Disclosure Date: February 20, 2020 (last updated March 10, 2020)
A vulnerability in the High Availability (HA) service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a default and static password and is not under the control of the system administrator. An attacker could exploit this vulnerability by using this default account to connect to the affected system. A successful exploit could allow the attacker to obtain read and write access to system data, including the configuration of an affected device. The attacker would gain access to a sensitive portion of the system, but the attacker would not have full administrative rights to control the device.
Disclosure Date: March 08, 2020 (last updated March 10, 2020)
An unauthenticated file upload vulnerability has been identified in admin_add.php in PHPGurukul Online Book Store 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command execution.
Disclosure Date: May 08, 2019 (last updated February 13, 2020)
Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user.
This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected versions of the Alpine Linux container which utilize Linux PAM, or some other mechanism which uses the system shadow file as an authentication database, may accept a NULL password for the `root` user.
Disclosure Date: February 12, 2019 (last updated March 10, 2020)
In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE before 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to gain root privileges or escape from a jail.
Disclosure Date: May 24, 2018 (last updated March 10, 2020)
The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 188.8.131.52 allows remote attackers to obtain sensitive configuration information via a direct request, as demonstrated by happyaxis.jsp. IBM X-Force ID: 84354.
The windows task scheduler allows a split token administrator to register a task which runs as a batch job from a limited privilege context. This doesn't require a user's password to accomplish as the task will be run non-interactively and so doesn't need access to the password in order to access remote resources. Due to the way that batch logons work in the latest versions of Windows for a split token admin user this actually creates the fully privileged token to execute the task under.
Disclosure Date: April 27, 2020 (last updated May 02, 2020)
A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration (HTTPS) service or the User Portal exposed on the WAN zone. A successful attack may have caused remote code execution that exfiltrated usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access (but not external Active Directory or LDAP passwords)
To quote the Reuters report: "To execute the hack, Avraham said victims would be sent an apparently blank email message through the Mail app forcing a crash and reset. The crash opened the door for hackers to steal other data on the device, such as photos and contact details."
So, it sounds like a font or other kind of render thing in Mail.App. No clicks required other than opening the email.
Disclosure Date: April 15, 2020 (last updated May 26, 2020)
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 184.108.40.206.0, 220.127.116.11.0 and 18.104.22.168.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).