Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

IBM Security Guardium Insights 2.0.2 inadequate encryption [CVE-2020-4594]

A vulnerability classified as problematic was found in IBM Security Guardium Insights 2.0.2 (Policy Management Software). Affected by this vulnerability is an unknown functionality. There is no information about possible countermeasures known. It...
Auteur: VulDB

PHPFusion 9.03.90 Shoutbox Message cross-site request forgery

A vulnerability classified as problematic has been found in PHPFusion 9.03.90. Affected is an unknown function of the component Shoutbox Message Handler. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Nagios XI up to 5.7.x Manage Plugins Page unrestricted upload

A vulnerability was found in Nagios XI up to 5.7.x (Log Management Software). It has been rated as critical. This issue affects some unknown processing of the component Manage Plugins Page. Upgrading to version 5.8.0 eliminates this...
Auteur: VulDB

Loxone Miniserver prior 11.1.9.3 improper authentication [CVE-2020-27488]

A vulnerability was found in Loxone Miniserver. It has been declared as critical. This vulnerability affects an unknown code block. Upgrading to version 11.1.9.3 eliminates this vulnerability.
Auteur: VulDB

PTC Kepware KEPServerEX OPC UA Message use after free [CVE-2020-27267]

A vulnerability was found in PTC Kepware KEPServerEX (the affected version unknown). It has been classified as problematic. This affects an unknown code of the component OPC UA Message Handler. There is no information about possible...
Auteur: VulDB

PTC Kepware KEPServerEX OPC UA Message stack-based overflow [CVE-2020-27265]

A vulnerability was found in PTC Kepware KEPServerEX (affected version not known) and classified as critical. Affected by this issue is an unknown part of the component OPC UA Message Handler. There is no information about possible...
Auteur: VulDB

PTC Kepware KEPServerEX OPC UA Message heap-based overflow [CVE-2020-27263]

A vulnerability has been found in PTC Kepware KEPServerEX (affected version unknown) and classified as critical. Affected by this vulnerability is some unknown functionality of the component OPC UA Message Handler. There is no information about...
Auteur: VulDB

Coturn up to 4.5.1 Loopback Interface confused deputy

A vulnerability, which was classified as critical, was found in Coturn up to 4.5.1. Affected is an unknown functionality of the component Loopback Interface Handler. Upgrading to version 4.5.2 eliminates this vulnerability. Applying a patch is...
Auteur: VulDB

zoujingli ThinkAdmin up to 4.x/6.x Update.php deserialization

A vulnerability, which was classified as critical, has been found in zoujingli ThinkAdmin up to 4.x/6.x. This issue affects an unknown function of the file app/admin/controller/api/Update.php. There is no information about possible...
Auteur: VulDB

Huawei Secospace USG9500 DHCP Message Parser out-of-bounds read

A vulnerability classified as problematic was found in Huawei NIP6800, S12700, S2700, S5700, S6700, S7700, S9700, Secospace USG6600 and Secospace USG9500. This vulnerability affects some unknown processing of the component DHCP Message Parser....
Auteur: VulDB

Huawei CloudEngine PIM Message out-of-bounds read [CVE-2020-1865]

A vulnerability classified as problematic has been found in Huawei CloudEngine (Cloud Software) (the affected version unknown). This affects an unknown code block of the component PIM Message Handler. There is no information about possible...
Auteur: VulDB

Ubuntu Linux up to 5.4.0-51.55 DCCP Socket use after free

A vulnerability was found in Ubuntu Linux up to 5.4.0-51.55 (Operating System). It has been rated as critical. Affected by this issue is an unknown code of the component DCCP Socket Handler. Upgrading to version 3.2.0-149.196, 3.13.0.182.191,...
Auteur: VulDB

Combodo iTop up to 2.7.1 Console Breadcrumb cross site scripting

A vulnerability was found in Combodo iTop up to 2.7.1. It has been declared as problematic. Affected by this vulnerability is an unknown part of the component Console Breadcrumb Handler. Upgrading to version 2.7.2 or 3.0.0 eliminates this...
Auteur: VulDB

Combodo iTop up to 2.7.1 session expiration [CVE-2020-15220]

A vulnerability was found in Combodo iTop up to 2.7.1. It has been classified as critical. Affected is some unknown functionality. Upgrading to version 2.7.2 or 3.0.0 eliminates this vulnerability.
Auteur: VulDB

Combodo iTop up to 2.7.1 User Portal information exposure

A vulnerability was found in Combodo iTop up to 2.7.1 and classified as problematic. This issue affects an unknown functionality of the component User Portal. Upgrading to version 2.7.2 or 3.0.0 eliminates this vulnerability.
Auteur: VulDB

Combodo iTop up to 2.7.1 Admin Page session expiration

A vulnerability has been found in Combodo iTop up to 2.7.1 and classified as problematic. This vulnerability affects an unknown function of the component Admin Page. Upgrading to version 2.7.2 or 3.0.0 eliminates this vulnerability.
Auteur: VulDB

Xiaomi AX1800/RM1800 ddns hostname command injection

A vulnerability, which was classified as critical, was found in Xiaomi AX1800 and RM1800 (the affected version unknown). This affects some unknown processing of the component ddns. Upgrading eliminates this vulnerability.
Auteur: VulDB

Xiaomi AX1800/RM1800 Web Management Interface information disclosure

A vulnerability, which was classified as problematic, has been found in Xiaomi AX1800 and RM1800 (affected version not known). Affected by this issue is an unknown code block of the component Web Management Interface. Upgrading eliminates this...
Auteur: VulDB

Xiaomi AX1800/RM1800 Time denial of service [CVE-2020-14098]

A vulnerability classified as problematic was found in Xiaomi AX1800 and RM1800 (affected version unknown). Affected by this vulnerability is an unknown code of the component Time Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

Xiaomi Redmi AX6 prior 1.0.18 Nginx Configuration improper authorization

A vulnerability classified as critical has been found in Xiaomi Redmi AX6. Affected is an unknown part of the component Nginx Configuration. Upgrading to version 1.0.18 eliminates this vulnerability.
Auteur: VulDB

IBM Security Guardium Data Encryption 3.0.0.2 permission [CVE-2019-4702]

A vulnerability was found in IBM Security Guardium Data Encryption 3.0.0.2 (Policy Management Software). It has been rated as critical. This issue affects some unknown functionality. There is no information about possible countermeasures known....
Auteur: VulDB

IBM Security Guardium Data Encryption 3.0.0.2 URL information disclosure

A vulnerability was found in IBM Security Guardium Data Encryption 3.0.0.2 (Policy Management Software). It has been declared as problematic. This vulnerability affects an unknown functionality of the component URL Handler. There is no...
Auteur: VulDB

IBM Security Guardium Data Encryption 3.0.0.2 inadequate encryption

A vulnerability was found in IBM Security Guardium Data Encryption 3.0.0.2 (Policy Management Software). It has been classified as problematic. This affects an unknown function. There is no information about possible countermeasures known. It may...
Auteur: VulDB

remote-login-service 1.0.0-0ubuntu3 on Ubuntu crypt.c credentials storage

A vulnerability was found in remote-login-service 1.0.0-0ubuntu3 on Ubuntu and classified as problematic. Affected by this issue is some unknown processing of the file crypt.c. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Backdoor.Win32.Ketch.a Server Response buffer overflow

A vulnerability has been found in Backdoor.Win32.Ketch.a (Remote Access Software) (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown code block of the component Server Response Handler. There is no...
Auteur: VulDB
First567891011121314Last

Événements SSI