In the Linux kernel, the following vulnerability has been resolved: net-sysfs: add check for netdevice being present to speed_show When bringing down the netdevice or system shutdown, a panic can be triggered while accessing the sysfs path because the device is already removed. [ 755.549084] mlx5_core 0000:12:00.1: Shutdown was called [ 756.404455] mlx5_core 0000:12:00.0: Shutdown was called ... [ 757.937260] BUG: unable to handle kernel NULL pointer dereference at (null) [ 758.031397] IP: [<ffffffff8ee11acb>] dma_pool_alloc+0x1ab/0x280 crash> bt ... PID: 12649 TASK: ffff8924108f2100 CPU: 1 COMMAND: "amsd" ... #9 [ffff89240e1a38b0] page_fault at ffffffff8f38c778 [exception RIP: dma_pool_alloc+0x1ab] RIP: ffffffff8ee11acb RSP: ffff89240e1a3968 RFLAGS: 00010046 RAX: 0000000000000246 RBX: ffff89243d874100 RCX: 0000000000001000 RDX: 0000000000000000 RSI: 0000000000000246 RDI: ffff89243d8...

Directory traversal vulnerability in activateuser.php in 2532|Gigs 1.2.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.

A stored cross-site scripting (XSS) vulnerability was discovered in Tenda AC18 v15.03.05.05_multi. The vulnerability exists in the ssid parameter of the wireless settings. Remote attackers can inject malicious payloads that execute when any user visits the router's homepage.

A vulnerability classified as critical was found in Campcodes Online Movie Theater Seat Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file /manage_reserve.php. The manipulation of the argument mid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port, which might allow local users to gain root privileges.

Online Examination System version 1.0 suffers from a cross site scripting vulnerability via index.php.

Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_djb_hash at src/njs_djb_hash.c.

FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet.

The 404 Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.35.17 via the export feature. This makes it possible for unauthenticated attackers to extract sensitive data such as redirects including GET parameters which may reveal sensitive information.

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘video_color’ parameter in all versions up to, and including, 5.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to remote code execution. The device is exposed to attacks from the network.

Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warnings.

The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic.

The Digital Content NewFronts 2014 (aka com.coreapps.android.followme.newfronts2014) application 6.0.7.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

AMI APTIOV contains a vulnerability in BIOS where a user may cause “Improper Initialization” by local accessing. Successful exploitation of this vulnerability may leave the resource in an unexpected state and potentially impact confidentiality, integrity, and availability.

Use-after-free vulnerability in the DatabaseThread::cleanupDatabaseThread function in modules/webdatabase/DatabaseThread.cpp in the web database implementation in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of scheduled tasks during shutdown of a thread.

Cross-site scripting (XSS) vulnerability in the search feature in ColdGen ColdUserGroup 1.06 allows remote attackers to inject arbitrary web script or HTML via the Keywords parameter. NOTE: some of these details are obtained from third party information.

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the User Interface (UI) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged, authenticated attacker with access to the CLI to access sensitive information.  Through the execution of a specific show mgd command, a user with limited permissions (e.g., a low-privileged login class user) can access sensitive information such as hashed passwords, that can be used to further impact the system. This issue affects Junos OS:  * All versions before 21.4R3-S10, * from 22.2 before 22.2R3-S5, * from 22.4 before 22.4R3-S5,  * from 23.2 before 23.2R2-S3,  * from 23.4 before 23.4R2-S3. Junos OS Evolved:  * All versions before 21.4R3-S10-EVO, * from 22.2-EVO before 22.2R3-S6-EVO,  * from 22.4-EVO before 22.4R3-S5-EVO,  * from 23.2-EVO before 23.2R2-S3-EVO,  * from 23.4-EVO before 23.4R2-S3-EVO.

This vulnerability allows remote attackers to bypass authentication on affected installations of Vinchin Backup and Recovery 6.5.0.17561. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the MySQL server. The server uses a hard-coded password for the administrator user. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-17139.

A vulnerability, which was classified as critical, was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected is the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272604. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.