Vulnerability title: Wordpress plugin Pods = 2.4.3 XSS and CSRF vulnerabilities
vulnerabilities
Author: Pietro Oliva
CVE: CVE-2014-7956, CVE-2014-7957
Product: pods
Affected version: pods = 2.4.3
Vulnerabilities fixed in version: 2.5
XSS vulnerability (CVE-2014-7956, authentication is needed
Vulnerability title: TP-LINK Cloud Cameras NCXXX Remote NULL Pointer Dereference
Author: Pietro Oliva
CVE: CVE-2020-10231
Vendor: TP-LINK
Product: NC200, NC210, NC220, NC230, NC250, NC260, NC450
Affected version: NC200 <= 2.1.8 build 171109, NC210 <= 1.0.9 build 171214,
Vulnerability title: TP-LINK Cloud Cameras NCXXX Bonjour Command Injection
Author: Pietro Oliva
CVE: CVE-2020-12109
Vendor: TP-LINK
Product: NC200, NC210, NC220, NC230, NC250, NC260, NC450
Affected version: NC200 <= 2.1.9 build 200225, NC210 <= 1.0.9 build 200304,
NC220 &l
Vulnerability title: TP-LINK Cloud Cameras NCXXX SetEncryptKey Command Injection
Author: Pietro Oliva
CVE: CVE-2020-12111
Vendor: TP-LINK
Product: NC260, NC450
Affected version: NC260 <= 1.5.2 build 200304, NC450 <= 1.5.3 build 200304
Fixed version:NC260 <= 1.5.3 build_200401, NC450
Vulnerability title: TP-LINK Cloud Cameras NCXXX Hardcoded Encryption Key
Author: Pietro Oliva
CVE: CVE-2020-12110
Vendor: TP-LINK
Product: NC200, NC210, NC220, NC230, NC250, NC260, NC450
Affected version: NC200 <= 2.1.9 build 200225, NC210 <= 1.0.9 build 200304,
NC220 &l
Vulnerability title: TP-LINK Cloud Cameras NCXXX DelMultiUser Stack Overflow
Author: Pietro Oliva
CVE: CVE-2020-13224
Vendor: TP-LINK
Product: NC200, NC210, NC220, NC230, NC250, NC260, NC450
Affected versions: NC200 <= 2.1.10 build 200401, NC210 <= 1.0.10 build 200401,
Vulnerability title: Noise-Java AESGCMFallbackCipherState.encryptWithAd()
insufficient boundary checks
Author: Pietro Oliva
CVE: CVE-2020-25022
Vendor: Rhys Weatherley (Creator of Noise Framework's reference implementation
in Java)
Product: Noise-Java
Affected version: No version information
Vulnerability title: Noise-Java ChaChaPolyCipherState.encryptWithAd()
insufficient boundary checks
Author: Pietro Oliva
CVE: CVE-2020-25021
Vendor: Rhys Weatherley (Creator of Noise Framework's reference implementation
in Java)
Product: Noise-Java
Affected version: No version information
Vulnerability title: Noise-Java AESGCMOnCtrCipherState.encryptWithAd()
insufficient boundary checks
Author: Pietro Oliva
CVE: CVE-2020-25023
Vendor: Rhys Weatherley (Creator of Noise Framework's reference implementation
in Java)
Product: Noise-Java
Affected version: No version information
Vulnerability title: Avian JVM vm::arrayCopy() Multiple Integer Overflows
Author: Pietro Oliva
CVE: CVE-2020-17360
Vendor: ReadyTalk
Product: Avian JVM
Affected version: 1.2.0
Description:
The issue is located in the vm::arrayCopy method defined in classpath-common.h,
where multiple boundary
Vulnerability title: Avian JVM vm::arrayCopy() silent return on negative length
Author: Pietro Oliva
CVE: CVE-2020-17361
Vendor: ReadyTalk
Product: Avian JVM
Affected version: 1.2.0
Description:
The issue is located in the vm::arrayCopy method defined in classpath-common.h,
where multiple
Vulnerability title: Avian JVM FileOutputStream.write() Integer Overflow
Author: Pietro Oliva
Vendor: ReadyTalk
Product: Avian JVM
Affected version: 1.2.0 before 27th October 2020
Fixed Version: 1.2.0 since 27th October 2020
Description:
The issue is located in the FileOutputStream.write
12 matches
Mail list logo