Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

GitHub Enterprise Server up to 2.22.12/3.0.6 UI clickjacking

A vulnerability has been found in GitHub Enterprise Server up to 2.22.12/3.0.6 (Bug Tracking Software) and classified as problematic. Affected by this vulnerability is an unknown code block of the component UI. Upgrading to version 2.22.13 or...
Auteur: VulDB

YFCMF 2.3.1 News Page cross site scripting

A vulnerability, which was classified as problematic, was found in YFCMF 2.3.1. Affected is an unknown code of the component News Page. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

v up to 2.2.29 Settings Page tab cross site scripting

A vulnerability, which was classified as problematic, has been found in v up to 2.2.29. This issue affects an unknown part of the component Settings Page. Upgrading to version 2.2.30 eliminates this vulnerability.
Auteur: VulDB

libxml2 up to 2.9.10 XML Document null pointer dereference

A vulnerability classified as problematic was found in libxml2 up to 2.9.10 (Document Processing Software). This vulnerability affects some unknown functionality of the component XML Document Handler. Upgrading to version 2.9.11 eliminates this...
Auteur: VulDB

Firely Incendi Spark up to 1.5.5-r3 Content-Disposition Header cross site scripting

A vulnerability classified as problematic has been found in Firely Incendi Spark up to 1.5.5-r3. This affects an unknown functionality of the component Content-Disposition Header Handler. Upgrading to version 1.5.5-r4 eliminates this...
Auteur: VulDB

ImageMagick up to 7.0.8 Float MagickCore/quantize.c integer overflow

A vulnerability was found in ImageMagick up to 7.0.8 (Image Processing Software). It has been rated as problematic. Affected by this issue is an unknown function of the file MagickCore/quantize.c of the component Float Handler. Upgrading to...
Auteur: VulDB

radare2 up to 5.3.0 pyc Parser double free

A vulnerability was found in radare2 up to 5.3.0 (Programming Tool Software). It has been declared as problematic. Affected by this vulnerability is some unknown processing of the component pyc Parser. There is no information about possible...
Auteur: VulDB

Moxa NPort IA5000A Telnet cleartext transmission [CVE-2020-27184]

A vulnerability was found in Moxa NPort IA5000A (Automation Software) (version unknown). It has been classified as problematic. Affected is an unknown code block of the component Telnet. There is no information about possible countermeasures...
Auteur: VulDB

Moxa NPort IA5000A Configuration Export credentials storage [CVE-2020-27150]

A vulnerability was found in Moxa NPort IA5000A (Automation Software) (unknown version) and classified as problematic. This issue affects an unknown code of the component Configuration Export Handler. There is no information about possible...
Auteur: VulDB

Moxa NPort IA5150A-IEX up to 1.4 Web Console unknown vulnerability

A vulnerability has been found in Moxa NPort IA5150A-IEX, NPort IA5150A-T-IEX, NPort IA5150A-T, NPort IA5150A, NPort IA5150AI-IEX, NPort IA5150AI-T-IE, NPort IA5150AI-T, NPort IA5150AI, NPort IA5250A-IEX, NPort IA5250A-T-IEX, NPort IA5250A-T,...
Auteur: VulDB

Octopus Server Import/Export cleartext storage [CVE-2021-30183]

A vulnerability, which was classified as problematic, was found in Octopus Server (the affected version unknown). This affects some unknown functionality of the component Import/Export. There is no information about possible countermeasures...
Auteur: VulDB

Kaspersky Password Manager Password Generator entropy [CVE-2020-27020]

A vulnerability, which was classified as problematic, has been found in Kaspersky Password Manager (affected version not known). Affected by this issue is an unknown functionality of the component Password Generator. There is no information about...
Auteur: VulDB

haml-coffee up to 1.14.1 cross site scripting [CVE-2021-32818]

A vulnerability classified as problematic was found in haml-coffee up to 1.14.1. Affected by this vulnerability is an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

TP-LINK Archer C1200 1.13 Build 2018-01-24 rel.52299 EU cross site scripting

A vulnerability classified as problematic has been found in TP-LINK Archer C1200 1.13 Build 2018-01-24 rel.52299 EU. Affected is some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

YARA up to 4.0.3 Mach-O File macho.c buffer overflow

A vulnerability was found in YARA up to 4.0.3. It has been rated as critical. This issue affects an unknown code block of the file libyara/modules/macho/macho.c of the component Mach-O File Handler. Upgrading to version 4.0.4 eliminates this...
Auteur: VulDB

Express-handlebars information disclosure [CVE-2021-32820]

A vulnerability was found in Express-handlebars (the affected version is unknown). It has been declared as problematic. This vulnerability affects an unknown code. Applying a patch is able to eliminate this problem. The bugfix is ready for...
Auteur: VulDB

express-hbs layout information disclosure

A vulnerability was found in express-hbs (the affected version unknown). It has been classified as problematic. This affects an unknown part of the file hbs. Applying a patch is able to eliminate this problem. The bugfix is ready for download at...
Auteur: VulDB

ProtonMail Web Client prior 3.16.60 Regular Expression resource consumption

A vulnerability was found in ProtonMail Web Client and classified as problematic. Affected by this issue is some unknown functionality of the component Regular Expression Handler. Upgrading to version 3.16.60 eliminates this vulnerability....
Auteur: VulDB

DedeCMS 5.7 cross-site request forgery [CVE-2021-32073]

A vulnerability has been found in DedeCMS 5.7 (Content Management System) and classified as problematic. Affected by this vulnerability is an unknown functionality. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

UPX 4.0.0 p_lx_elf.cpp heap-based overflow

A vulnerability, which was classified as critical, was found in UPX 4.0.0. Affected is an unknown function of the file p_lx_elf.cpp. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

Moxa NPort IA5000A cleartext transmission [CVE-2020-27185]

A vulnerability, which was classified as problematic, has been found in Moxa NPort IA5000A (Automation Software) (unknown version). This issue affects some unknown processing. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Squirrelly up to 8.0.8 Configuration information disclosure

A vulnerability classified as problematic was found in Squirrelly up to 8.0.8. This vulnerability affects an unknown code block of the component Configuration Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Google TensorFlow up to 2.1.3/2.2.2/2.3.2/2.4.1 tf.transpose exceptional condition

A vulnerability classified as problematic has been found in Google TensorFlow up to 2.1.3/2.2.2/2.3.2/2.4.1 (Artificial Intelligence Software). This affects the function tf.transpose. Upgrading to version 2.1.4, 2.2.3, 2.3.3, 2.4.2 or 2.5.0...
Auteur: VulDB

Google TensorFlow up to 2.1.3/2.2.2/2.3.2/2.4.1 tf.strings.substr exceptional condition

A vulnerability was found in Google TensorFlow up to 2.1.3/2.2.2/2.3.2/2.4.1 (Artificial Intelligence Software). It has been rated as problematic. Affected by this issue is the function tf.strings.substr. Upgrading to version 2.1.4, 2.2.3, 2.3.3,...
Auteur: VulDB

Google TensorFlow up to 2.1.3/2.2.2/2.3.2/2.4.1 attr_value_util.cc ParseAttrValue recursion

A vulnerability was found in Google TensorFlow up to 2.1.3/2.2.2/2.3.2/2.4.1 (Artificial Intelligence Software). It has been declared as critical. Affected by this vulnerability is the function ParseAttrValue of the file...
Auteur: VulDB
12345678910Last

Événements SSI