tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes.
redhat:enterprise_linux_desktop redhat:enterprise_linux_workstation redhat:enterprise_linux_server redhat:enterprise_linux debian:debian_linux redhat:tuned fedoraproject:fedora
Code42 server through 7.0.2 for Windows has an Untrusted Search Path. In certain situations, a non-administrative attacker on the local server could create or modify a dynamic-link library (DLL). The Code42 service could then load it at runtime, and potentially execute arbitrary code at an elevated privilege on the local server.
code42:code42
Code42 app through version 7.0.2 for Windows has an Untrusted Search Path. In certain situations, a non-administrative attacker on the local machine could create or modify a dynamic-link library (DLL). The Code42 service could then load it at runtime, and potentially execute arbitrary code at an elevated privilege on the local machine.
code42:code42
Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access.
intel:core_i9-9900x_firmware intel:core_i9-10920x_firmware intel:graphics_driver intel:celeron_g3930e_firmware intel:core_i7-10710u_firmware intel:core_i7-6770hq_firmware intel:core_i5-8500b_firmware intel:core_m-5y10a_firmware intel:xeon_e-2276me_firmware intel:core_i3-9300t_firmware intel:celeron_n2806_firmware intel:core_i9-9940x_firmware intel:pentium_gold_g5400_firmware intel:core_m3-7y30_firmware intel:pentium_gold_g4560_firmware intel:xeon_e3-1565l_v5_firmware intel:core_i3-9320_firmware intel:xeon_e-2278gel_firmware intel:pentium_j3710_firmware intel:core_i7-7700_firmware intel:core_i5-9300h_firmware intel:pentium_3560m_firmware intel:core_i5-9500_firmware intel:core_i5-8400_firmware intel:xeon_e-2276ml_firmware intel:core_i7-7820hk_firmware intel:xeon_e-2226g_firmware intel:core_i7-8809g_firmware intel:core_i7-10510u_firmware intel:pentium_gold_g4620_firmware intel:core_i7-5600u_firmware intel:core_m7-6y75_firmware intel:core_i7-9850h_firmware intel:core_i3-5157u_firmware intel:pentium_gold_g5400t_firmware intel:core_i5-7y54_firmware intel:celeron_g4900_firmware intel:core_i5-6360u_firmware intel:core_i9-9900t_firmware intel:xeon_e-2176m_firmware intel:core_i7-8500y_firmware intel:core_i5-9600_firmware intel:core_i3-9100t_firmware intel:xeon_e-2224_firmware intel:core_i7-8565u_firmware intel:celeron_n4120_firmware intel:celeron_n2810_firmware intel:core_i7-9750h_firmware intel:celeron_n2815_firmware intel:celeron_g4932e_firmware intel:xeon_e3-1505l_v6_firmware intel:celeron_j1850_firmware intel:core_i7-6700hq_firmware intel:celeron_j4005_firmware intel:xeon_e3-1558l_v5_firmware intel:core_i5-8600_firmware intel:celeron_n3350e_firmware intel:xeon_e-2288g_firmware intel:xeon_e3-1505m_v5_firmware intel:core_i3-5010u_firmware intel:core_i7-8665u_firmware intel:core_i3-7167u_firmware intel:pentium_silver_j5005_firmware intel:celeron_g4920_firmware intel:celeron_n3150_firmware intel:xeon_e-2244g_firmware intel:core_i9-7960x_firmware intel:core_i5-7200u_firmware intel:celeron_j4105_firmware intel:core_m5-6y57_firmware intel:core_i9-9980xe_firmware intel:core_i5-7300hq_firmware intel:atom_x7-e3950_firmware intel:core_i5-5350h_firmware intel:celeron_n2807_firmware intel:core_m-5y31_firmware intel:xeon_e-2286g_firmware intel:core_i9-9980hk_firmware intel:core_i7-7600u_firmware intel:core_i5-5257u_firmware intel:celeron_j4025_firmware intel:core_i7-8559u_firmware intel:core_i7-5700hq_firmware redhat:enterprise_linux_server_eus intel:core_i9-9920x_firmware intel:xeon_e-2254me_firmware intel:core_i5-6200u_firmware intel:celeron_j3355e_firmware intel:celeron_n2830_firmware intel:xeon_e-2136_firmware intel:core_m-5y51_firmware intel:core_i3-8300_firmware intel:core_i7-9700k_firmware intel:core_i5-6260u_firmware intel:pentium_gold_g5600_firmware intel:core_i5-8265u_firmware intel:celeron_g3930t_firmware intel:celeron_g3902e_firmware intel:core_i3-7100t_firmware intel:core_i5-7600_firmware intel:core_i5-1035g4_firmware intel:xeon_e3-1505l_v5_firmware intel:atom_x5-e3940_firmware intel:core_i3-8300t_firmware intel:core_i5-7360u_firmware intel:core_i5-7y57_firmware intel:core_i5-6287u_firmware intel:pentium_g4400_firmware intel:core_i7-6500u_firmware intel:core_i7-7700k_firmware intel:core_m3-6y30_firmware intel:pentium_4405y_firmware intel:core_i5\+8400_firmware intel:xeon_e3-1578l_v5_firmware intel:celeron_g3900t_firmware redhat:enterprise_linux_server_tus intel:celeron_n2805_firmware intel:pentium_j4205_firmware intel:core_i7-7560u_firmware intel:core_i7-5950hq_firmware intel:core_m-5y10c_firmware intel:pentium_gold_4410y_firmware intel:core_i9-9960x_firmware intel:core_i7-6820hk_firmware intel:pentium_gold_g5420_firmware intel:core_i3-7320_firmware intel:celeron_j1900_firmware intel:pentium_gold_4415u_firmware intel:celeron_n3350_firmware intel:celeron_g3930te_firmware intel:core_i5-8350u_firmware intel:xeon_e-2126g_firmware intel:xeon_e-2226ge_firmware intel:core_i5-1035g1_firmware intel:xeon_e-2144g_firmware intel:core_i9-9900k_firmware intel:pentium_gold_g5620_firmware intel:core_i9-9900ks_firmware intel:core_i7-9700t_firmware intel:celeron_n4000_firmware intel:core_i7\+8700_firmware intel:celeron_n2920_firmware intel:core_i5-5350u_firmware intel:core_i7-6567u_firmware intel:core_i5-7400_firmware intel:xeon_e-2254ml_firmware intel:core_m5-6y54_firmware intel:core_i9-7900x_firmware intel:core_i7-6560u_firmware intel:core_i3-6167u_firmware intel:core_i7-6700te_firmware intel:core_i7-8650u_firmware intel:core_i7-8850h_firmware intel:xeon_e-2276g_firmware intel:core_i3-10110u_firmware intel:core_i7-8700b_firmware intel:core_i9-8950hk_firmware intel:core_i7-9700_firmware intel:core_i5-9400_firmware intel:celeron_g4950_firmware intel:celeron_n2808_firmware intel:xeon_e-2276m_firmware intel:xeon_e-2186g_firmware intel:core_i3-8109u_firmware intel:core_i5-6500_firmware intel:pentium_a1020_firmware intel:core_i3-7300_firmware intel:core_i5-8400h_firmware intel:pentium_d1509_firmware intel:core_i7-7500u_firmware intel:core_i3-8100_firmware intel:core_i7-8700t_firmware intel:celeron_g4930t_firmware intel:core_i3-10110y_firmware intel:pentium_n3530_firmware intel:core_i5-7300u_firmware intel:core_i7-5850hq_firmware intel:pentium_d1508_firmware intel:xeon_e-2224g_firmware intel:celeron_n2820_firmware intel:core_i7-7800x_firmware intel:pentium_silver_n5030_firmware intel:celeron_n2930_firmware intel:celeron_g3950_firmware intel:xeon_e-2274g_firmware intel:celeron_n4100_firmware intel:core_i3-8350k_firmware intel:xeon_e-2236_firmware intel:core_i7-7567u_firmware intel:core_i5-10210u_firmware intel:core_i3-9100_firmware intel:core_i7-8750h_firmware intel:core_i5-7400t_firmware intel:celeron_j3355_firmware intel:core_i3-7100u_firmware intel:core_m3-8100y_firmware intel:core_i5-8305g_firmware intel:core_i3-7100h_firmware intel:core_i7-7700hq_firmware intel:celeron_g4930e_firmware intel:xeon_e3-1545m_v5_firmware intel:core_i7-8706g_firmware intel:core_i7-6700t_firmware intel:core_i5-8259u_firmware intel:core_i7-7y75_firmware intel:celeron_j3455_firmware intel:core_i5-6300hq_firmware intel:xeon_e-2246g_firmware intel:core_i5-1035g7_firmware intel:core_i7-5775c_firmware intel:pentium_4405u_firmware intel:celeron_n3000_firmware intel:core_i7-6650u_firmware intel:celeron_n2840_firmware intel:core_i3-5005u_firmware intel:celeron_n3160_firmware intel:core_i5-7500_firmware intel:xeon_e-2278g_firmware intel:pentium_gold_g5420t_firmware intel:core_i5-7500t_firmware intel:core_i3-7300t_firmware intel:core_i5-9400t_firmware intel:core_i5-8250u_firmware intel:core_i3-1005g1_firmware intel:core_m-5y10_firmware intel:celeron_g3900e_firmware intel:core_i7-6600u_firmware intel:core_i5-9400h_firmware intel:core_i5-8400t_firmware intel:core_i3-7100_firmware intel:core_i3-9300_firmware intel:core_i3-8145u_firmware intel:pentium_n3540_firmware intel:core_i9-10900x_firmware intel:core_i9-9880h_firmware intel:celeron_g3900_firmware intel:pentium_d1507_firmware intel:celeron_n3450_firmware intel:core_i5-8365u_firmware intel:core_i5-7287u_firmware intel:core_i7-8700k_firmware intel:celeron_n3060_firmware intel:core_i3-8100t_firmware intel:core_i5-7600k_firmware intel:celeron_g4930_firmware intel:xeon_e3-1585l_v5_firmware intel:xeon_e-2176g_firmware intel:core_i5-6267u_firmware intel:xeon_e3-1501m_v6_firmware intel:pentium_gold_g5500_firmware intel:celeron_j1800_firmware intel:xeon_e3-1515m_v5_firmware intel:xeon_e-2146g_firmware intel:core_i3-6100h_firmware intel:celeron_n2940_firmware intel:core_i5-5287u_firmware intel:core_i7-7820x_firmware intel:core_i7-6920hq_firmware intel:celeron_j1750_firmware intel:celeron_n2910_firmware intel:core_i7-5550u_firmware intel:celeron_g3920_firmware intel:pentium_3805u_firmware intel:core_i7-7700t_firmware redhat:enterprise_linux_server_aus intel:xeon_e3-1575m_v5_firmware intel:core_i5-8600k_firmware intel:core_m-5y70_firmware intel:core_i9-7920x_firmware intel:celeron_n3050_firmware intel:xeon_e3-1535m_v6_firmware intel:xeon_e-2278ge_firmware intel:core_i7-8086k_firmware intel:core_i7-7660u_firmware intel:core_i7-5650u_firmware intel:pentium_silver_n5000_firmware intel:xeon_e-2124g_firmware intel:core_i5-8269u_firmware intel:core_i5-7267u_firmware intel:celeron_n4020_firmware intel:core_i7-6870hq_firmware intel:core_i5-7440hq_firmware intel:core_i7-8705g_firmware intel:core_i3-9130u_firmware intel:pentium_d1519_firmware intel:xeon_e-2134_firmware intel:core_i7-10510y_firmware intel:xeon_e3-1501l_v6_firmware intel:core_i5-8300h_firmware intel:core_i7-7820hq_firmware intel:core_i5-9600k_firmware intel:core_i5-8500t_firmware intel:pentium_3825u_firmware intel:core_i7-8709g_firmware intel:core_i7-6970hq_firmware intel:core_i5-8400b_firmware intel:pentium_d1517_firmware intel:celeron_g3930_firmware intel:core_i3-6100u_firmware intel:core_i5-8600t_firmware intel:celeron_n3010_firmware intel:pentium_gold_4415y_firmware intel:core_i7-1065g7_firmware intel:core_i5-5200u_firmware intel:core_i3-5020u_firmware intel:core_i7-6820hq_firmware intel:xeon_e-2174g_firmware intel:pentium_silver_j5040_firmware intel:celeron_g4900t_firmware intel:core_i9-7980xe_firmware intel:core_i9-10980xe_firmware intel:core_i5-6350hq_firmware intel:core_i3-6100_firmware intel:core_i7-6700_firmware intel:pentium_g4560t_firmware intel:xeon_e-2286m_firmware intel:core_i5-5250u_firmware intel:core_i7-5500u_firmware intel:xeon_e-2124_firmware intel:core_i7-6660u_firmware intel:core_i5-7600t_firmware intel:core_i5-6300u_firmware intel:celeron_j4125_firmware intel:xeon_e3-1505m_v6_firmware intel:core_i7-5557u_firmware intel:core_i5-8200y_firmware intel:celeron_j3160_firmware intel:celeron_j3060_firmware intel:core_i9-9900_firmware intel:core_i5-8500_firmware intel:core_i3-5015u_firmware intel:core_i5-9600t_firmware intel:core_i5-5300u_firmware intel:xeon_e-2234_firmware intel:core_i7-7920hq_firmware intel:pentium_gold_g4600_firmware intel:core_i5-10310y_firmware intel:core_i7-5750hq_firmware intel:core_i3-9350k_firmware intel:xeon_e-2186m_firmware intel:core_m-5y71_firmware intel:core_i3-7350k_firmware intel:atom_x5-e3930_firmware intel:core_i5\+8500_firmware intel:celeron_g3900te_firmware intel:core_i5-7260u_firmware intel:core_i5-9500t_firmware intel:core_i7-8550u_firmware intel:pentium_gold_g5500t_firmware intel:xeon_e3-1535m_v5_firmware intel:core_i5-10210y_firmware intel:core_i7-8700_firmware intel:pentium_g4600t_firmware intel:xeon_e3-1585_v5_firmware intel:core_i5-6440hq_firmware intel:core_i9-7940x_firmware
ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges.
ktsuss_project:ktsuss
The Evercoss U50A Android device with a build fingerprint of EVERCOSS/U50A./EVERCOSS:7.0/NRD90M/1499911028:eng/test-keys contains a pre-installed app with a package name of com.qiku.cleaner app (versionCode=2, versionName=2.0_VER_2017.04.21_17:55:55) that allows other pre-installed apps to perform system properties modification via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
evercoss:u50a_max_firmware
Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used.
cookie-signature_project:cookie-signature debian:debian_linux
Pimcore before 6.2.2 allow attackers to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users.
pimcore:pimcore
bundles/AdminBundle/Controller/Admin/EmailController.php in Pimcore before 6.3.0 allows script execution in the Email Log preview window because of the lack of a Content-Security-Policy header.
pimcore:pimcore
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. By sending a signal to the CLI process, undocumented functionality is triggered. Specifically, a menu can be triggered by sending the SIGQUIT signal to the CLI application (e.g., through CTRL+\ via SSH). The access control check for this menu does work and prohibits accessing the menu, which contains "Password recovery for specific user" options. The menu is believed to be accessible using a serial console.
zyxel:gs1900-24hp_firmware zyxel:gs1900-10hp_firmware zyxel:gs1900-8_firmware zyxel:gs1900-48hp_firmware zyxel:gs1900-8hp_firmware zyxel:gs1900-48_firmware zyxel:gs1900-16_firmware zyxel:gs1900-24_firmware zyxel:gs1900-24e_firmware
An issue was discovered in the Espressif ESP32 mask ROM code 2016-06-08 0 through 2. Lack of anti-glitch mitigations in the first stage bootloader of the ESP32 chip allows an attacker (with physical access to the device) to read the contents of read-protected eFuses, such as flash encryption and secure boot keys, by injecting a glitch into the power supply of the chip shortly after reset.
espressif:esp32-pico-d4_firmware espressif:esp32-d2wd_firmware espressif:esp32-d0wd_firmware espressif:esp32-s0wd_firmware
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. User accounts created through the web interface of the device, when given non-admin level privileges, have the same level of privileged access as administrators when connecting to the device via SSH (while their permissions via the web interface are in fact restricted). This allows normal users to obtain the administrative password by running the tech-support command via the CLI: this contains the encrypted passwords for all users on the device. As these passwords are encrypted using well-known and static parameters, they can be decrypted and the original passwords (including the administrator password) can be obtained.
zyxel:gs1900-24hp_firmware zyxel:gs1900-10hp_firmware zyxel:gs1900-8_firmware zyxel:gs1900-48hp_firmware zyxel:gs1900-8hp_firmware zyxel:gs1900-48_firmware zyxel:gs1900-16_firmware zyxel:gs1900-24_firmware zyxel:gs1900-24e_firmware
The Evercoss U6 Android device with a build fingerprint of EVERCOSS/U6/U6:7.0/NRD90M/1504236704:user/release-keys contains a pre-installed app with a package name of com.qiku.cleaner app (versionCode=2, versionName=2.0.0_VER_32516486284094) that allows other pre-installed apps to perform system properties modification via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
evercoss:u6_max_firmware
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Due to lack of input validation in the cmd_sys_traceroute_exec(), cmd_sys_arp_clear(), and cmd_sys_ping_exec() functions in the libclicmd.so library contained in the firmware, an attacker could leverage these functions to call system() and execute arbitrary commands on the switches. (Note that these functions are currently not called in this version of the firmware, however an attacker could use other vulnerabilities to finally use these vulnerabilities to gain code execution.)
zyxel:gs1900-24hp_firmware zyxel:gs1900-10hp_firmware zyxel:gs1900-8_firmware zyxel:gs1900-48hp_firmware zyxel:gs1900-8hp_firmware zyxel:gs1900-48_firmware zyxel:gs1900-16_firmware zyxel:gs1900-24_firmware zyxel:gs1900-24e_firmware
On Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb 9290022656 devices, an unprotected API lets remote users control the bulb's operation. Anyone can turn the bulb on or off, or change its color or brightness remotely. There is no authentication or encryption to use the control API. The only requirement is that the attacker have network access to the bulb.
philips:taolight_smart_wi-fi_wiz_connected_led_bulb_9290022656_firmware
Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification.
pimcore:pimcore
hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions.
facebook:hhvm
TemaTres 3.0 allows remote unprivileged users to create an administrator account
vocabularyserver:tematres
Multiple cross-site scripting vulnerabilities in Tiki 7.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to (1) tiki-admin_system.php, (2) tiki-pagehistory.php, (3) tiki-removepage.php, or (4) tiki-rename_page.php.
tiki:tiki
mpack 1.6 has information disclosure via eavesdropping on mails sent by other users
mpack_project:mpack
The Samsung A5 Android device with a build fingerprint of samsung/a5y17ltexx/a5y17lte:8.0.0/R16NW/A520FXXS8CSC5:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
samsung:galaxy_a5_firmware