October 2021 Page 2 of 357 | Cyberthreat Blog from Fortify24x7

CVE-2020-36377

Posted by Cyberthreat Blog | Oct 31, 2021 | CVE Notifications |

An issue was discovered in the dump function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.

CVE-2020-36376

Posted by Cyberthreat Blog | Oct 31, 2021 | CVE Notifications |

An issue was discovered in the list function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.

CVE-2020-26705

Posted by Cyberthreat Blog | Oct 31, 2021 | CVE Notifications |

The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity (XXE) vulnerability which allows for an attacker to expose sensitive data or perform a denial of service (DOS) via a crafted external entity...

CVE-2020-26707

Posted by Cyberthreat Blog | Oct 31, 2021 | CVE Notifications |

An issue was discovered in the add function in Shenzhim AAPTJS 1.3.1 which allows attackers to execute arbitrary code via the filePath parameter.

CVE-2020-36380

Posted by Cyberthreat Blog | Oct 31, 2021 | CVE Notifications |

An issue was discovered in the crunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.

Month: October 2021

CVE-2020-36377

CVE-2020-36376

CVE-2020-26705

CVE-2020-26707

CVE-2020-36380