Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Cisco IOS XE CLI OS Command Injection privilege escalation

A vulnerability classified as critical was found in Cisco IOS XE (Router Operating System) (the affected version is unknown). This vulnerability affects an unknown code block of the component CLI. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco IOS XE Web UI HTTP Request privilege escalation

A vulnerability classified as critical has been found in Cisco IOS XE (Router Operating System) (the affected version unknown). This affects an unknown code of the component Web UI. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco IOS XE Control and Provisioning Packet Crash denial of service

A vulnerability was found in Cisco IOS XE (Router Operating System) (affected version not known). It has been rated as problematic. Affected by this issue is an unknown part of the component Control and Provisioning. Upgrading eliminates this...
Auteur: VulDB

Cisco IOS XE USB 3.0 SSD privilege escalation [CVE-2020-3396]

A vulnerability was found in Cisco IOS XE (Router Operating System) (affected version unknown). It has been declared as critical. Affected by this vulnerability is some unknown functionality of the component USB 3.0 SSD Handler. Upgrading...
Auteur: VulDB

Cisco IOS XE Role-Based Access Control privilege escalation [CVE-2020-3393]

A vulnerability was found in Cisco IOS XE (Router Operating System) (version unknown). It has been classified as critical. Affected is an unknown functionality of the component Role-Based Access Control. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco IOS XE SNMP Trap Parameter denial of service

A vulnerability was found in Cisco IOS XE (Router Operating System) (unknown version) and classified as problematic. This issue affects an unknown function of the component SNMP Trap Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco IOS XE mDNS denial of service [CVE-2020-3359]

A vulnerability has been found in Cisco IOS XE (Router Operating System) (the affected version is unknown) and classified as critical. This vulnerability affects some unknown processing of the component mDNS. Upgrading eliminates this...
Auteur: VulDB

Cisco IOS XE Web Management privilege escalation [CVE-2020-3141]

A vulnerability, which was classified as critical, was found in Cisco IOS XE (Router Operating System) (the affected version unknown). This affects an unknown code block of the component Web Management. Upgrading eliminates this vulnerability.
Auteur: VulDB

jdownloads 3.2.63 on Joomla send.php f_marked_files_id sql injection

A vulnerability, which was classified as critical, has been found in jdownloads 3.2.63 on Joomla (Joomla Component). Affected by this issue is an unknown code of the file com_jdownloads/models/send.php. There is no information about possible...
Auteur: VulDB

Hotspot Shield VPN up to 10.3.0 on Windows Directory Permission privilege escalation

A vulnerability classified as critical was found in Hotspot Shield VPN up to 10.3.0 on Windows (Network Encryption Software). Affected by this vulnerability is an unknown part of the component Directory Permission. There is no information about...
Auteur: VulDB

Joplin Desktop up to 1.0.245 Emded Tag cross site scripting

A vulnerability classified as problematic has been found in Joplin Desktop up to 1.0.245. Affected is some unknown functionality of the component Emded Tag Handler. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Nakivo Backup & Replication Transporter 9.4.0.r43656 Access Control privilege escalation

A vulnerability was found in Nakivo Backup & Replication Transporter 9.4.0.r43656 (Backup Software). It has been rated as critical. This issue affects an unknown functionality of the component Access Control. There is no information about...
Auteur: VulDB

Nakivo Backup & Replication Director 9.4.0.r43656 on Linux Director Web Interface privilege escalation

A vulnerability was found in Nakivo Backup & Replication Director 9.4.0.r43656 on Linux (Backup Software). It has been declared as critical. This vulnerability affects an unknown function of the component Director Web Interface. There is no...
Auteur: VulDB

ActFax 7.10 Build 0335 Folder Permission TSClientB.exe privilege escalation

A vulnerability was found in ActFax 7.10 Build 0335. It has been classified as critical. This affects some unknown processing of the file TSClientB.exe of the component Folder Permission. There is no information about possible countermeasures...
Auteur: VulDB

ORY Fosite up to 0.33.x Storage Error privilege escalation

A vulnerability was found in ORY Fosite up to 0.33.x and classified as problematic. Affected by this issue is an unknown code block of the component Storage Error Handler. Upgrading to version 0.34.0 eliminates this vulnerability.
Auteur: VulDB

ORY Fosite up to 0.30.x weak authentication [CVE-2020-15222]

A vulnerability has been found in ORY Fosite up to 0.30.x and classified as critical. Affected by this vulnerability is an unknown code. Upgrading to version 0.31.0 eliminates this vulnerability.
Auteur: VulDB

PrestaShop up to 1.7.6.7 Attachments cross site scripting

A vulnerability, which was classified as problematic, was found in PrestaShop up to 1.7.6.7 (E-Commerce Management Software). Affected is an unknown part of the component Attachments. Upgrading to version 1.7.6.8 eliminates this vulnerability.
Auteur: VulDB

PrestaShop up to 1.7.6.7 Contact Form cross site scripting

A vulnerability, which was classified as problematic, has been found in PrestaShop up to 1.7.6.7 (E-Commerce Management Software). This issue affects some unknown functionality of the component Contact Form. Upgrading to version 1.7.6.8...
Auteur: VulDB

PrestaShop up to 1.7.6.7 Catalog Product Edition Page Parameter Blind sql injection

A vulnerability classified as critical was found in PrestaShop up to 1.7.6.7 (E-Commerce Management Software). This vulnerability affects an unknown functionality of the component Catalog Product Edition Page. Upgrading to version 1.7.6.8...
Auteur: VulDB

JerryScript 2.2.0 vm/opcodes.c privilege escalation

A vulnerability classified as critical has been found in JerryScript 2.2.0. This affects an unknown function of the file vm/opcodes.c. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

iSmartgate Pro 1.5.9 Clickjacking privilege escalation

A vulnerability was found in iSmartgate Pro 1.5.9. It has been rated as critical. Affected by this issue is some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

iSmartgate Pro 1.5.9 File Upload privilege escalation

A vulnerability was found in iSmartgate Pro 1.5.9. It has been declared as critical. Affected by this vulnerability is an unknown code block of the component File Upload. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

iSmartgate Pro 1.5.9 checkUserExpirationDate.php privilege escalation

A vulnerability was found in iSmartgate Pro 1.5.9. It has been classified as critical. Affected is an unknown code of the file /cron/checkUserExpirationDate.php. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

iSmartgate Pro 1.5.9 /index.php cross site request forgery

A vulnerability was found in iSmartgate Pro 1.5.9 and classified as problematic. This issue affects an unknown part of the file /index.php. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

iSmartgate Pro 1.5.9 /index.php cross site request forgery

A vulnerability has been found in iSmartgate Pro 1.5.9 and classified as problematic. This vulnerability affects some unknown functionality of the file /index.php. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB
12345678910Last

Événements SSI