Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Accellion FTA up to 9_12_432 Admin Endpoint by argument injection

A vulnerability was found in Accellion FTA up to 9_12_432. It has been classified as critical. This affects an unknown part of the component Admin Endpoint. Upgrading to version 9_12_444 eliminates this vulnerability.
Auteur: VulDB

Gigaset DX600A 41.00-175 Telnet Administrator Service excessive authentication

A vulnerability was found in Gigaset DX600A 41.00-175 and classified as problematic. Affected by this issue is some unknown functionality of the component Telnet Administrator Service. There is no information about possible countermeasures known....
Auteur: VulDB

Gigaset DX600A 41.00-175 AT Command buffer overflow

A vulnerability has been found in Gigaset DX600A 41.00-175 and classified as critical. Affected by this vulnerability is an unknown functionality of the component AT Command Handler. Proper firewalling of is able to address this issue.
Auteur: VulDB

fastify-http-proxy up to 4.3.0 on npm escape output [CVE-2021-21322]

A vulnerability, which was classified as critical, was found in fastify-http-proxy up to 4.3.0 on npm (Firewall Software). Affected is an unknown function. Upgrading to version 4.3.1 eliminates this vulnerability. Applying a patch is able to...
Auteur: VulDB

fastify-reply-from up to 4.0.1 on npm HTTP Request escape output

A vulnerability, which was classified as critical, has been found in fastify-reply-from up to 4.0.1 on npm (NPM Package). This issue affects some unknown processing of the component HTTP Request Handler. Upgrading to version 4.0.2 eliminates this...
Auteur: VulDB

matrix-react-sdk up to 3.14.x on npm insufficient verification of data authenticity

A vulnerability classified as problematic was found in matrix-react-sdk up to 3.14.x on npm (JavaScript Library). This vulnerability affects an unknown code block. Upgrading to version 3.15.0 eliminates this vulnerability. Applying a patch is...
Auteur: VulDB

EPrints 3.4.2 Latex cgi/latex2png Remote Privilege Escalation

A vulnerability classified as critical has been found in EPrints 3.4.2. This affects an unknown code of the file cgi/latex2png?latex of the component Latex Handler. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

WPS Hide Login 1.6.1 post_password protection mechanism

A vulnerability was found in WPS Hide Login 1.6.1. It has been rated as critical. Affected by this issue is the function post_password. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

rakibtg Docker Dashboard API terminal.js command os command injection

A vulnerability was found in rakibtg Docker Dashboard (Virtualization Software) (affected version unknown). It has been declared as critical. Affected by this vulnerability is some unknown functionality of the file backend/utilities/terminal.js...
Auteur: VulDB

YMFE YApi up to 1.9.2 JSON Web Token random values

A vulnerability was found in YMFE YApi up to 1.9.2. It has been classified as problematic. Affected is an unknown functionality of the component JSON Web Token Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Veritas Backup Exec up to 21.1 TLS Communication improper authentication

A vulnerability was found in Veritas Backup Exec up to 21.1 (Backup Software) and classified as critical. This issue affects an unknown function of the component TLS Communication Handler. Upgrading to version 21.2 eliminates this vulnerability.
Auteur: VulDB

Veritas Backup Exec up to 21.1 SHA Authentication improper authentication

A vulnerability has been found in Veritas Backup Exec up to 21.1 (Backup Software) and classified as critical. This vulnerability affects some unknown processing of the component SHA Authentication. Upgrading to version 21.2 eliminates this...
Auteur: VulDB

Veritas Backup Exec up to 21.1 TLS Communication input improper authentication

A vulnerability, which was classified as critical, was found in Veritas Backup Exec up to 21.1 (Backup Software). This affects an unknown code block of the component TLS Communication Handler. Upgrading to version 21.2 eliminates this...
Auteur: VulDB

Doctor Appointment System 1.0 contactus.php lastname cross site scripting

A vulnerability, which was classified as problematic, has been found in Doctor Appointment System 1.0 (Appointment Software). Affected by this issue is an unknown code of the file contactus.php. There is no information about possible...
Auteur: VulDB

Doctor Appointment System 1.0 contactus.php comment cross site scripting

A vulnerability classified as problematic was found in Doctor Appointment System 1.0 (Appointment Software). Affected by this vulnerability is an unknown part of the file contactus.php. There is no information about possible countermeasures...
Auteur: VulDB

EPrints 3.4.2 cgi/toolbox/toolbox verb Remote Privilege Escalation

A vulnerability classified as critical has been found in EPrints 3.4.2. Affected is some unknown functionality of the file cgi/toolbox/toolbox. Applying a patch is able to eliminate this problem. The bugfix is ready for download at...
Auteur: VulDB

EPrints 3.4.2 JSON cgi/ajax/phrase Remote Privilege Escalation

A vulnerability was found in EPrints 3.4.2. It has been rated as critical. This issue affects an unknown functionality of the file cgi/ajax/phrase of the component JSON Handler. Applying a patch is able to eliminate this problem. The bugfix is...
Auteur: VulDB

EPrints 3.4.2 cgi/dataset_dictionary dataset cross site scripting

A vulnerability was found in EPrints 3.4.2. It has been declared as problematic. This vulnerability affects an unknown function of the file cgi/dataset_dictionary. Applying a patch is able to eliminate this problem. The bugfix is ready for...
Auteur: VulDB

EPrints 3.4.2 Latex cgi/cal os command injection

A vulnerability was found in EPrints 3.4.2. It has been classified as critical. This affects some unknown processing of the file cgi/cal?year of the component Latex Handler. Applying a patch is able to eliminate this problem. The bugfix is ready...
Auteur: VulDB

EPrints 3.4.2 cgi/cal cross site scripting

A vulnerability was found in EPrints 3.4.2 and classified as problematic. Affected by this issue is an unknown code block of the file cgi/cal. Applying a patch is able to eliminate this problem. The bugfix is ready for download at...
Auteur: VulDB

object-collider 1.0.0/1.0.1/1.0.2/1.0.3 Prototype code injection

A vulnerability has been found in object-collider 1.0.0/1.0.1/1.0.2/1.0.3 and classified as critical. Affected by this vulnerability is an unknown code of the component Prototype Handler. Applying a patch is able to eliminate this problem. The...
Auteur: VulDB

ONLYOFFICE DocumentServer up to 5.6.0.21 Server Module Remote Privilege Escalation

A vulnerability, which was classified as critical, was found in ONLYOFFICE DocumentServer up to 5.6.0.21. Affected is an unknown part of the component Server Module. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ONLYOFFICE DocumentServer up to 6.0.0 Core Module heap-based overflow

A vulnerability, which was classified as critical, has been found in ONLYOFFICE DocumentServer up to 6.0.0. This issue affects some unknown functionality of the component Core Module. There is no information about possible countermeasures known....
Auteur: VulDB

ONLYOFFICE DocumentServer up to 5.6.3 Core Module Remote Privilege Escalation

A vulnerability classified as critical was found in ONLYOFFICE DocumentServer up to 5.6.3. This vulnerability affects an unknown functionality of the component Core Module. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ONLYOFFICE DocumentServer up to 5.6.4 Core Module Remote Privilege Escalation

A vulnerability classified as critical has been found in ONLYOFFICE DocumentServer up to 5.6.4. This affects an unknown function of the component Core Module. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB
First78910111213141516Last

Événements SSI