| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Modern DRAM chips (DDR4 and LPDDR4 after 2015) are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh (TRR), aka the TRRespass issue. To exploit this vulnerability, the attacker needs to create certain access patterns to trigger bit flips on affected memory modules, aka a Many-sided RowHammer attack. This means that, even when chips advertised as RowHammer-free are used, attackers may still be able to conduct privilege-escalation attacks against the kernel, conduct privilege-escalation attacks against the Sudo binary, and achieve cross-tenant virtual-machine access by corrupting RSA keys. The issue affects chips produced by SK Hynix, Micron, and Samsung. NOTE: tracking DRAM supply-chain issues is not straightforward because a single product model from a single vendor may use DRAM chips from different manufacturers. |
| An issue was discovered in ownCloud before 10.4. An attacker can bypass authentication on a password-protected image by displaying its preview. |
| An issue was discovered in ownCloud before 10.4. Because of an SSRF issue (via the apps/files_sharing/external remote parameter), an authenticated attacker can interact with local services blindly (aka Blind SSRF) or conduct a Denial Of Service attack. |
| In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image. |
| BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the PKG parameter to uninstall.php3. |
| BWA DiREX-Pro 1.2181 devices allow full path disclosure via an invalid name array parameter to val_soft.php3. |
| BWA DiREX-Pro 1.2181 devices allow remote attackers to discover passwords via a direct request to val_users.php3. |
| MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is related to app/View/Elements/Events/View/sighting_field.ctp. |
| MISP 2.4.122 has reflected XSS via unsanitized URL parameters. This is related to app/View/Users/statistics_orgs.ctp. |
| CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow. |
| JPaseto before 0.3.0 generates weak hashes when using v2.local tokens. |
| An issue was discovered in Joomla! before 3.9.16. The lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Featured Articles frontend menutype. |
| An issue was discovered in Joomla! before 3.9.16. Inadequate handling of CSS selectors in the Protostar and Beez3 JavaScript allows XSS attacks. |
| An issue was discovered in Joomla! before 3.9.16. Missing token checks in the image actions of com_templates lead to CSRF. |
| An issue was discovered in Joomla! before 3.9.16. Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses. |
| An issue was discovered in Joomla! before 3.9.16. Incorrect Access Control in the SQL fieldtype of com_fields allows access for non-superadmin users. |
| An issue was discovered in Joomla! before 3.9.16. Various actions in com_templates lack the required ACL checks, leading to various potential attack vectors. |
| An issue was discovered in Froxlor through 0.10.15. The installer wrote configuration parameters including passwords into files in /tmp, setting proper permissions only after writing the sensitive data. A local attacker could have disclosed the information if he read the file at the right time, because of _createUserdataConf in install/lib/class.FroxlorInstall.php. |
| An issue was discovered in Froxlor before 0.10.14. It created files with static names in /tmp during installation if the installation directory was not writable. This allowed local attackers to cause DoS or disclose information out of the config files, because of _createUserdataConf in install/lib/class.FroxlorInstall.php. |
| An issue was discovered in Froxlor before 0.10.14. Remote attackers with access to the installation routine could have executed arbitrary code via the database configuration options that were passed unescaped to exec, because of _backupExistingDatabase in install/lib/class.FroxlorInstall.php. |
