samedi 30 mai 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Battelle V2I Hub 2.5.1 API strcmp() key privilege escalation

A vulnerability was found in Battelle V2I Hub 2.5.1 and classified as critical. Affected by this issue is the function strcmp() of the component API. The manipulation of the argument key as part of a Variable leads to a privilege escalation...
Auteur: VulDB

Battelle V2I Hub 2.5.1 API information disclosure

A vulnerability has been found in Battelle V2I Hub 2.5.1 and classified as problematic. Affected by this vulnerability is a functionality of the component API. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

Battelle V2I Hub 2.5.1 API privilege escalation

A vulnerability, which was classified as critical, was found in Battelle V2I Hub 2.5.1. Affected is a function of the component API. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is classifying the...
Auteur: VulDB

Battelle V2I Hub 2.5.1 /UI/powerdown.php denial of service

A vulnerability classified as problematic was found in Battelle V2I Hub 2.5.1. This vulnerability affects the functionality of the file /UI/powerdown.php. The manipulation with an unknown input leads to a denial of service vulnerability. The CWE...
Auteur: VulDB

F5 APM up to 13.1.x OAuth Resource Server denial of service

A vulnerability, which was classified as problematic, was found in F5 APM up to 13.1.x. This affects a function of the component OAuth Resource Server. The manipulation with an unknown input leads to a denial of service vulnerability. CWE is...
Auteur: VulDB

APM WebTop 11.2.1 cross site request forgery [CVE-2018-15334]

A vulnerability, which was classified as problematic, has been found in APM WebTop 11.2.1. Affected by this issue is some functionality. The manipulation with an unknown input leads to a cross site request forgery vulnerability. Using CWE to...
Auteur: VulDB

F5 BIG-IP 11.2.1 Configuration Utility information disclosure

A vulnerability classified as problematic was found in F5 BIG-IP 11.2.1. Affected by this vulnerability is the functionality of the component Configuration Utility. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

Sky Elite 6.0L+ com.adups.fota.sysoper.WriteCommandReceiver privilege escalation

A vulnerability classified as critical has been found in Sky Elite 6.0L+. Affected is an unknown function of the component com.adups.fota.sysoper.WriteCommandReceiver. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

ZTE ZMAX Champ com.android.zte.hiddenmenu Loop denial of service

A vulnerability was found in ZTE ZMAX Champ (unknown version). It has been rated as critical. This issue affects some processing of the component com.android.zte.hiddenmenu. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

ZTE ZMAX Champ Mobile Device Management denial of service [CVE-2018-15005]

A vulnerability was found in ZTE ZMAX Champ (the affected version is unknown). It has been declared as critical. This vulnerability affects a code block of the component Mobile Device Management. The manipulation with an unknown input leads to a...
Auteur: VulDB

Coolpad Canvas com.qualcomm.qti.modemtestmode privilege escalation

A vulnerability was found in Coolpad Canvas (the affected version unknown). It has been classified as critical. This affects code of the component com.qualcomm.qti.modemtestmode. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Vivo V7 com.android.phone privilege escalation [CVE-2018-15002]

A vulnerability was found in Vivo V7 (affected version not known) and classified as critical. Affected by this issue is a part of the component com.android.phone. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Vivo V7 com.vivo.bsptest information disclosure [CVE-2018-15001]

A vulnerability has been found in Vivo V7 (affected version unknown) and classified as problematic. Affected by this vulnerability is a functionality of the component com.vivo.bsptest. The manipulation with an unknown input leads to a...
Auteur: VulDB

Leagoo P1 adb privilege escalation [CVE-2018-14998]

A vulnerability, which was classified as critical, was found in Leagoo P1 (version unknown). Affected is a function of the component adb. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is classifying...
Auteur: VulDB

ZTE Blade Vantage/Blade Spark/ZMAX Pro/ZMAX Champ com.android.modem.service information disclosure

A vulnerability, which was classified as problematic, has been found in ZTE Blade Vantage, Blade Spark, ZMAX Pro and ZMAX Champ (unknown version). This issue affects some functionality of the component com.android.modem.service. The manipulation...
Auteur: VulDB

Asus ZenFone 3 Max com.asus.dm privilege escalation [CVE-2018-14992]

A vulnerability classified as critical was found in Asus ZenFone 3 Max (the affected version is unknown). This vulnerability affects the functionality of the component com.asus.dm. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Nexxus NXX mintToken Integer privilege escalation

A vulnerability classified as critical has been found in Nexxus NXX (the affected version unknown). This affects the function mintToken. The manipulation as part of a Integer leads to a privilege escalation vulnerability (Integer Overflow). CWE...
Auteur: VulDB

IP Infusion ZebOS/OcNOS BGP Daemon Autonomous System denial of service

A vulnerability was found in IP Infusion ZebOS and OcNOS (affected version not known). It has been rated as problematic. Affected by this issue is some processing of the component BGP Daemon. The manipulation as part of a Autonomous System leads...
Auteur: VulDB

Evolution CMS 1.4.x manager/ search cross site scripting

A vulnerability was found in Evolution CMS 1.4.x. It has been declared as problematic. Affected by this vulnerability is a code block of the file manager/. The manipulation of the argument search as part of a Parameter leads to a cross site...
Auteur: VulDB

Evolution CMS 1.4.x manager/ Parameter cross site scripting

A vulnerability was found in Evolution CMS 1.4.x. It has been classified as problematic. Affected is code of the file manager/. The manipulation as part of a Parameter leads to a cross site scripting vulnerability. CWE is classifying the issue...
Auteur: VulDB

Mezzanine CMS 4.3.1 title cross site scripting

A vulnerability was found in Mezzanine CMS 4.3.1 and classified as problematic. This issue affects a part of the file /admin/blog/blogcategory/add/?_to_field=id&_popup=1. The manipulation of the argument title as part of a Parameter leads to a...
Auteur: VulDB

Kirby 2.5.12 SVG File cross site scripting

A vulnerability has been found in Kirby 2.5.12 and classified as problematic. This vulnerability affects a functionality. The manipulation as part of a SVG File leads to a cross site scripting vulnerability. The CWE definition for the...
Auteur: VulDB

tcpreplay up to 4.3.0 tree.c packet2tree memory corruption

A vulnerability was found in tcpreplay up to 4.3.0. It has been declared as critical. This vulnerability affects the function packet2tree of the file tree.c. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

poppler 0.72.0 Annot.c Object::getString denial of service

A vulnerability was found in poppler 0.72.0. It has been classified as problematic. This affects the function Object::getString of the file Annot.c. The manipulation with an unknown input leads to a denial of service vulnerability. CWE is...
Auteur: VulDB

libcaca 0.99.beta19 caca/file.c caca_file_read memory corruption

A vulnerability was found in libcaca 0.99.beta19 and classified as critical. Affected by this issue is the function caca_file_read of the file caca/file.c. The manipulation with an unknown input leads to a memory corruption vulnerability. Using...
Auteur: VulDB
First1019102010211022102310241025102610271028Last

Événements SSI