Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

GPAC 0.5.2 MP4 File isomedia/track.c MergeTrack null pointer dereference

A vulnerability was found in GPAC 0.5.2. It has been rated as problematic. This issue affects the function MergeTrack of the file isomedia/track.c of the component MP4 File Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

Forescout CounterACT up to 8.1.3 SecureConnector symlink

A vulnerability was found in Forescout CounterACT up to 8.1.3. It has been declared as critical. This vulnerability affects an unknown part of the file %PROGRAMDATA%\ForeScout SecureConnector\ of the component SecureConnector. Upgrading to...
Auteur: VulDB

Appspace 6.2.4 /medianet/mail.aspx improper authentication

A vulnerability was found in Appspace 6.2.4. It has been classified as critical. This affects some unknown functionality of the file /medianet/mail.aspx. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

libexif 0.6.22 JPG File actions.c denial of service

A vulnerability was found in libexif 0.6.22 and classified as problematic. Affected by this issue is an unknown functionality of the file actions.c of the component JPG File Handler. There is no information about possible countermeasures known....
Auteur: VulDB

Tenda G1/G3 15.11.0.17 formDelPortMapping portMappingIndex buffer overflow

A vulnerability has been found in Tenda G1 and G3 15.11.0.17 and classified as critical. Affected by this vulnerability is the function formDelPortMapping. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Tenda G1/G3 15.11.0.17(9502)_CN formIPMacBindDel IPMacBindIndex buffer overflow

A vulnerability, which was classified as critical, was found in Tenda G1 and G3 15.11.0.17(9502)_CN. Affected is the function formIPMacBindDel. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Tenda G1/G3 15.11.0.17(9502)_CN formQOSRuleDel qosIndex buffer overflow

A vulnerability, which was classified as critical, has been found in Tenda G1 and G3 15.11.0.17(9502)_CN. This issue affects the function formQOSRuleDel. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

SAP Setup 9.0 Installation unquoted search path

A vulnerability classified as critical was found in SAP Setup 9.0. This vulnerability affects an unknown code of the component Installation Handler. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

SAP NetWeaver ABAP Server/ABAP Platform 7.10 up to 7.50 Process Integration xml external entity reference

A vulnerability classified as problematic has been found in SAP NetWeaver ABAP Server and ABAP Platform 7.10 up to 7.50 (Solution Stack Software). This affects an unknown part of the component Process Integration Handler. There is no information...
Auteur: VulDB

SAP NetWeaver ABAP Server/ABAP Platform 7.10/7.30/7.31/7.40/7.50 Process Integration access control

A vulnerability was found in SAP NetWeaver ABAP Server and ABAP Platform 7.10/7.30/7.31/7.40/7.50 (Solution Stack Software). It has been rated as critical. Affected by this issue is some unknown functionality of the component Process Integration...
Auteur: VulDB

X2Engine X2CRM 7.1 /profile/activity Comment cross site scripting

A vulnerability was found in X2Engine X2CRM 7.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /profile/activity. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Online Reviewer System up to 1.0 sql injection [CVE-2021-27130]

A vulnerability was found in Online Reviewer System up to 1.0 (Feedback Software). It has been classified as critical. Affected is an unknown function. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

D-Link DIR-816 A2 1.10 B05 /goform/addassignment s_ip/s_mac stack-based overflow

A vulnerability was found in D-Link DIR-816 A2 1.10 B05 (Router Operating System) and classified as critical. This issue affects some unknown processing of the file /goform/addassignment. There is no information about possible countermeasures...
Auteur: VulDB

D-Link DIR-816 A2 1.10 B05 HTTP Request /goform/addRouting os command injection

A vulnerability has been found in D-Link DIR-816 A2 1.10 B05 (Router Operating System) and classified as critical. This vulnerability affects an unknown code block of the file /goform/addRouting of the component HTTP Request Handler. There is no...
Auteur: VulDB

Priority Enterprise Management System 8.00 Reset Password Page cross site scripting

A vulnerability, which was classified as problematic, was found in Priority Enterprise Management System 8.00. This affects an unknown code of the component Reset Password Page. There is no information about possible countermeasures known. It may...
Auteur: VulDB

TP-LINK WR2041 v1/TL-WR2041+ HTTP Request popupSiteSurveyRpm.html ssid buffer overflow

A vulnerability, which was classified as critical, has been found in TP-LINK WR2041 v1 and TL-WR2041+ (Router Operating System) (affected version not known). Affected by this issue is an unknown part of the file /userRpm/popupSiteSurveyRpm.html...
Auteur: VulDB

Jitsi Meet Plugin up to 2.8.3 on Moodle sessionpriv.php cross site scripting

A vulnerability classified as problematic was found in Jitsi Meet Plugin up to 2.8.3 on Moodle. Affected by this vulnerability is some unknown functionality of the file sessionpriv.php. There is no information about possible countermeasures...
Auteur: VulDB

tsMuxer 2.6.16 WAV File add_a_user buffer overflow

A vulnerability classified as problematic has been found in tsMuxer 2.6.16. Affected is the function add_a_user of the component WAV File Handler. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

SUSE Linux Enterprise 12-SP3/12-SP5 hawk2 temp file

A vulnerability was found in SUSE Linux Enterprise 12-SP3/12-SP5 (Operating System). It has been rated as critical. This issue affects an unknown function of the component hawk2. Upgrading eliminates this vulnerability.
Auteur: VulDB

libsixel 1.8.6 sixel_encoder_encode_bytes buffer overflow

A vulnerability was found in libsixel 1.8.6. It has been declared as problematic. This vulnerability affects the function sixel_encoder_encode_bytes. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Orchard up to 1.9 File Type Media Settings Allowed File Types cross site scripting

A vulnerability was found in Orchard up to 1.9. It has been classified as problematic. This affects an unknown code block of the component File Type Handler. Upgrading to version 1.10 eliminates this vulnerability.
Auteur: VulDB

Orchard up to 1.9 TinyMCE HTML Editor File Upload unrestricted upload

A vulnerability was found in Orchard up to 1.9 and classified as critical. Affected by this issue is an unknown code of the component TinyMCE HTML Editor File Upload. Upgrading to version 1.10 eliminates this vulnerability.
Auteur: VulDB

X2engine X2CRM up to 7.1 create First Name/Last Name cross site scripting

A vulnerability has been found in X2engine X2CRM up to 7.1 and classified as problematic. Affected by this vulnerability is an unknown part of the file /index.php/contacts/create. There is no information about possible countermeasures known. It...
Auteur: VulDB

X2Engine X2CRM up to 6.9 Rename a Module Tool New Name cross site scripting

A vulnerability, which was classified as problematic, was found in X2Engine X2CRM up to 6.9. Affected is some unknown functionality of the component Rename a Module Tool. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Shopxo 1.4.0/1.5.0 /index.php user_id access control

A vulnerability, which was classified as critical, has been found in Shopxo 1.4.0/1.5.0. This issue affects an unknown functionality of the file /index.php. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB
First567891011121314Last

Événements SSI