mardi 25 février 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Symmetricom SyncServer S350 2.90.70.3 User Creation newUserName Stored cross site scripting

A vulnerability classified as problematic has been found in Symmetricom SyncServer S100, SyncServer S200, SyncServer S250, SyncServer S300 and SyncServer S350 2.90.70.3. Affected is some unknown functionality of the component User Creation. There...
Auteur: VulDB

Eltex NTP-RG-1402G 1v10 3.25.3.32 Ping ping.cmd TRACE privilege escalation

A vulnerability was found in Eltex NTP-RG-1402G 1v10 3.25.3.32 (Network Management Software). It has been rated as critical. This issue affects an unknown functionality of the file ping.cmd of the component Ping Handler. There is no information...
Auteur: VulDB

Eltex NTP-RG-1402G 1v10 3.25.3.32 Ping ping.cmd PING privilege escalation

A vulnerability was found in Eltex NTP-RG-1402G 1v10 3.25.3.32 (Network Management Software). It has been declared as critical. This vulnerability affects an unknown function of the file ping.cmd of the component Ping Handler. There is no...
Auteur: VulDB

Iteris Vantage Velocity Field Unit 2.4.2 Start Data Viewer /cgi-bin/loaddata.py Parameter cross site scripting

A vulnerability was found in Iteris Vantage Velocity Field Unit 2.4.2. It has been classified as problematic. This affects some unknown processing of the file /cgi-bin/loaddata.py of the component Start Data Viewer. There is no information about...
Auteur: VulDB

Iteris Vantage Velocity Field Unit 2.3.1/2.4.2 Permission /root/cleardata.pl privilege escalation

A vulnerability was found in Iteris Vantage Velocity Field Unit 2.3.1/2.4.2 and classified as critical. Affected by this issue is an unknown code block of the file /root/cleardata.pl of the component Permission. There is no information about...
Auteur: VulDB

Iteris Vantage Velocity Field Unit 2.3.1/2.4.2 Default Credentials weak authentication

A vulnerability has been found in Iteris Vantage Velocity Field Unit 2.3.1/2.4.2 and classified as critical. Affected by this vulnerability is an unknown code. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Xirrus XR520/XR620/XR2436/XH2-120 cgi-bin/ViewPage.cgi user cross site scripting

A vulnerability, which was classified as problematic, was found in Xirrus XR520, XR620, XR2436 and XH2-120 (version unknown). Affected is an unknown part of the file cgi-bin/ViewPage.cgi. There is no information about possible countermeasures...
Auteur: VulDB

Post Oak AWAM Bluetooth Field Device timeconfig.py htmlNtpServer privilege escalation

A vulnerability, which was classified as critical, has been found in Post Oak AWAM Bluetooth Field Device 7400v2.08.21.2018/7800SD.2015.1.16/2011.3/7400v2.02.01.2019/7800SD.2012.12.5. This issue affects some unknown functionality of the file...
Auteur: VulDB

Iteris Vantage Velocity Field Unit 2.3.1/2.4.2/3.0 cgi-bin/timeconfig.py Shell Metacharacter privilege escalation

A vulnerability classified as critical was found in Iteris Vantage Velocity Field Unit 2.3.1/2.4.2/3.0. This vulnerability affects an unknown functionality of the file cgi-bin/timeconfig.py. There is no information about possible countermeasures...
Auteur: VulDB

Dolibarr 11.0 joinfiles/topic/code cross site scripting

A vulnerability classified as problematic has been found in Dolibarr 11.0. This affects an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative...
Auteur: VulDB

Arvato Skillpipe 3.0 HTML Source Code privilege escalation

A vulnerability was found in Arvato Skillpipe 3.0. It has been rated as critical. Affected by this issue is some unknown processing of the component HTML Source Code. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Gluu Identity Configuration 4.0 Import People filename cross site scripting

A vulnerability was found in Gluu Identity Configuration 4.0. It has been declared as problematic. Affected by this vulnerability is an unknown code block of the component Import People Handler. There is no information about possible...
Auteur: VulDB

Codoforum 4.8.8 New Topic cross site scripting

A vulnerability was found in Codoforum 4.8.8. It has been classified as problematic. Affected is an unknown code of the component New Topic Handler. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Abbott FreeStyle Libre 14-day/FreeStyle Libre 2 NFC privilege escalation

A vulnerability was found in Abbott FreeStyle Libre 14-day and FreeStyle Libre 2 (unknown version) and classified as critical. This issue affects an unknown part of the component NFC Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

AnyShare Cloud 6.0.9 filepath directory traversal

A vulnerability has been found in AnyShare Cloud 6.0.9 (Cloud Software) and classified as problematic. This vulnerability affects some unknown functionality of the file interface/downloadwithpath/downloadfile/. There is no information about...
Auteur: VulDB

Goverlan Reach Console/Reach Server/Client Agent Search Path command injection

A vulnerability, which was classified as critical, was found in Goverlan Reach Console, Reach Server and Client Agent (the affected version unknown). This affects an unknown functionality. Upgrading eliminates this vulnerability.
Auteur: VulDB

CERTFR-2020-AVI-094 : Vulnérabilité dans GitLab CE et EE (17 février 2020)

Une vulnérabilité a été découverte dans les éditions GitLab Communauté (CE) et Entreprise (EE). Elle permet à un attaquant de provoquer un contournement de la politique de sécurité. NOTE IMPORTANTE : l'éditeur confirme l'existence de cette …
Auteur: Cert FR

Codologic Codoforum up to 4.8.4 Topic DOM-Based cross site scripting

A vulnerability, which was classified as problematic, has been found in Codologic Codoforum up to 4.8.4 (Forum Software). Affected by this issue is an unknown function of the component Topic Handler. There is no information about possible...
Auteur: VulDB

Moxa MGate 5105-MB-EIP up to 4.1 MainPing.asp DestIP privilege escalation

A vulnerability classified as critical was found in Moxa MGate 5105-MB-EIP up to 4.1. Affected by this vulnerability is some unknown processing of the file MainPing.asp. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Foxit Reader prior 9.7.0.29455 AcroForms Annotation Object privilege escalation

A vulnerability classified as critical has been found in Foxit Reader. Affected is an unknown code block of the component AcroForms Handler. Upgrading to version 9.7.0.29455 eliminates this vulnerability.
Auteur: VulDB

Foxit PhantomPDF prior 9.6.0.25608 Watermark privilege escalation

A vulnerability was found in Foxit PhantomPDF. It has been rated as critical. This issue affects an unknown code of the component Watermark Handler. Upgrading to version 9.6.0.25608 eliminates this vulnerability.
Auteur: VulDB

Foxit PhantomPDF prior 9.7.0.2947 fxhtml2pdf.exe privilege escalation

A vulnerability was found in Foxit PhantomPDF. It has been declared as critical. This vulnerability affects an unknown part of the file fxhtml2pdf.exe. Upgrading to version 9.7.0.2947 eliminates this vulnerability.
Auteur: VulDB

Foxit PhantomPDF 9.7.0.29478 JPEG File privilege escalation

A vulnerability was found in Foxit PhantomPDF 9.7.0.29478. It has been classified as critical. This affects some unknown functionality of the component JPEG File Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Foxit PhantomPDF 9.7.0.29478 HTML Converter PDF File privilege escalation

A vulnerability was found in Foxit PhantomPDF 9.7.0.29478 and classified as critical. Affected by this issue is an unknown functionality of the component HTML Converter. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Foxit Reader 9.7.0.29455 JPEG2000 File information disclosure

A vulnerability has been found in Foxit Reader 9.7.0.29455 and classified as problematic. Affected by this vulnerability is an unknown function of the component JPEG2000 File Handler. There is no information about possible countermeasures known....
Auteur: VulDB
First6789101112131415Last

Événements SSI