Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Rocketgenius Gravity Forms up to 2.4.20 Poll/Quiz cross site scripting

A vulnerability classified as problematic has been found in Rocketgenius Gravity Forms up to 2.4.20. This affects an unknown function of the component Poll/Quiz. Upgrading to version 2.4.21 eliminates this vulnerability.
Auteur: VulDB

Rocketgenius Gravity Forms up to 2.4.20 on WordPress Forms Import cross site scripting

A vulnerability was found in Rocketgenius Gravity Forms up to 2.4.20 on WordPress (WordPress Plugin). It has been rated as problematic. Affected by this issue is some unknown processing of the component Forms Import. Upgrading to version 2.4.21...
Auteur: VulDB

Nagios Log Server up to 2.1.7 create_snapshot snapshot_name cross site scripting

A vulnerability was found in Nagios Log Server up to 2.1.7 (Log Management Software). It has been declared as problematic. Affected by this vulnerability is an unknown code block of the file /nagioslogserver/configure/create_snapshot. There is no...
Auteur: VulDB

OpenEMR up to 5.0.1 /controller.php unrestricted upload

A vulnerability was found in OpenEMR up to 5.0.1 (Business Process Management Software). It has been classified as critical. Affected is an unknown code of the file /controller.php. There is no information about possible countermeasures known. It...
Auteur: VulDB

vTiger CRM 7.2.0 /libraries information disclosure

A vulnerability was found in vTiger CRM 7.2.0 (Customer Relationship Management System) and classified as problematic. This issue affects an unknown part of the file /libraries. There is no information about possible countermeasures known. It may...
Auteur: VulDB

vTiger CRM up to 7.2.0 vtigercrm/index.php view cross site scripting

A vulnerability has been found in vTiger CRM up to 7.2.0 (Customer Relationship Management System) and classified as problematic. This vulnerability affects some unknown functionality of the file vtigercrm/index.php. There is no information about...
Auteur: VulDB

Medintux 2.16.000 CCAM.php mot1 cross site scripting

A vulnerability, which was classified as problematic, was found in Medintux 2.16.000. This affects an unknown functionality of the file CCAM.php. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

FHEM 6.0 fhem/FileLog_logWrapper file information disclosure

A vulnerability, which was classified as problematic, has been found in FHEM 6.0. Affected by this issue is an unknown function of the file fhem/FileLog_logWrapper. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Tufin SecureChange up to 19.3 HF2/R20-1 cross site scripting

A vulnerability classified as problematic was found in Tufin SecureChange up to 19.3 HF2/R20-1. Affected by this vulnerability is some unknown processing. Applying the patch R19.3 HF3/R20-1 HF1 is able to eliminate this problem.
Auteur: VulDB

Tufin SecureChange up to 19.3 HF2/R20-1 cross site scripting

A vulnerability classified as problematic has been found in Tufin SecureChange up to 19.3 HF2/R20-1. Affected is an unknown code block. Applying the patch R19.3 HF3/R20-1 HF1 is able to eliminate this problem.
Auteur: VulDB

Apple iOS/iPadOS up to 13.x XPC Service launchd access control

A vulnerability was found in Apple iOS and iPadOS up to 13.x (Smartphone Operating System). It has been rated as critical. This issue affects an unknown code of the file launchd of the component XPC Service. Upgrading to version 14.0 eliminates...
Auteur: VulDB

Apple macOS XPC Service launchd access control

A vulnerability was found in Apple macOS (Operating System) (the affected version is unknown). It has been declared as critical. This vulnerability affects an unknown part of the file launchd of the component XPC Service. Upgrading eliminates...
Auteur: VulDB

Laravel up to 6.20.10/7.30.1/8.22.0 Iilluminate Database Package injection

A vulnerability was found in Laravel up to 6.20.10/7.30.1/8.22.0. It has been classified as critical. This affects some unknown functionality of the component Iilluminate Database Package. Upgrading to version 6.20.11, 7.30.2 or 8.22.1 eliminates...
Auteur: VulDB

My AIA SG App 1.2.6 on Android logcat log file

A vulnerability was found in My AIA SG App 1.2.6 on Android (Android App Software) and classified as problematic. Affected by this issue is an unknown functionality of the component logcat. There is no information about possible countermeasures...
Auteur: VulDB

Stockdio Historical Chart Plugin up to 2.8.0 on WordPress stockdio_chart_historical-wp.js postMessage cross site scripting

A vulnerability has been found in Stockdio Historical Chart Plugin up to 2.8.0 on WordPress (WordPress Plugin) and classified as problematic. Affected by this vulnerability is the function postMessage of the file...
Auteur: VulDB

SOOIL Diabecare RS/AnyDana-i/AnyDana-A prior 3.0 Bluetooth LE authentication replay

A vulnerability, which was classified as critical, was found in SOOIL Diabecare RS, AnyDana-i and AnyDana-A (Medical Device Software). Affected is some unknown processing of the component Bluetooth LE Handler. Upgrading to version 3.0 eliminates...
Auteur: VulDB

SOOIL Diabecare RS/AnyDana-i/AnyDana-A up to 2.x Bluetooth LE information disclosure

A vulnerability, which was classified as problematic, has been found in SOOIL Diabecare RS, AnyDana-i and AnyDana-A up to 2.x. This issue affects an unknown code block of the component Bluetooth LE Handler. Upgrading to version 3.0 eliminates...
Auteur: VulDB

SOOIL Diabecare RS/AnyDana-i/AnyDana-A up to 2.x Bluetooth LE improper authentication

A vulnerability classified as critical was found in SOOIL Diabecare RS, AnyDana-i and AnyDana-A up to 2.x (Medical Device Software). This vulnerability affects an unknown code of the component Bluetooth LE Handler. Upgrading to version 3.0...
Auteur: VulDB

SOOIL Diabecare RS/AnyDana-i/AnyDana-A up to 2.x Bluetooth LE random values

A vulnerability classified as problematic has been found in SOOIL Diabecare RS, AnyDana-i and AnyDana-A up to 2.x (Medical Device Software). This affects an unknown part of the component Bluetooth LE Handler. Upgrading to version 3.0 eliminates...
Auteur: VulDB

SOOIL Diabecare RS/AnyDana-i/AnyDana-A up to 2.x Bluetooth LE insufficiently protected credentials

A vulnerability was found in SOOIL Diabecare RS, AnyDana-i and AnyDana-A up to 2.x (Medical Device Software). It has been rated as critical. Affected by this issue is some unknown functionality of the component Bluetooth LE Handler. Upgrading to...
Auteur: VulDB

SOOIL Diabecare RS/AnyDana-i/AnyDana-A up to 2.x Physician Menu hard-coded credentials

A vulnerability was found in SOOIL Diabecare RS, AnyDana-i and AnyDana-A up to 2.x (Medical Device Software). It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Physician Menu. Upgrading...
Auteur: VulDB

Simple DirectMedia Layer up to 2.0.12 BMP File video/SDL_blit_N.c Blit_3or4_to_3or4__inversed_rgb heap-based overflow

A vulnerability was found in Simple DirectMedia Layer up to 2.0.12. It has been classified as critical. Affected is the function Blit_3or4_to_3or4__inversed_rgb of the file video/SDL_blit_N.c of the component BMP File Handler. There is no...
Auteur: VulDB

Simple DirectMedia Layer up to 2.0.12 BMP File video/SDL_blit_copy.c SDL_BlitCopy integer overflow

A vulnerability was found in Simple DirectMedia Layer up to 2.0.12 and classified as critical. This issue affects the function SDL_BlitCopy of the file video/SDL_blit_copy.c of the component BMP File Handler. There is no information about...
Auteur: VulDB

Apache Guacamole up to 1.2.0 Connection History permission

A vulnerability has been found in Apache Guacamole up to 1.2.0 and classified as critical. This vulnerability affects an unknown code block of the component Connection History. There is no information about possible countermeasures known. It may...
Auteur: VulDB

QEMU ATAPI Emulator out-of-bounds read [CVE-2020-29443]

A vulnerability, which was classified as problematic, was found in QEMU (Virtualization Software) (the affected version unknown). This affects an unknown code of the component ATAPI Emulator. Applying a patch is able to eliminate this problem....
Auteur: VulDB
First78910111213141516Last

Événements SSI