CVE-2020-6841: Spotify vulnerability

October 19, 2020 0

D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter. How to mitigate CVE-2020-6841 Time needed: 5 minutes. Follow the instructions, as they will Read more

CVE-2020-6110: Zoom vulnerability

October 19, 2020 0

An exploitable partial path traversal vulnerability exists in the way Zoom Client version 4.6.10 processes messages including shared code snippets. A specially crafted chat message can cause an arbitrary binary planting which could be abused Read more

CVE-2020-6109: Zoom vulnerability

October 19, 2020 0

An exploitable path traversal vulnerability exists in the Zoom client, version 4.6.10 processes messages including animated GIFs. A specially crafted chat message can cause an arbitrary file write, which could potentially be abused to achieve Read more

CVE-2020-1895: Instagram vulnerability

October 19, 2020 0

A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions prior to 128.0.0.26.128. How to mitigate CVE-2020-1895 Time needed: 5 minutes. Follow the Read more

CVE-2020-11877: Zoom vulnerability

October 19, 2020 0

** DISPUTED ** airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector (IV) for AES-256 CBC encryption. NOTE: the vendor states that this IV is used only within unreachable code. How Read more

1 2 3 4 5 12