October 2021 Page 3 of 357 | Cyberthreat Blog from Fortify24x7

CVE-2020-36381

Posted by Cyberthreat Blog | Oct 31, 2021 | CVE Notifications |

An issue was discovered in the singleCrunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.

CVE-2020-36379

Posted by Cyberthreat Blog | Oct 31, 2021 | CVE Notifications |

An issue was discovered in the remove function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.

CVE-2020-36378

Posted by Cyberthreat Blog | Oct 31, 2021 | CVE Notifications |

An issue was discovered in the packageCmd function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.

CVE-2021-33259

Posted by Cyberthreat Blog | Oct 31, 2021 | CVE Notifications |

Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for access, allowing for attackers to obtain users’ DNS query history.

CVE-2020-25912

Posted by Cyberthreat Blog | Oct 31, 2021 | CVE Notifications |

A XML External Entity (XXE) vulnerability was discovered in symphonylibtoolkitclass.xmlelement.php in Symphony 2.7.10 which can lead to an information disclosure or denial of service (DOS).

Month: October 2021

CVE-2020-36381

CVE-2020-36379

CVE-2020-36378

CVE-2021-33259

CVE-2020-25912