CVE-2021-38569
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows stack consumption via recursive function calls during the handling of XFA forms or link objects.
Source: CVE-2021-38569
[월:] 2021년 08월
CVE-2021-38568
CVE-2021-38568
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows memory corruption during conversion of a PDF document to a different document format.
Source: CVE-2021-38568
CVE-2021-1106
CVE-2021-1106
NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service, unconstrained information disclosure, and serious data tampering of all processes on the system.
Source: CVE-2021-1106
CVE-2020-25563
CVE-2020-25563
In SapphireIMS 5.0, it is possible to create local administrator on any client without requiring any credentials by directly accessing RemoteMgmtTaskSave (Automation Tasks) feature and not having a JSESSIONID.
Source: CVE-2020-25563
CVE-2020-25561
CVE-2020-25561
SapphireIMS 5 utilized default sapphire:ims credentials to connect the client to server. This credential is saved in ServerConf.config file in the client.
Source: CVE-2020-25561
CVE-2020-25562
CVE-2020-25562
In SapphireIMS 5.0, there is no CSRF token present in the entire application. This can lead to CSRF vulnerabilities in critical application forms like account resent.
Source: CVE-2020-25562
CVE-2020-25566
CVE-2020-25566
In SapphireIMS 5.0, it is possible to take over an account by sending a request to the Save_Password form as shown in POC. Notice that we do not require a JSESSIONID in this request and can reset any user’s password by changing the username to that user and password to base64(desired password).
Source: CVE-2020-25566
CVE-2020-25564
CVE-2020-25564
In SapphireIMS 5.0, it is possible to create local administrator on any client with credentials of a non-privileged user by directly accessing RemoteMgmtTaskSave (Automation Tasks) feature.
Source: CVE-2020-25564
CVE-2020-25565
CVE-2020-25565
In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire, password: ims) and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping�, “traceroute� and “snmp� functions and execute code on the server.
Source: CVE-2020-25565
CVE-2021-22098
CVE-2021-22098
UAA server versions prior to 75.4.0 are vulnerable to an open redirect vulnerability. A malicious user can exploit the open redirect vulnerability by social engineering leading to take over of victims’ accounts in certain cases along with redirection of UAA users to a malicious sites.
Source: CVE-2021-22098