Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Cisco Integrated Management Controller API Subsystem memory corruption

A vulnerability, which was classified as very critical, was found in Cisco Integrated Management Controller (version unknown). Affected is an unknown function of the component API Subsystem. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco Webex Meetings/WebEx Meetings Server Meeting Room Lobby information disclosure

A vulnerability, which was classified as problematic, has been found in Cisco Webex Meetings and WebEx Meetings Server (Unified Communication Software) (unknown version). This issue affects some unknown processing of the component Meeting Room...
Auteur: VulDB

Cisco Webex Meetings/WebEx Meetings Server Authentication Token dynamically-managed code resources

A vulnerability classified as critical was found in Cisco Webex Meetings and WebEx Meetings Server (Unified Communication Software) (the affected version is unknown). This vulnerability affects an unknown code block of the component...
Auteur: VulDB

Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 HTTP Message ModifyVLANItem os command injection

A vulnerability classified as critical has been found in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 (Anti-Malware Software). This affects the function ModifyVLANItem of the component HTTP Message Handler. There is no information...
Auteur: VulDB

Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 HTTP Message AddVLANItem os command injection

A vulnerability was found in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 (Anti-Malware Software). It has been rated as critical. Affected by this issue is the function AddVLANItem of the component HTTP Message Handler. There is...
Auteur: VulDB

Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 HTTP Message Remote Privilege Escalation

A vulnerability was found in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 (Anti-Malware Software). It has been declared as critical. Affected by this vulnerability is some unknown functionality of the component HTTP Message...
Auteur: VulDB

Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 HTTP Message Remote Code Execution

A vulnerability was found in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 (Anti-Malware Software). It has been classified as critical. Affected is an unknown functionality of the component HTTP Message Handler. There is no...
Auteur: VulDB

Trend Micro Worry-Free Business Security 10 SP1 Management Console path traversal

A vulnerability was found in Trend Micro Worry-Free Business Security 10 SP1 and classified as critical. This issue affects an unknown function of the component Management Console Handler. There is no information about possible countermeasures...
Auteur: VulDB

Trend Micro Apex One Product Installer access control [CVE-2020-28572]

A vulnerability has been found in Trend Micro Apex One (the affected version is unknown) and classified as critical. This vulnerability affects some unknown processing of the component Product Installer. There is no information about possible...
Auteur: VulDB

Trend Micro Security 2020 Installation symlink [CVE-2020-27697]

A vulnerability, which was classified as critical, was found in Trend Micro Security 2020 (the affected version unknown). This affects an unknown code block of the component Installation Handler. There is no information about possible...
Auteur: VulDB

Trend Micro Security 2020 Installation untrusted search path

A vulnerability, which was classified as critical, has been found in Trend Micro Security 2020 (affected version not known). Affected by this issue is an unknown code of the component Installation Handler. There is no information about possible...
Auteur: VulDB

Trend Micro Security 2020 Installation untrusted search path

A vulnerability classified as problematic was found in Trend Micro Security 2020 (affected version unknown). Affected by this vulnerability is an unknown part of the component Installation Handler. There is no information about possible...
Auteur: VulDB

semantic-release up to 17.2.2 on npm URL escape output

A vulnerability classified as critical has been found in semantic-release up to 17.2.2 on npm. Affected is some unknown functionality of the component URL Handler. Upgrading to version 17.2.3 eliminates this vulnerability. Applying a patch is...
Auteur: VulDB

Jupyter Notebook up to 6.1.4 Link redirect

A vulnerability was found in Jupyter Notebook up to 6.1.4. It has been rated as problematic. This issue affects an unknown functionality of the component Link Handler. Upgrading to version 6.1.5 eliminates this vulnerability. Applying a patch is...
Auteur: VulDB

grocy 2.7.1 Add Recipe Module cross site scripting

A vulnerability was found in grocy 2.7.1. It has been declared as problematic. This vulnerability affects an unknown function of the component Add Recipe Module. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Beijing Liangjing Zhicheng ljcmsshop 1.14 user.php cross site scripting

A vulnerability was found in Beijing Liangjing Zhicheng ljcmsshop 1.14. It has been classified as problematic. This affects some unknown processing of the file user.php. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

SuiteCRM up to 7.11.13 Accounts/Contacts/Opportunities/Leads csv injection

A vulnerability was found in SuiteCRM up to 7.11.13 and classified as critical. Affected by this issue is an unknown code block of the component Accounts/Contacts/Opportunities/Leads. There is no information about possible countermeasures known....
Auteur: VulDB

SuiteCRM up to 7.11.13 Documents Module redirect

A vulnerability has been found in SuiteCRM up to 7.11.13 and classified as critical. Affected by this vulnerability is an unknown code of the component Documents Module. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

SuiteCRM 7.11.13 Documents Preview cross site scripting

A vulnerability, which was classified as problematic, was found in SuiteCRM 7.11.13. Affected is an unknown part of the component Documents Preview. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Western Digital iNAND up to 2020-06-03 authentication replay

A vulnerability, which was classified as critical, has been found in Western Digital iNAND up to 2020-06-03. This issue affects some unknown functionality. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

GitLab Enterprise Edition up to 13.3.8/13.4.4/13.5.1 Schedule denial of service

A vulnerability classified as problematic was found in GitLab Enterprise Edition up to 13.3.8/13.4.4/13.5.1 (Bug Tracking Software). This vulnerability affects an unknown functionality of the component Schedule Handler. Upgrading to version...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 13.3.8/13.4.4/13.5.1 Project Maintainer state issue

A vulnerability classified as problematic has been found in GitLab Community Edition and Enterprise Edition up to 13.3.8/13.4.4/13.5.1 (Bug Tracking Software). This affects an unknown function of the component Project Maintainer Handler....
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 13.3.8/13.4.4/13.5.1 Multipart Protection information disclosure

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 13.3.8/13.4.4/13.5.1 (Bug Tracking Software). It has been rated as problematic. Affected by this issue is some unknown processing of the component Multipart...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 13.3.8/13.4.4/13.5.1 LFS Upload CE/EE path traversal

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 13.3.8/13.4.4/13.5.1 (Bug Tracking Software). It has been declared as critical. Affected by this vulnerability is an unknown code block of the file CE/EE of the...
Auteur: VulDB

Symantec Endpoint Detection & Response up to 4.4 information disclosure

A vulnerability was found in Symantec Endpoint Detection & Response up to 4.4. It has been classified as problematic. Affected is an unknown code. Upgrading to version 4.5 eliminates this vulnerability.
Auteur: VulDB
First6789101112131415Last

Événements SSI