Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Cisco NX-OS Service Port 9075 file access [CVE-2021-1361]

A vulnerability classified as critical has been found in Cisco NX-OS (Router Operating System) (version unknown). Affected is an unknown functionality of the component Service Port 9075. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco Nexus 9000 SFP Interface access control [CVE-2021-1231]

A vulnerability was found in Cisco Nexus 9000 (unknown version). It has been rated as critical. This issue affects an unknown function of the component SFP Interface. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco Nexus 9000 BGP UPDATE Message denial of service [CVE-2021-1230]

A vulnerability was found in Cisco Nexus 9000 (the affected version is unknown). It has been declared as critical. This vulnerability affects some unknown processing of the component BGP UPDATE Message Handler. Upgrading eliminates this...
Auteur: VulDB

Cisco NX-OS ICMPv6 memory leak [CVE-2021-1229]

A vulnerability was found in Cisco NX-OS (Router Operating System) (the affected version unknown). It has been classified as problematic. This affects an unknown code block of the component ICMPv6 Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco Nexus 9000 ACI Mode access control [CVE-2021-1228]

A vulnerability was found in Cisco Nexus 9000 (affected version not known) and classified as critical. Affected by this issue is an unknown code of the component ACI Mode. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco NX-OS NX-API cross-site request forgery [CVE-2021-1227]

A vulnerability has been found in Cisco NX-OS (Router Operating System) (affected version unknown) and classified as problematic. Affected by this vulnerability is an unknown part of the component NX-API. Upgrading eliminates this vulnerability.
Auteur: VulDB

LightCMS 1.3.4 /admin/SensitiveWords Title cross site scripting

A vulnerability, which was classified as problematic, was found in LightCMS 1.3.4. Affected is some unknown functionality of the file /admin/SensitiveWords. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

GNU C Library 2.29/2.30/2.31/2.32/2.33 nscd netgroupcache.c double free

A vulnerability, which was classified as problematic, has been found in GNU C Library 2.29/2.30/2.31/2.32/2.33 (Software Library). This issue affects an unknown functionality of the file netgroupcache.c of the component nscd. There is no...
Auteur: VulDB

Advantech BB-ESWGP506-2SFP-T up to 1.01.09 hard-coded credentials

A vulnerability classified as critical was found in Advantech BB-ESWGP506-2SFP-T up to 1.01.09. This vulnerability affects an unknown function. The problem might be mitigated by replacing the product with as an alternative.
Auteur: VulDB

OpenSLP Service Port 427 heap-based overflow [CVE-2021-21974]

A vulnerability classified as critical has been found in OpenSLP (the affected version unknown). This affects some unknown processing of the component Service Port 427. Upgrading eliminates this vulnerability.
Auteur: VulDB

VMware vCenter Server/Cloud Foundation vSphere Client server-side request forgery

A vulnerability was found in VMware vCenter Server and Cloud Foundation (Server Management Software) (affected version not known). It has been rated as critical. Affected by this issue is an unknown code block of the component vSphere Client....
Auteur: VulDB

VMware vCenter Server/Cloud Foundation vSphere Client Remote Privilege Escalation

A vulnerability was found in VMware vCenter Server and Cloud Foundation (Server Management Software) (affected version unknown). It has been declared as critical. Affected by this vulnerability is an unknown code of the component vSphere Client....
Auteur: VulDB

Artifact Repository Parameter Plugin up to 1.0.0 on Jenkins cross site scripting

A vulnerability was found in Artifact Repository Parameter Plugin up to 1.0.0 on Jenkins (Jenkins Plugin). It has been classified as problematic. Affected is an unknown part. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Jenkins Support Core Plugin up to 2.72 insertion of sensitive information into sent data

A vulnerability was found in Jenkins Support Core Plugin up to 2.72 (Continuous Integration Software) and classified as problematic. This issue affects some unknown functionality. There is no information about possible countermeasures known. It...
Auteur: VulDB

Claim Plugin up to 2.18.1 on Jenkins cross-site request forgery

A vulnerability has been found in Claim Plugin up to 2.18.1 on Jenkins (Jenkins Plugin) and classified as problematic. This vulnerability affects an unknown functionality. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Claim Plugin up to 2.18.1 on Jenkins Display Name cross site scripting

A vulnerability, which was classified as problematic, was found in Claim Plugin up to 2.18.1 on Jenkins (Jenkins Plugin). This affects an unknown function of the component Display Name Handler. There is no information about possible...
Auteur: VulDB

Repository Connector Plugin up to 2.0.2 on Jenkins Permission cross site scripting

A vulnerability, which was classified as problematic, has been found in Repository Connector Plugin up to 2.0.2 on Jenkins (Jenkins Plugin). Affected by this issue is some unknown processing of the component Permission Handler. There is no...
Auteur: VulDB

Configuration Slicing Plugin up to 1.51 on Jenkins cross-site request forgery

A vulnerability classified as problematic was found in Configuration Slicing Plugin up to 1.51 on Jenkins (Jenkins Plugin). Affected by this vulnerability is an unknown code block of the component Configuration Handler. There is no information...
Auteur: VulDB

Active Choices Plugin up to 2.5.2 on Jenkins cross site scripting

A vulnerability classified as problematic has been found in Active Choices Plugin up to 2.5.2 on Jenkins (Jenkins Plugin). Affected is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Helpcom up to 9.x hard-coded key [CVE-2020-7846]

A vulnerability was found in Helpcom up to 9.x. It has been rated as problematic. This issue affects an unknown part. Upgrading to version 10.0 eliminates this vulnerability.
Auteur: VulDB

Voiceye WSActiveBridgeES prior 2.1.0.3 checking stack-based overflow

A vulnerability was found in Voiceye WSActiveBridgeES. It has been declared as critical. This vulnerability affects some unknown functionality. Upgrading to version 2.1.0.3 eliminates this vulnerability.
Auteur: VulDB

IBM MQ 9.1 CD AMQP/9.1 LTS/9.2 LTS Message denial of service

A vulnerability was found in IBM MQ 9.1 LTS/9.1 CD AMQP/9.2 LTS. It has been classified as problematic. This affects an unknown functionality of the component Message Handler. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Openscad 2020.12-RC2 STL File import_stl.cc import_stl stack-based overflow

A vulnerability was found in Openscad 2020.12-RC2 and classified as critical. Affected by this issue is the function import_stl of the file import_stl.cc of the component STL File Handler. There is no information about possible countermeasures...
Auteur: VulDB

Eclipse Theia up to 1.2.0 Markdown cross site scripting

A vulnerability has been found in Eclipse Theia up to 1.2.0 and classified as problematic. Affected by this vulnerability is some unknown processing of the component Markdown Handler. There is no information about possible countermeasures known....
Auteur: VulDB

CoolKit eWeLink on Android/iOS Quick Pairing Mode inadequate encryption

A vulnerability, which was classified as problematic, was found in CoolKit eWeLink on Android/iOS (version unknown). Affected is an unknown code block of the component Quick Pairing Mode. There is no information about possible countermeasures...
Auteur: VulDB
First567891011121314Last

Événements SSI