Trovent Security Advisory 2108-02 / Zepp: User account enumeration in password reset function
Posted by Stefan Pietsch on Apr 27 # Trovent Security Advisory 2108-02 # ##################################### User account enumeration in password reset function ################################################### Overview ######## Advisory...
CVE-2021-34590
In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting. An authenticated attacker could write HTML Code into configuration values. These values are...
CVE-2021-34591
In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation. An authenticated attacker could get root access via the suid applications socat,...
CVE-2021-29776
IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information from another user's dashboard providing the dashboard ID of...
CVE-2021-34587
In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to...
CVE-2021-34588
In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export. Backup export is protected via a random key. The key is set...
CVE-2021-34589
In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak. The RFID of the last charge event can be read without authentication...
Post Title
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser...
USN-5391-1: libsepol vulnerabilities
Nicolas Iooss discovered that libsepol incorrectly handled memory when handling policies. An attacker could possibly use this issue to cause a crash, resulting in a...
USN-5366-2: FriBidi vulnerabilities
USN-5366-1 fixed several vulnerabilities in FriBidi. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: It was discovered that FriBidi incorrectly...