Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

BlackBerry UEM up to 12.12.1a QF6/12.13.1 QF2 Management Console information disclosure

A vulnerability classified as problematic was found in BlackBerry UEM up to 12.12.1a QF6/12.13.1 QF2. Affected by this vulnerability is an unknown functionality of the component Management Console. There is no information about possible...
Auteur: VulDB

Weidmüller u-control/IoT-Gateways up to 1.12.1 Network Port exposure of resource

A vulnerability classified as critical has been found in Weidmüller u-control and IoT-Gateways up to 1.12.1. Affected is an unknown function of the component Network Port Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

WAGO Switch Directory Listing information disclosure [CVE-2021-20993]

A vulnerability was found in WAGO Switch (unknown version). It has been rated as problematic. This issue affects some unknown processing of the component Directory Listing Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

SonicWALL Email Security Virtual Appliance up to 10.0.9 hard-coded credentials

A vulnerability was found in SonicWALL Email Security Virtual Appliance up to 10.0.9 (Anti-Malware Software). It has been declared as critical. This vulnerability affects an unknown code block. It is possible to mitigate the problem by applying...
Auteur: VulDB

AMD CPU SEV/SEV-ES unknown vulnerability [CVE-2020-12967]

A vulnerability was found in AMD CPU (Chip Software) (the affected version unknown). It has been classified as critical. This affects an unknown code of the component SEV/SEV-ES. There is no information about possible countermeasures known. It...
Auteur: VulDB

BlackBerry UE up to 12.13.1 QF2/12.12.1a QF6 Management Console Remote Privilege Escalation

A vulnerability was found in BlackBerry UE up to 12.13.1 QF2/12.12.1a QF6 and classified as critical. Affected by this issue is an unknown part of the component Management Console. There is no information about possible countermeasures known. It...
Auteur: VulDB

SchedMD Slurm up to 20.02.6/20.11.6 Script Remote Privilege Escalation

A vulnerability has been found in SchedMD Slurm up to 20.02.6/20.11.6 and classified as critical. Affected by this vulnerability is some unknown functionality of the component Script Handler. Upgrading to version 20.02.7 or 20.11.7 eliminates...
Auteur: VulDB

Red Hat WildFly Boss EJB Client information disclosure [CVE-2021-20250]

A vulnerability, which was classified as problematic, was found in Red Hat WildFly (Application Server Software) (version unknown). Affected is an unknown functionality of the component Boss EJB Client. There is no information about possible...
Auteur: VulDB

zzcms 201910 /one/getpassword.php permission

A vulnerability, which was classified as critical, has been found in zzcms 201910 (Content Management System). This issue affects an unknown function of the file /one/getpassword.php. There is no information about possible countermeasures known....
Auteur: VulDB

Linux Kernel spk_ttyio_receive_buf2 spk_ttyio_synth null pointer dereference

A vulnerability classified as problematic was found in Linux Kernel (Operating System) (the affected version is unknown). This vulnerability affects the function spk_ttyio_receive_buf2. There is no information about possible countermeasures...
Auteur: VulDB

ArticleCMS 1.0 Image Upload /admin unrestricted upload

A vulnerability classified as critical has been found in ArticleCMS 1.0. This affects an unknown code block of the file /admin of the component Image Upload Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

BlackBerry Workspaces Server up to 9.1/10.1 SAML Authentication improper authentication

A vulnerability was found in BlackBerry Workspaces Server up to 9.1/10.1. It has been rated as critical. Affected by this issue is an unknown code of the component SAML Authentication. There is no information about possible countermeasures known....
Auteur: VulDB

QNAP Music Station access control [CVE-2020-36197]

A vulnerability was found in QNAP Music Station (affected version unknown). It has been declared as critical. Affected by this vulnerability is an unknown part. Upgrading eliminates this vulnerability.
Auteur: VulDB

Malware Remover up to 4.6.0.x command injection [CVE-2020-36198]

A vulnerability was found in Malware Remover up to 4.6.0.x (Anti-Malware Software). It has been classified as critical. Affected is some unknown functionality. Upgrading to version 4.6.1.0 eliminates this vulnerability.
Auteur: VulDB

Deskpro Cloud Platform/On-Premise 2020.2.3.48207 Custom Email Template cross site scripting

A vulnerability was found in Deskpro Cloud Platform and On-Premise 2020.2.3.48207 (Cloud Software) and classified as problematic. This issue affects an unknown functionality of the component Custom Email Template Handler. There is no information...
Auteur: VulDB

Argo CD up to 1.7.13/1.8.6 Web UI information exposure

A vulnerability has been found in Argo CD up to 1.7.13/1.8.6 and classified as problematic. This vulnerability affects an unknown function of the component Web UI. Upgrading to version 1.7.14 or 1.8.7 eliminates this vulnerability.
Auteur: VulDB

DhCms 2017-09-18 Interface information disclosure

A vulnerability, which was classified as problematic, was found in DhCms 2017-09-18. This affects some unknown processing of the component Interface Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

evm up to 0.21.0/0.23.0/0.24.0/0.25.0/0.26.0 EVM Opcode Execution copy_large allocation of resources

A vulnerability, which was classified as problematic, has been found in evm up to 0.21.0/0.23.0/0.24.0/0.25.0/0.26.0. Affected by this issue is the function evm_core::Memory::copy_large of the component EVM Opcode Execution. Upgrading to version...
Auteur: VulDB

Linux Kernel up to 5.12.1 NFC Socket use after free

A vulnerability classified as critical was found in Linux Kernel up to 5.12.1 (Operating System). Affected by this vulnerability is an unknown code of the component NFC Socket Handler. Upgrading to version 5.12.2 eliminates this vulnerability....
Auteur: VulDB

LAOBANCMS 2.0 admin/info.php Website SEO Keywords cross site scripting

A vulnerability classified as problematic has been found in LAOBANCMS 2.0. Affected is an unknown part of the file admin/info.php?shuyu. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Knowage Suite 7.3 /servlet/AdapterHTTP targetService cross site scripting

A vulnerability was found in Knowage Suite 7.3. It has been rated as problematic. This issue affects some unknown functionality of the file /servlet/AdapterHTTP. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Knowage Suite 7.3 saveNote nota cross site scripting

A vulnerability was found in Knowage Suite 7.3. It has been declared as problematic. This vulnerability affects an unknown functionality of the file /knowage/restful-services/documentnotes/saveNote. There is no information about possible...
Auteur: VulDB

Dhcms 2017-09-18 Guestbook cross site scripting

A vulnerability was found in Dhcms 2017-09-18. It has been classified as problematic. This affects an unknown function of the component Guestbook. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

eXosip2 up to 5.2.0 3xx Redirect eXcall_api.c null pointer dereference

A vulnerability was found in eXosip2 up to 5.2.0 and classified as problematic. Affected by this issue is some unknown processing of the file eXcall_api.c of the component 3xx Redirect Handler. Applying a patch is able to eliminate this problem....
Auteur: VulDB

Speco Web Viewer up to 2021-05-12 GET Request path traversal

A vulnerability has been found in Speco Web Viewer up to 2021-05-12 and classified as critical. Affected by this vulnerability is an unknown code block of the component GET Request Handler. There is no information about possible countermeasures...
Auteur: VulDB
First567891011121314Last

Événements SSI