Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

HPE IceWall SSO Domain Gateway Option Module cross site scripting

A vulnerability classified as problematic was found in HPE IceWall SSO Domain Gateway Option Module (the affected version is unknown). This vulnerability affects an unknown part. Applying a patch is able to eliminate this problem. The bugfix is...
Auteur: VulDB

Fielcoin Lotus BLS Signature Validation VerifyCompressed signature verification

A vulnerability classified as problematic has been found in Fielcoin Lotus (the affected version unknown). This affects the function VerifyCompressed of the component BLS Signature Validation. Applying a patch is able to eliminate this problem....
Auteur: VulDB

QED ResourceXpress up to 4.9k URL input validation

A vulnerability was found in QED ResourceXpress up to 4.9k. It has been rated as critical. Affected by this issue is an unknown functionality of the component URL Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

GNU Binutils up to 2.35 BFD Library memory allocation

A vulnerability was found in GNU Binutils up to 2.35 (Programming Tool Software). It has been declared as problematic. Affected by this vulnerability is an unknown function of the component BFD Library. Upgrading to version 2.36 eliminates this...
Auteur: VulDB

ezXML 0.8.6 XML File Parser libezxml.a ezxml_internal_dtd out-of-bounds write

A vulnerability was found in ezXML 0.8.6. It has been classified as critical. Affected is the function ezxml_internal_dtd of the file libezxml.a of the component XML File Parser. There is no information about possible countermeasures known. It...
Auteur: VulDB

Textpattern 4.8.4 Plug-In unrestricted upload

A vulnerability was found in Textpattern 4.8.4 and classified as critical. This issue affects an unknown code block of the component Plug-In Handler. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Adobe Photoshop up to 21.2.6/22.3 JSX File Parser buffer overflow

A vulnerability has been found in Adobe Photoshop up to 21.2.6/22.3 (Image Processing Software) and classified as critical. This vulnerability affects an unknown code of the component JSX File Parser. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Photoshop up to 21.2.6/22.3 JSX File Parser buffer overflow

A vulnerability, which was classified as critical, was found in Adobe Photoshop up to 21.2.6/22.3 (Image Processing Software). This affects an unknown part of the component JSX File Parser. Upgrading eliminates this vulnerability.
Auteur: VulDB

b2evolution 7.2.2-stable evoadm.php cf_name sql injection

A vulnerability, which was classified as problematic, has been found in b2evolution 7.2.2-stable (Content Management System). Affected by this issue is some unknown functionality of the file evoadm.php. There is no information about possible...
Auteur: VulDB

Tribal Systems Zenario CMS 8.8.52729 admin_boxes.ajax.php cID cross site scripting

A vulnerability classified as problematic was found in Tribal Systems Zenario CMS 8.8.52729 (Content Management System). Affected by this vulnerability is an unknown functionality of the file admin_boxes.ajax.php. There is no information about...
Auteur: VulDB

Tribal Systems Zenario CMS 8.8.52729 admin_boxes.ajax.php cID sql injection

A vulnerability classified as problematic has been found in Tribal Systems Zenario CMS 8.8.52729 (Content Management System). Affected is an unknown function of the file admin_boxes.ajax.php. There is no information about possible countermeasures...
Auteur: VulDB

Adobe Bridge up to 10.1.1/11.0.1 Genuine Software Service improper authorization

A vulnerability was found in Adobe Bridge up to 10.1.1/11.0.1. It has been rated as critical. This issue affects some unknown processing of the component Genuine Software Service. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Bridge up to 10.1.1/11.0.1 out-of-bounds write [CVE-2021-21095]

A vulnerability was found in Adobe Bridge up to 10.1.1/11.0.1. It has been declared as critical. This vulnerability affects an unknown code block. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Bridge up to 10.1.1/11.0.1 out-of-bounds write [CVE-2021-21094]

A vulnerability was found in Adobe Bridge up to 10.1.1/11.0.1. It has been classified as critical. This affects an unknown code. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Bridge up to 10.1.1/11.0.1 memory corruption [CVE-2021-21093]

A vulnerability was found in Adobe Bridge up to 10.1.1/11.0.1 and classified as critical. Affected by this issue is an unknown part. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Bridge up to 10.1.1/11.0.1 buffer overflow [CVE-2021-21092]

A vulnerability has been found in Adobe Bridge up to 10.1.1/11.0.1 and classified as critical. Affected by this vulnerability is some unknown functionality. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Bridge up to 10.1.1/11.0.1 out-of-bounds read [CVE-2021-21091]

A vulnerability, which was classified as problematic, was found in Adobe Bridge up to 10.1.1/11.0.1. Affected is an unknown functionality. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe ColdFusion 2018 Update 10/up to 2016 Update 16 cross site scripting

A vulnerability, which was classified as problematic, has been found in Adobe ColdFusion up to 2016 Update 16/2018 Update 10 (Programming Language Software). This issue affects an unknown function. Applying a patch is able to eliminate this...
Auteur: VulDB

Ceph up to 14.2.19 CEPHX_GET_AUTH_SESSION_KEY Request other_keys improper authentication

A vulnerability classified as critical was found in Ceph up to 14.2.19. This vulnerability affects some unknown processing of the component CEPHX_GET_AUTH_SESSION_KEY Request Handler. Upgrading to version 14.2.20 eliminates this vulnerability.
Auteur: VulDB

Cosori Smart Air Fryer CS158-AF 1.1.0 JSON Object backdoor

A vulnerability classified as critical has been found in Cosori Smart Air Fryer CS158-AF 1.1.0. This affects an unknown code block of the component JSON Object Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Cosori Smart Air Fryer CS158-AF 1.1.0 JSON Object heap-based overflow

A vulnerability was found in Cosori Smart Air Fryer CS158-AF 1.1.0. It has been rated as critical. Affected by this issue is an unknown code of the component JSON Object Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

OpenClinic GA 5.173.3 getAssets.jsp assetStatus sql injection

A vulnerability was found in OpenClinic GA 5.173.3. It has been declared as critical. Affected by this vulnerability is an unknown part of the file getAssets.jsp. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Tilde OpenClinic GA 5.173.3 getAssets.jsp code sql injection

A vulnerability was found in Tilde OpenClinic GA 5.173.3. It has been classified as critical. Affected is some unknown functionality of the file getAssets.jsp. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

OpenClinic GA 5.173.3 getAssets.jsp code sql injection

A vulnerability was found in OpenClinic GA 5.173.3 and classified as critical. This issue affects an unknown functionality of the file getAssets.jsp. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Apache Tapestry up to 5.4.5/5.5.0/5.6.2/5.7.0 AppModule.class deserialization

A vulnerability has been found in Apache Tapestry up to 5.4.5/5.5.0/5.6.2/5.7.0 and classified as critical. This vulnerability affects an unknown function of the file /assets/something/services/AppModule.class. Upgrading to version 5.6.2 or 5.7.1...
Auteur: VulDB
First567891011121314Last

Événements SSI