jeudi 28 mai 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Leagoo Z5C com.android.settings Factory Reset denial of service

A vulnerability was found in Leagoo Z5C (version unknown). It has been classified as critical. Affected is code of the component com.android.settings. The manipulation with an unknown input leads to a denial of service vulnerability (Factory...
Auteur: VulDB

Leagoo Z5C com.android.messaging privilege escalation [CVE-2018-14984]

A vulnerability was found in Leagoo Z5C (unknown version) and classified as critical. This issue affects a part of the component com.android.messaging. The manipulation with an unknown input leads to a privilege escalation vulnerability. Using...
Auteur: VulDB

Asus ZenFone 3 Max com.asus.loguploader information disclosure

A vulnerability has been found in Asus ZenFone 3 Max (the affected version is unknown) and classified as problematic. This vulnerability affects a functionality of the component com.asus.loguploader. The manipulation with an unknown input leads...
Auteur: VulDB

FrontAccounting 2.4.5 /attachments.php filterType sql injection

A vulnerability, which was classified as critical, was found in FrontAccounting 2.4.5. This affects a function of the file /attachments.php. The manipulation of the argument filterType with an unknown input leads to a sql injection vulnerability...
Auteur: VulDB

Logisim Evolution up to 2.14.3 XML Data XmlReader.java loadXmlFrom XML External Entity

A vulnerability, which was classified as critical, has been found in Logisim Evolution up to 2.14.3. Affected by this issue is the function loadXmlFrom of the file src/com/cburch/logisim/file/XmlReader.java of the component XML Data Handler. The...
Auteur: VulDB

PEAR Archive_Tar up to 1.4.3 $v_header[filename] Unserialize privilege escalation

A vulnerability classified as critical was found in PEAR Archive_Tar up to 1.4.3. Affected by this vulnerability is the functionality. The manipulation of the argument $v_header[filename] as part of a Parameter leads to a privilege escalation...
Auteur: VulDB

Battelle V2I Hub 2.5.1 Default Admin Password weak authentication

A vulnerability, which was classified as critical, has been found in Battelle V2I Hub 2.5.1. This issue affects some functionality. The manipulation with an unknown input leads to a weak authentication vulnerability (Default Admin Password)....
Auteur: VulDB

Peel SHOPPING 9.1.0 Site Name EN cross site scripting

A vulnerability classified as problematic has been found in Peel SHOPPING 9.1.0. Affected is an unknown function. The manipulation of the argument Site Name EN as part of a Parameter leads to a cross site scripting vulnerability. CWE is...
Auteur: VulDB

Battelle V2I Hub 3.0 Back-End Database PluginStatus.cpp TmxControl::user_info() sql injection

A vulnerability was found in Battelle V2I Hub 3.0. It has been rated as critical. This issue affects the function TmxControl::user_info() in the library tmx/TmxCtl/src/lib/PluginStatus.cpp of the component Back-End Database. The manipulation ...
Auteur: VulDB

Battelle V2I Hub 2.5.1 Back-End Database PluginStatusActions.php jtSorting/id sql injection

A vulnerability was found in Battelle V2I Hub 2.5.1. It has been declared as critical. This vulnerability affects a code block of the file /api/PluginStatusActions.php of the component Back-End Database. The manipulation of the argument...
Auteur: VulDB

Battelle V2I Hub 2.5.1 SystemConfigActions.php parameterName/_login_username cross site scripting

A vulnerability was found in Battelle V2I Hub 2.5.1. It has been classified as problematic. This affects code of the file api/SystemConfigActions.php?action=add. The manipulation of the argument parameterName/_login_username with an unknown...
Auteur: VulDB

Battelle V2I Hub 2.5.1 API strcmp() key privilege escalation

A vulnerability was found in Battelle V2I Hub 2.5.1 and classified as critical. Affected by this issue is the function strcmp() of the component API. The manipulation of the argument key as part of a Variable leads to a privilege escalation...
Auteur: VulDB

Battelle V2I Hub 2.5.1 API information disclosure

A vulnerability has been found in Battelle V2I Hub 2.5.1 and classified as problematic. Affected by this vulnerability is a functionality of the component API. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

Battelle V2I Hub 2.5.1 API privilege escalation

A vulnerability, which was classified as critical, was found in Battelle V2I Hub 2.5.1. Affected is a function of the component API. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is classifying the...
Auteur: VulDB

Battelle V2I Hub 2.5.1 /UI/powerdown.php denial of service

A vulnerability classified as problematic was found in Battelle V2I Hub 2.5.1. This vulnerability affects the functionality of the file /UI/powerdown.php. The manipulation with an unknown input leads to a denial of service vulnerability. The CWE...
Auteur: VulDB

F5 APM up to 13.1.x OAuth Resource Server denial of service

A vulnerability, which was classified as problematic, was found in F5 APM up to 13.1.x. This affects a function of the component OAuth Resource Server. The manipulation with an unknown input leads to a denial of service vulnerability. CWE is...
Auteur: VulDB

APM WebTop 11.2.1 cross site request forgery [CVE-2018-15334]

A vulnerability, which was classified as problematic, has been found in APM WebTop 11.2.1. Affected by this issue is some functionality. The manipulation with an unknown input leads to a cross site request forgery vulnerability. Using CWE to...
Auteur: VulDB

F5 BIG-IP 11.2.1 Configuration Utility information disclosure

A vulnerability classified as problematic was found in F5 BIG-IP 11.2.1. Affected by this vulnerability is the functionality of the component Configuration Utility. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

Sky Elite 6.0L+ com.adups.fota.sysoper.WriteCommandReceiver privilege escalation

A vulnerability classified as critical has been found in Sky Elite 6.0L+. Affected is an unknown function of the component com.adups.fota.sysoper.WriteCommandReceiver. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

ZTE ZMAX Champ com.android.zte.hiddenmenu Loop denial of service

A vulnerability was found in ZTE ZMAX Champ (unknown version). It has been rated as critical. This issue affects some processing of the component com.android.zte.hiddenmenu. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

ZTE ZMAX Champ Mobile Device Management denial of service [CVE-2018-15005]

A vulnerability was found in ZTE ZMAX Champ (the affected version is unknown). It has been declared as critical. This vulnerability affects a code block of the component Mobile Device Management. The manipulation with an unknown input leads to a...
Auteur: VulDB

Coolpad Canvas com.qualcomm.qti.modemtestmode privilege escalation

A vulnerability was found in Coolpad Canvas (the affected version unknown). It has been classified as critical. This affects code of the component com.qualcomm.qti.modemtestmode. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Vivo V7 com.android.phone privilege escalation [CVE-2018-15002]

A vulnerability was found in Vivo V7 (affected version not known) and classified as critical. Affected by this issue is a part of the component com.android.phone. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Vivo V7 com.vivo.bsptest information disclosure [CVE-2018-15001]

A vulnerability has been found in Vivo V7 (affected version unknown) and classified as problematic. Affected by this vulnerability is a functionality of the component com.vivo.bsptest. The manipulation with an unknown input leads to a...
Auteur: VulDB

Leagoo P1 adb privilege escalation [CVE-2018-14998]

A vulnerability, which was classified as critical, was found in Leagoo P1 (version unknown). Affected is a function of the component adb. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is classifying...
Auteur: VulDB
First1008100910101011101210131014101510161017Last

Événements SSI