In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command, which could be executed on the K-808 (Firmware versions prior to numbers ending …9A, …9B, …9C, etc.).
Published at: November 02, 2020 at 04:15PM
View on website
An issue was discovered in IPFS (aka go-ipfs) 0.4.23. An attacker can generate ephemeral identities (Sybils) and leverage the IPFS connection management reputation system to poison other nodes’ routing tables, eclipsing the nodes that are the target of the attack from the rest of the network. Later versions, in particular go-ipfs 0.7, mitigate this.
Published at: November 02, 2020 at 04:15PM
View on website
If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands.
This issue affects:
QNAP Systems Inc. Music Station
versions prior to 5.1.13;
versions prior to 5.2.9;
versions prior to 5.3.11.
Published at: November 02, 2020 at 11:15AM
View on website
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code.
This issue affects:
QNAP Systems Inc. Music Station
versions prior to 5.1.13;
versions prior to 5.2.9;
versions prior to 5.3.11.
Published at: November 02, 2020 at 11:15AM
View on website
If exploited, this SQL injection vulnerability could allow remote attackers to obtain application information.
This issue affects:
QNAP Systems Inc. Music Station
versions prior to 5.1.13;
versions prior to 5.2.9;
versions prior to 5.3.11.
Published at: November 02, 2020 at 11:15AM
View on website
Educ Arte Económico 