Advisory

Questa pagina contiene i riferimenti alle vulnerabilità 0day individuate dal Security Team di AlmavivA, come parte delle attività di ricerca.

La nostra Disclosure Policy La nostra Responsible Disclosure Policy

CVE-2021-41594

RSA Archer

RSA Archer 6.9.SP1 P3 suffer of a privilege escalation vulnerability letting administrators access presumibily inaccessible functionalities.

CVE-2021-40511

Mastro – OBDA systems

OBDA systems’ Mastro 1.0 is vulnerable to XML Entity Expansion (aka “billion laughs”) attack allowing denial of service.

CVE-2021-40510

Mastro – OBDA systems

XML eXternal Entity (XXE) in OBDA systems’ Mastro 1.0 allows remote attackers to read system files via custom DTDs.

CVE-TBA-01

Liferay Portal

 

Cross-site scripting (XSS) vulnerability in the Gogo Shell module in Liferay Portal 7.1.0 through 7.3.6 and 7.4.0 allows remote attackers to inject arbitrary web script or HTML via the output of a Gogo Shell command.

CVE-2021-36761

Qlik Sense

The GeoAnalytics feature in Qlik Sense April 2020 patch 4 allows remote attackers to perform internal port scanning via SSRF.

CVE-2021-36760

WSO2 Identity Server

DOM-based XSS attack in WSO2 Identity Server 5.7.0 allows remote attackers to inject arbitrary web script in password reset procedure. This vulnerability can be used to perform Open Redirection attacks too.

CVE-2020-23488

L.E.F Radio Web Streamer

Blind Command Injection in L.E.F. srl Radio Web Streamer 1.0 allows an
authenticated attacker to execute arbitrary command on the target system via specially crafted HTTP POST request.

CVE-2020-23487

L.E.F Radio Web Streamer

Arbitrary File Upload in L.E.F. srl Radio Web Streamer 1.0 allows an
authenticated attacker to upload arbitrary file on the target system, hence
executing arbitrary command by uploading a PHP file.

CVE-2020-23486

L.E.F Radio Web Streamer

 

Unauthenticated Command Injection in L.E.F. srl Radio Web Streamer 1.0 allows  an attacker to execute arbitrary command on the target system.

CVE-2020-14608

Oracle Fusion Middleware MapViewer

 

This vulnerability allows unauthenticated attacker with network access via HTTP to create, delete, edit critical data and read accessible data.

CVE-2020-14607

Oracle Fusion Middleware MapViewer

 

This vulnerability allows unauthenticated attacker with network access via HTTP to update, insert, delete and partially read accessible data.

CVE-2020-14997

ASiM – Archimista

An Insecure Direct Object Reference (IDOR) in Archimista 3.1.0 allows authenticated attacker to read and export all the reports in the application.

CVE-2020-14996

ASiM – Archimista

An arbitrary file read in Archimista 3.1.0 allows remote attacker to read arbitrary files on the file system.

CVE-2020-14995

ASiM – Archimista

A SQL injection in Archimista 3.1.0 allows remote attacker to execute arbitrary query on the database via the “term” parameter.

CVE-2020-14994

ASiM – Archimista

A SQL injection in Archimista 3.1.0 allows remote attacker to execute arbitrary query on the database via the “order” parameter.

CVE-2020-10785

Targa Telematics

 

Dettagli non pubblici

CVE-2020-10784

Targa Telematics

Dettagli non pubblici

CVE-2019-19866

Atos Unify OpenScape UC Application

Atos Unify OpenScape UC Web Client V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows remote attackers to obtain sensitive information. By iterating the value of conferenceId to getMailFunction in the JSON API, one can enumerate all conferences scheduled on the platform, with their numbers and access PINs.

CVE-2019-19865

Atos Unify OpenScape UC Application

 

Atos Unify OpenScape UC Application V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows XSS. An attacker could exploit this by convincing an authenticated user to inject arbitrary JavaScript code in the Profile Name field. A browser would execute this stored XSS payload.

CVE-2019-17227

Atos Unify OpenScape UC Application

Dettagli non pubblici