UVA Researcher Charged with Computer Intrusion & Trade Secret Theft
From DHS/US-CERT’s National Vulnerability Database CVE-2020-5419
PUBLISHED: 2020-08-31
RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. An attacker with write privileges to the RabbitMQ installation directory and local access on Windows could carry out a local binary hijacking (plant…
CVE-2020-11618
PUBLISHED: 2020-08-31
THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes have their TELNET service hardcoded to start on boot, which allows an attacker on the local network to achieve root access via the TELNET protocol.
CVE-2020-12643
PUBLISHED: 2020-08-31
OX App Suite 7.10.3 and earlier has Incorrect Access Control via an /api/subscriptions request for a snippet containing an email address.
CVE-2020-12644
PUBLISHED: 2020-08-31
OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API.
CVE-2020-12645
PUBLISHED: 2020-08-31
OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory consumption.
Read More HERE