Compromissos 08/10/2021

Curso de tempo

Entrada

Campo

source_cve_nvd_summary140
vulnerability_cvss3_meta_tempscore90
vulnerability_cvss3_meta_basescore90
source_cve_assigned87
exploit_price_0day80

Commit Conf

90%2221
50%800
70%493

Approve Conf

90%2221
80%800
70%493

IDUtilizadorEntradaCampoAlterarComenteAceiteExplicaçãoC
11687759VulD...183809cve_nvd_summaryAn attacker with physical access to Boston Scientific Zoom Latitude Model 3120 can remove the hard disk drive or create a specially crafted USB to extract the password hash for brute force reverse engineering of the system password.cve.org08/10/2021aceite
70
11687758VulD...183808cve_nvd_summaryDocker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running `docker login my-private-registry.example.com` with a misconfigured configuration file (typically `~/.docker/config.json`) listing a `credsStore` or `credHelpers` that could not be executed would result in any provided credentials being sent to `registry-1.docker.io` rather than the intended private registry. This bug has been fixed in Docker CLI 20.10.9. Users should update to this version as soon as possible. For users unable to update ensure that any configured credsStore or credHelpers entries in the configuration file reference an installed credential helper that is executable and on the PATH.cve.org08/10/2021aceite
70
11687757VulD...183808confirm_urlhttps://github.com/docker/cli/security/advisories/GHSA-99pg-grm5-qq3vgithub.com08/10/2021aceite
70
11687756VulD...183807cve_nvd_summaryLCDS LAquis SCADA through 4.3.1.1085 is vulnerable to a control bypass and path traversal. If an attacker can get a victim to load a malicious els project file and use the play feature, then the attacker can bypass a consent popup and write arbitrary files to OS locations where the user has permission, leading to code execution.cve.org08/10/2021aceite
70
11687755VulD...183806cve_nvd_summarymySCADA myDESIGNER 8.20.0 and below allows Directory Traversal attacks when importing project files. If an attacker can trick a victim into importing a malicious mep file, then they gain the ability to write arbitrary files to OS locations where the user has permission. This would typically lead to code execution.cve.org08/10/2021aceite
70
11687754VulD...183805cve_nvd_summaryThe DynamicPageList3 extension is a reporting tool for MediaWiki, listing category members and intersections with various formats and details. In affected versions unsanitised input of regular expression date within the parameters of the DPL parser function, allowed for the possibility of ReDoS (Regex Denial of Service). This has been resolved in version 3.3.6. If you are unable to update you may also set `$wgDplSettings['functionalRichness'] = 0;` or disable DynamicPageList3 to mitigate.cve.org08/10/2021aceite
70
11687753VulD...183805cve_nvd_summaryThe DynamicPageList3 extension is a reporting tool for MediaWiki, listing category members and intersections with various formats and details. In affected versions unsanitised input of regular expression date within the parameters of the DPL parser function, allowed for the possibility of ReDoS (Regex Denial of Service). This has been resolved in version 3.3.6. If you are unable to update you may also set `$wgDplSettings['functionalRichness'] = 0;` or disable DynamicPageList3 to mitigate.cve.org08/10/2021aceite
70
11687752VulD...183805confirm_urlhttps://github.com/Universal-Omega/DynamicPageList3/security/advisories/GHSA-8f24-q75c-jhf4github.com08/10/2021aceite
70
11687751VulD...183804cve_nvd_summaryIn GFOS Workforce Management 4.8.272.1, the login page of application is prone to authentication bypass, allowing anyone (who knows a user's credentials except the password) to get access to an account. This occurs because of JSESSIONID mismanagement.cve.org08/10/2021aceite
70
11687750VulD...183804cve_nvd_summaryIn GFOS Workforce Management 4.8.272.1, the login page of application is prone to authentication bypass, allowing anyone (who knows a user's credentials except the password) to get access to an account. This occurs because of JSESSIONID mismanagement.cve.org08/10/2021aceite
70
11687749VulD...183803cve_nvd_summaryRedis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis library which does not perform an overflow check before calling the calloc() heap allocation function. This issue only impacts systems with heap allocators that do not perform their own overflow checks. Most modern systems do and are therefore not likely to be affected. Furthermore, by default redis-sentinel uses the jemalloc allocator which is also not vulnerable. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14.cve.org08/10/2021aceite
70
11687748VulD...183803confirm_urlhttps://github.com/redis/redis/security/advisories/GHSA-833w-8v3m-8wwrgithub.com08/10/2021aceite
70
11687747VulD...183802cve_nvd_summaryRedis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14.cve.org08/10/2021aceite
70
11687746VulD...183802cve_nvd_summaryRedis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14.cve.org08/10/2021aceite
70
11687745VulD...183802confirm_urlhttps://github.com/redis/redis/security/advisories/GHSA-9mj9-xx53-qmxmgithub.com08/10/2021aceite
70
11687744VulD...183801cve_nvd_summaryThe user and password data base is exposed by an unprotected web server resource. Passwords are hashed with a weak hashing algorithm and therefore allow an attacker to determine the password by using rainbow tables.cve.org08/10/2021aceite
70
11687743VulD...183801confirm_urlhttps://psirt.bosch.com/security-advisories/bosch-sa-741752.htmlpsirt.bosch.com08/10/2021aceite
70
11687742VulD...183800cve_nvd_summarySuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal. An attacker can partially include arbitrary files via the importFile parameter of the RefreshMapping import functionality.cve.org08/10/2021aceite
70
11687741VulD...183800confirm_urlhttps://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_33docs.suitecrm.com08/10/2021aceite
70
11687740VulD...183799cve_nvd_summarySuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal. An attacker can partially include arbitrary files via the file_name parameter of the Step3 import functionality.cve.org08/10/2021aceite
70
11687739VulD...183799confirm_urlhttps://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_33docs.suitecrm.com08/10/2021aceite
70
11687738VulD...183798cve_nvd_summaryForcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured.cve.org08/10/2021aceite
70
11687737VulD...183797cve_nvd_summaryInformation disclosure from SendEntry in GitLab starting with 10.8 allowed exposure of full URL of artifacts stored in object-storage with a temporary availability via Rails logs.cve.org08/10/2021aceite
70
11687736VulD...183796cve_nvd_summaryIn all versions of GitLab CE/EE since version 11.0, the requirement to enforce 2FA is not honored when using git commands.cve.org08/10/2021aceite
70
11687735VulD...183795cve_nvd_summaryIn all versions of GitLab CE/EE since version 8.12, an authenticated low-privileged malicious user may create a project with unlimited repository size by modifying values in a project export.cve.org08/10/2021aceite
70
11687734VulD...183794cve_nvd_summaryA potential DOS vulnerability was discovered in GitLab EE starting with version 12.6 due to lack of pagination in dependencies API.cve.org08/10/2021aceite
70
11687733VulD...183793cve_nvd_summaryIn all versions of GitLab CE/EE, an attacker with physical access to a user’s machine may brute force the user’s password via the change password function. There is a rate limit in place, but the attack may still be conducted by stealing the session id from the physical compromise of the account and splitting the attack over several IP addresses and passing in the compromised session value from these various locations.cve.org08/10/2021aceite
70
11687732VulD...183793cve_nvd_summaryIn all versions of GitLab CE/EE, an attacker with physical access to a user’s machine may brute force the user’s password via the change password function. There is a rate limit in place, but the attack may still be conducted by stealing the session id from the physical compromise of the account and splitting the attack over several IP addresses and passing in the compromised session value from these various locations.cve.org08/10/2021aceite
70
11687731VulD...183792cve_nvd_summaryMoby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where attempting to copy files using `docker cp` into a specially-crafted container can result in Unix file permission changes for existing files in the hostâs filesystem, widening access to others. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in Moby (Docker Engine) 20.10.9. Users should update to this version as soon as possible. Running containers do not need to be restarted.cve.org08/10/2021aceite
70
11687730VulD...183792cve_nvd_summaryMoby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where attempting to copy files using `docker cp` into a specially-crafted container can result in Unix file permission changes for existing files in the host’s filesystem, widening access to others. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in Moby (Docker Engine) 20.10.9. Users should update to this version as soon as possible. Running containers do not need to be restarted.cve.org08/10/2021aceite
70
11687729VulD...183792confirm_urlhttps://github.com/moby/moby/security/advisories/GHSA-v994-f8vw-g7j4github.com08/10/2021aceite
70
11687728VulD...183791cve_nvd_summaryWire is an open source secure messenger. In affected versions if the an attacker gets an old but valid access token they can take over an account by changing the email. This issue has been resolved in version 3.86 which uses a new endpoint which additionally requires an authentication cookie. See wire-ios-sync-engine and wire-ios-transport references. This is the root advisory that pulls the changes together.cve.org08/10/2021aceite
70
11687727VulD...183790cve_nvd_summaryInformation disclosure: The main configuration, including users and their hashed passwords, is exposed by an unprotected web server resource and can be accessed without authentication. Additionally, device details are exposed which include the serial number and the firmware version by another unprotected web server resource.cve.org08/10/2021aceite
70
11687726VulD...183790confirm_urlhttps://psirt.bosch.com/security-advisories/bosch-sa-741752.htmlpsirt.bosch.com08/10/2021aceite
70
11687725VulD...183789cve_nvd_summaryA vulnerability was discovered in GitLab starting with version 12.2 that allows an attacker to cause uncontrolled resource consumption with a specially crafted file.cve.org08/10/2021aceite
70
11687724VulD...183788cve_nvd_summaryWire-server is the backing server for the open source wire secure messaging application. In affected versions it is possible to trigger email address change of a user with only the short-lived session token in the `Authorization` header. As the short-lived token is only meant as means of authentication by the client for less critical requests to the backend, the ability to change the email address with a short-lived token constitutes a privilege escalation attack. Since the attacker can change the password after setting the email address to one that they control, changing the email address can result in an account takeover by the attacker. Short-lived tokens can be requested from the backend by Wire clients using the long lived tokens, after which the long lived tokens can be stored securely, for example on the devices key chain. The short lived tokens can then be used to authenticate the client towards the backend for frequently performed actions such as sending and receiving messages. While short-lived tokens should not be available to an attacker per-se, they are used more often and in the shape of an HTTP header, increasing the risk of exposure to an attacker relative to the long-lived tokens, which are stored and transmitted in cookies. If you are running an on-prem instance and provision all users with SCIM, you are not affected by this issue (changing email is blocked for SCIM users). SAML single-sign-on is unaffected by this issue, and behaves identically before and after this update. The reason is that the email address used as SAML NameID is stored in a different location in the databse from the one used to contact the user outside wire. Version 2021-08-16 and later provide a new end-point that requires both the long-lived client cookie and `Authorization` header. The old end-point has been removed. If you are running an on-prem instance with at least some of the users invited or provisioned via SAML SSO and you cannot update then you can block `/self/email` on nginz (or in any other proxies or firewalls you may have set up). You don't need to discriminate by verb: `/self/email` only accepts `PUT` and `DELETE`, and `DELETE` is almost never used.cve.org08/10/2021aceite
70
11687723VulD...183788cve_nvd_summaryWire-server is the backing server for the open source wire secure messaging application. In affected versions it is possible to trigger email address change of a user with only the short-lived session token in the `Authorization` header. As the short-lived token is only meant as means of authentication by the client for less critical requests to the backend, the ability to change the email address with a short-lived token constitutes a privilege escalation attack. Since the attacker can change the password after setting the email address to one that they control, changing the email address can result in an account takeover by the attacker. Short-lived tokens can be requested from the backend by Wire clients using the long lived tokens, after which the long lived tokens can be stored securely, for example on the devices key chain. The short lived tokens can then be used to authenticate the client towards the backend for frequently performed actions such as sending and receiving messages. While short-lived tokens should not be available to an attacker per-se, they are used more often and in the shape of an HTTP header, increasing the risk of exposure to an attacker relative to the long-lived tokens, which are stored and transmitted in cookies. If you are running an on-prem instance and provision all users with SCIM, you are not affected by this issue (changing email is blocked for SCIM users). SAML single-sign-on is unaffected by this issue, and behaves identically before and after this update. The reason is that the email address used as SAML NameID is stored in a different location in the databse from the one used to contact the user outside wire. Version 2021-08-16 and later provide a new end-point that requires both the long-lived client cookie and `Authorization` header. The old end-point has been removed. If you are running an on-prem instance with at least some of the users invited or provisioned via SAML SSO and you cannot update then you can block `/self/email` on nginz (or in any other proxies or firewalls you may have set up). You don't need to discriminate by verb: `/self/email` only accepts `PUT` and `DELETE`, and `DELETE` is almost never used.cve.org08/10/2021aceite
70
11687722VulD...183788confirm_urlhttps://github.com/wireapp/wire-server/security/advisories/GHSA-9rm2-w6pq-333mgithub.com08/10/2021aceite
70
11687721VulD...183787cve_nvd_summaryRedis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol (RESP) request, Redis allocates memory according to user-specified values which determine the number of elements (in the multi-bulk header) and size of each element (in the bulk header). An attacker delivering specially crafted requests over multiple connections can cause the server to allocate significant amount of memory. Because the same parsing mechanism is used to handle authentication requests, this vulnerability can also be exploited by unauthenticated users. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14. An additional workaround to mitigate this problem without patching the redis-server executable is to block access to prevent unauthenticated users from connecting to Redis. This can be done in different ways: Using network access control tools like firewalls, iptables, security groups, etc. or Enabling TLS and requiring users to authenticate using client side certificates.cve.org08/10/2021aceite
70
11687720VulD...183787confirm_urlhttps://github.com/redis/redis/security/advisories/GHSA-f6pw-v9gw-v64pgithub.com08/10/2021aceite
70
11687719VulD...183786cve_nvd_summaryRedis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result with heap corruption and potentially remote code execution. This problem exists in all versions of Redis with Lua scripting support, starting from 2.6. The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14. For users unable to update an additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.cve.org08/10/2021aceite
70
11687718VulD...183786confirm_urlhttps://github.com/redis/redis/security/advisories/GHSA-p486-xggp-782cgithub.com08/10/2021aceite
70
11687717VulD...183785cve_nvd_summaryCross-Site Request Forgery (CSRF) vulnerability in WordPress Media File Renamer – Auto & Manual Rename plugin (versionscve.org08/10/2021aceite
70
11687716VulD...183785cve_nvd_summaryCross-Site Request Forgery (CSRF) vulnerability in WordPress Media File Renamer – Auto & Manual Rename plugin (versionscve.org08/10/2021aceite
70
11687715VulD...183785confirm_urlhttps://wordpress.org/plugins/media-file-renamer/#developerswordpress.org08/10/2021aceite
70
11687714VulD...183784cve_nvd_summaryMoby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as `setuid`), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files. This bug has been fixed in Moby (Docker Engine) 20.10.9. Users should update to this version as soon as possible. Running containers should be stopped and restarted for the permissions to be fixed. For users unable to upgrade limit access to the host to trusted users. Limit access to host volumes to trusted containers.cve.org08/10/2021aceite
70
11687713VulD...183784confirm_urlhttps://github.com/moby/moby/security/advisories/GHSA-3fwx-pjgw-3558github.com08/10/2021aceite
70
11687712VulD...183783cve_nvd_summaryRedis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len configuration parameter to a very large value and constructing specially crafted network payloads or commands. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the proto-max-bulk-len configuration parameter. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.cve.org08/10/2021aceite
70
11687711VulD...183783confirm_urlhttps://github.com/redis/redis/security/advisories/GHSA-j3cr-9h5g-6cphgithub.com08/10/2021aceite
70
11687710VulD...183782cve_nvd_summarycontainerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as setuid), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files. This vulnerability has been fixed in containerd 1.4.11 and containerd 1.5.7. Users should update to these version when they are released and may restart containers or update directory permissions to mitigate the vulnerability. Users unable to update should limit access to the host to trusted users. Update directory permission on container bundles directories.cve.org08/10/2021aceite
70
11687709VulD...183782confirm_urlhttps://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvqgithub.com08/10/2021aceite
70
11694818VulD...184112price_0day$0-$5ksee exploit price documentation08/10/2021aceite
90
11694817VulD...184112cvss3_meta_tempscore3.1see CVSS documentation08/10/2021aceite
90
11694816VulD...184112cvss3_meta_basescore3.1see CVSS documentation08/10/2021aceite
90
11694815VulD...184112cvss3_vuldb_tempscore3.1see CVSS documentation08/10/2021aceite
90
11694814VulD...184112cvss3_vuldb_basescore3.1see CVSS documentation08/10/2021aceite
90
11694813VulD...184112cvss2_vuldb_tempscore1.8see CVSS documentation08/10/2021aceite
90
11694812VulD...184112cvss2_vuldb_basescore1.8see CVSS documentation08/10/2021aceite
90
11694811VulD...184112cvss3_vuldb_rcXderived from historical data08/10/2021aceite
80
11694810VulD...184112cvss3_vuldb_rlXderived from historical data08/10/2021aceite
80
11694809VulD...184112cvss3_vuldb_eXderived from historical data08/10/2021aceite
80
11694808VulD...184112cvss3_vuldb_avAderived from historical data08/10/2021aceite
80
11694807VulD...184112cvss2_vuldb_rcNDderived from historical data08/10/2021aceite
80
11694806VulD...184112cvss2_vuldb_rlNDderived from historical data08/10/2021aceite
80
11694805VulD...184112cvss2_vuldb_eNDderived from historical data08/10/2021aceite
80
11694804VulD...184112cvss2_vuldb_avAderived from historical data08/10/2021aceite
80
11694803VulD...184112cvss2_vuldb_aiNderived from vuldb v3 vector08/10/2021aceite
80
11694802VulD...184112cvss2_vuldb_iiNderived from vuldb v3 vector08/10/2021aceite
80
11694801VulD...184112cvss2_vuldb_ciPderived from vuldb v3 vector08/10/2021aceite
80
11694800VulD...184112cvss2_vuldb_auNderived from vuldb v3 vector08/10/2021aceite
80
11694799VulD...184112cvss2_vuldb_acHderived from vuldb v3 vector08/10/2021aceite
80
11694798VulD...184112date1633644000 (08/10/2021)08/10/2021aceite
90
11694797VulD...184112cve_assigned1626386400cve.org08/10/2021aceite
90
11694796VulD...184112cveCVE-2021-36767cve.org08/10/2021aceite
90
11694795VulD...184112urlhttps://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-02.txtraw.githubusercontent.com08/10/2021aceite
90
11694794VulD...184112cvss3_vuldb_aNsee CVSS documentation08/10/2021aceite
90
11694793VulD...184112cvss3_vuldb_iNsee CVSS documentation08/10/2021aceite
90
11694792VulD...184112cvss3_vuldb_cLsee CVSS documentation08/10/2021aceite
90
11694791VulD...184112cvss3_vuldb_sUsee CVSS documentation08/10/2021aceite
90
11694790VulD...184112cvss3_vuldb_uiNsee CVSS documentation08/10/2021aceite
90

3434 as entradas adicionais não são mais exibidas

Want to stay up to date on a daily basis?

Enable the mail alert feature now!