Vulnerabilidades

*** Pendiente de traducción *** This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ad_addcomment function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15876.

*** Pendiente de traducción *** Cynet Client Agent v4.6.0.8010 allows attackers with Administrator rights to disable the EDR functions by disabling process privilege tokens.

*** Pendiente de traducción *** An arbitrary file upload vulnerability in the Virtual Disk of MK-Auth 23.01K4.9 allows attackers to execute arbitrary code via uploading a crafted .htaccess file.

*** Pendiente de traducción *** An invalid ‘prepare write request’ command can cause the Bluetooth LE stack to run out of memory and fail to be able to handle subsequent connection requests, resulting in a denial-of-service.

*** Pendiente de traducción *** Databasir v1.0.7 was discovered to contain a remote code execution (RCE) vulnerability via the mockDataScript parameter.

*** Pendiente de traducción *** Applications that use a non-default option when verifying certificates may be<br /> vulnerable to an attack from a malicious CA to circumvent certain checks.<br /> <br /> Invalid certificate policies in leaf certificates are silently ignored by<br /> OpenSSL and other certificate policy checks are skipped for that certificate.<br /> A malicious CA could use this to deliberately assert invalid certificate policies<br /> in order to circumvent policy checking on the certificate altogether.<br /> <br /> Policy processing is disabled by default but can be enabled by passing<br /> the `-policy&amp;#39; argument to the command line utilities or by calling the<br /> `X509_VERIFY_PARAM_set1_policies()&amp;#39; function.

*** Pendiente de traducción *** The function X509_VERIFY_PARAM_add0_policy() is documented to<br /> implicitly enable the certificate policy check when doing certificate<br /> verification. However the implementation of the function does not<br /> enable the check which allows certificates with invalid or incorrect<br /> policies to pass the certificate verification.<br /> <br /> As suddenly enabling the policy check could break existing deployments it was<br /> decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()<br /> function.<br /> <br /> Instead the applications that require OpenSSL to perform certificate<br /> policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly<br /> enable the policy check by calling X509_VERIFY_PARAM_set_flags() with<br /> the X509_V_FLAG_POLICY_CHECK flag argument.<br /> <br /> Certificate policy checks are disabled by default in OpenSSL and are not<br /> commonly used by applications.

*** Pendiente de traducción *** A Cross-site scripting (XSS) vulnerability in the function encrypt_password() in login.tmpl.php in ATutor 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter.

*** Pendiente de traducción *** Musescore 3.0 to 4.0.1 has a stack buffer overflow vulnerability that occurs when reading misconfigured midi files. If attacker can additional information, attacker can execute arbitrary code.

*** Pendiente de traducción *** Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Local File Inclusion.

*** Pendiente de traducción *** <br /> A vulnerability exists in the SDM600 software. The software operates at a privilege level that is higher than the minimum level required. An attacker who successfully exploits this vulnerability can escalate privileges.<br /> <br /> <br /> <br /> This issue affects: All SDM600 versions prior to version 1.3.0.<br /> <br /> <br /> <br /> List of CPEs:<br /> <br /> <br /> * cpe:2.3:a:hitachienergy:sdm600:1.0:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.1:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.9002.257:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.10002.257:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.11002.149:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.12002.222:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.13002.72:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.44:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.92:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.108:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.182:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.257:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.342:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.447:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.481:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.506:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.566:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.20000.3174:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.21000.291:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.21000.931:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.21000.105:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.23000.291:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.3.0.1339:*:*:*:*:*:*:*<br /> <br /> <br /> <br /> <br />

*** Pendiente de traducción *** MuYuCMS v2.2 was discovered to contain an arbitrary file deletion vulnerability via the component /database/sqldel.html.