OpenVPN Connect 126.96.36.1991 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there. References github.com/hessandrew/CVE-2020-9442
Common Vulnerabilities and Exposures is a rundown of sections-each containing a recognizable proof number, a portrayal, and no less than one open reference-for freely known cybersecurity vulnerabilities. CVE Entries are utilized in various cybersecurity items and administrations from around the globe.
An issue was discovered in the CardGate Payments plugin through 2.0.30 for Magento 2. Lack of origin authentication in the IPN callback processing function in Controller/Payment/Callback.php allows an attacker to remotely replace critical plugin settings Read more
On BIG-IP 15.0.0-188.8.131.52 and 14.1.0-184.108.40.206, while processing specifically crafted traffic using the default ‘xnet’ driver, Virtual Edition instances hosted in Amazon Web Services (AWS) may experience a TMM restart. References support.f5.com/csp/article/K00025388
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 220.127.116.11 and earlier, and 18.104.22.168 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. References helpx.adobe.com/security/products/magento/apsb20-02.html
Viscosity 1.8.2 on Windows and macOS allows an unprivileged user to set a subset of OpenVPN parameters, which can be used to load a malicious library into the memory of the OpenVPN process, leading to Read more