Security Vulnerabilities - CVEs Published In October 2020
Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a privilege elevation vulnerability. Due to lack of privilege restrictions on some of the business functions of the device. An attacker could exploit this vulnerability to access the protecting information, resulting in the elevation of the privilege.
CVSS Score
7.8
EPSS Score
0.0
Published
2020-10-19
HUAWEI Mate 20 versions earlier than 10.0.0.188(C00E74R3P8) have a buffer overflow vulnerability in the Bluetooth module. Due to insufficient input validation, an unauthenticated attacker may craft Bluetooth messages after successful paring, causing buffer overflow. Successful exploit may cause code execution.
CVSS Score
8.0
EPSS Score
0.0
Published
2020-10-19
HUAWEI Mate 30 versions earlier than 10.1.0.150(C00E136R5P3) and HUAWEI P30 version earlier than 10.1.0.160(C00E160R2P11) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running a crafted application with common privilege, successful exploit could cause code execution.
CVSS Score
7.8
EPSS Score
0.003
Published
2020-10-19
Blinger.io v.1.0.2519 is vulnerable to Blind/Persistent XSS. An attacker can send arbitrary JavaScript code via a built-in communication channel, such as Telegram, WhatsApp, Viber, Skype, Facebook, Vkontakte, or Odnoklassniki. This is mishandled within the administration panel for conversations/all, conversations/inbox, conversations/unassigned, and conversations/closed.
CVSS Score
6.1
EPSS Score
0.005
Published
2020-10-19
In webpack-subresource-integrity before version 1.5.1, all dynamically loaded chunks receive an invalid integrity hash that is ignored by the browser, and therefore the browser cannot validate their integrity. This removes the additional level of protection offered by SRI for such chunks. Top-level chunks are unaffected. This issue is patched in version 1.5.1.
CVSS Score
3.7
EPSS Score
0.002
Published
2020-10-19
An issue was discovered in the yh_create_session() function of yubihsm-shell through 2.0.2. The function does not explicitly check the returned session id from the device. An invalid session id would lead to out-of-bounds read and write operations in the session array. This could be used by an attacker to cause a denial of service attack.
CVSS Score
7.5
EPSS Score
0.008
Published
2020-10-19
An issue was discovered in the _send_secure_msg() function of yubihsm-shell through 2.0.2. The function does not validate the embedded length field of a message received from the device. This could lead to an oversized memcpy() call that will crash the running process. This could be used by an attacker to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.008
Published
2020-10-19
Sprecher SPRECON-E firmware prior to 8.64b might allow local attackers with access to engineering data to insert arbitrary code. This firmware lacks the validation of the input values on the device side, which is provided by the engineering software during parameterization. Attackers with access to local configuration files can therefore insert malicious commands that are executed after compiling them to valid parameter files (“PDLs”), transferring them to the device, and restarting the device.
CVSS Score
6.7
EPSS Score
0.001
Published
2020-10-19
In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped.
CVSS Score
7.3
EPSS Score
0.0
Published
2020-10-19
A DNS rebinding vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3.
CVSS Score
6.5
EPSS Score
0.003
Published
2020-10-19