Security Vulnerabilities - CVEs Published In March 2020
antiX and MX Linux allow local users to achieve root access via "persist-config --command /bin/sh" because of the Sudo configuration.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-03-14
An issue was discovered in Janus through 0.9.1. janus.c has multiple concurrent threads that misuse the source property of a session, leading to a race condition when claiming sessions.
CVSS Score
4.8
EPSS Score
0.003
Published
2020-03-14
An arbitrary file read vulnerability exists in system/controller/backend/template.php in QCMS v3.0.1.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-03-14
An issue was discovered in Janus through 0.9.1. janus_audiobridge.c has a double mutex unlock when listing private rooms in AudioBridge.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-03-14
An issue was discovered in Janus through 0.9.1. janus.c tries to use a string that doesn't actually exist during a "query_logger" Admin API request, because of a typo in the JSON validation.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-03-14
An issue was discovered in Janus through 0.9.1. plugins/janus_videocall.c in the VideoCall plugin mishandles session management because a race condition causes some references to be freed too early or too many times.
CVSS Score
4.2
EPSS Score
0.003
Published
2020-03-14
An issue was discovered in Janus through 0.9.1. plugins/janus_voicemail.c in the VoiceMail plugin has a race condition that could cause a server crash.
CVSS Score
5.9
EPSS Score
0.003
Published
2020-03-14
An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-03-14
An issue was discovered in Responsive Filemanager through 9.14.0. In the ajax_calls.php file in the save_img action in the name parameter, there is no validation of what kind of extension is sent. This makes it possible to execute PHP code if a legitimate JPEG image contains this code in the EXIF data, and the .php extension is used in the name parameter. (A potential fast patch is to disable the save_img action in the config file.)
CVSS Score
9.8
EPSS Score
0.179
Published
2020-03-14
The sitepress-multilingual-cms (WPML) plugin before 4.3.7-b.2 for WordPress has CSRF due to a loose comparison. This leads to remote code execution in includes/class-wp-installer.php via a series of requests that leverage unintended comparisons of integers to strings.
CVSS Score
8.8
EPSS Score
0.023
Published
2020-03-14