vendredi 3 juillet 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

pdfalto 0.2 XmlAltoOutputDev.cc addAttributsNode memory corruption

A vulnerability was found in pdfalto 0.2 and classified as critical. This issue affects the function TextPage::addAttributsNode of the file XmlAltoOutputDev.cc. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

CMS Made Simple 2.2.7 Article moduleinterface.php m1_extra cross site scripting

A vulnerability has been found in CMS Made Simple 2.2.7 and classified as problematic. This vulnerability affects an unknown function of the file admin/moduleinterface.php of the component Article Handler. The manipulation of the argument...
Auteur: VulDB

CMS Made Simple 2.2.7 Article moduleinterface.php m1_news_url cross site scripting

A vulnerability, which was classified as problematic, was found in CMS Made Simple 2.2.7. This affects an unknown function of the file admin/moduleinterface.php of the component Article Handler. The manipulation of the argument m1_news_url as...
Auteur: VulDB

WAGO 750-881 up to 01.09.19(13) SNMP Configuration webserv/cplcfg/snmp.ssi SNMP_LOC_SNMP_CONT cross site scripting

A vulnerability, which was classified as problematic, has been found in WAGO 750-881 up to 01.09.19(13). Affected by this issue is an unknown function of the file webserv/cplcfg/snmp.ssi of the component SNMP Configuration. The manipulation of...
Auteur: VulDB

Foreman 1.18 Breadcrumbs Bar Stored cross site scripting

A vulnerability, which was classified as problematic, has been found in Foreman 1.18. This issue affects an unknown function of the component Breadcrumbs Bar. The manipulation with an unknown input leads to a cross site scripting vulnerability...
Auteur: VulDB

Cloud Foundry CF Networking Release up to 2.15.x API Endpoint sql injection

A vulnerability, which was classified as critical, was found in Cloud Foundry CF Networking Release up to 2.15.x. Affected is an unknown function of the component API Endpoint. The manipulation with an unknown input leads to a sql injection...
Auteur: VulDB

Palo Alto PAN-OS up to 8.1.3 GlobalProtect Portal cross site scripting

A vulnerability was found in Palo Alto PAN-OS up to 8.1.3. It has been classified as problematic. Affected is an unknown function of the component GlobalProtect Portal. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

NCCIC Releases Joint Alert on Worldwide Malicious Activity Using Publicly Available Tools

Original release date: October 11, 2018 In collaboration with the Australian Cyber Security Centre, the Canadian Centre for Cyber Security, the New Zealand National Cyber Security Centre, and the United Kingdom National Cyber Security...
Auteur: US Cert

CERTFR-2018-AVI-487 : Multiples vulnérabilités dans les produits Juniper (11 octobre 2018)

De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à...
Auteur: Cert FR

Juniper Networks Releases Security Updates

Original release date: October 10, 2018 Juniper Networks has released security updates to address vulnerabilities affecting multiple Junos OS versions. An attacker could exploit some of these vulnerabilities to take control of an affected...
Auteur: US Cert

Certification des compétences du DPO : la CNIL adopte deux référentiels

Afin de permettre l’identification des compétences et savoir-faire du délégué à la protection des données (DPO), la CNIL adopte deux référentiels en matière de certification de DPO.
Auteur: Cnil

Blueimp jQuery-File-Upload up to 9.22.0 File Upload privilege escalation

A vulnerability, which was classified as critical, was found in Blueimp jQuery-File-Upload up to 9.22.0. This affects an unknown function of the component File Upload. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

BageCMS 3.1.3 directory traversal [CVE-2018-18258]

A vulnerability, which was classified as problematic, has been found in BageCMS 3.1.3. Affected by this issue is an unknown function of the file index.php?r=admini/template/updateTpl&filename. The manipulation with an unknown input leads to a...
Auteur: VulDB

BageCMS 3.1.3 directory traversal [CVE-2018-18257]

A vulnerability classified as critical was found in BageCMS 3.1.3. Affected by this vulnerability is an unknown function of the file index.php?r=admini/template/batch&command=deleteFile&fileName. The manipulation with an unknown input leads to a...
Auteur: VulDB

youke365 1.1.5 admin/login.html Username sql injection

A vulnerability classified as critical has been found in youke365 1.1.5. Affected is an unknown function of the file admin/login.html. The manipulation as part of a Username leads to a sql injection vulnerability. CWE is classifying the issue as...
Auteur: VulDB

Pippo up to 1.11.0 XstreamEngine Code Execution

A vulnerability was found in Pippo up to 1.11.0. It has been rated as critical. This issue affects an unknown function of the component XstreamEngine. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code...
Auteur: VulDB

youke365 1.1.5 admin/user.html cross site request forgery

A vulnerability was found in youke365 1.1.5. It has been declared as problematic. This vulnerability affects an unknown function of the file admin/user.html. The manipulation with an unknown input leads to a cross site request forgery...
Auteur: VulDB

Delta Industrial Automation TPEditor up to 1.90 Project File Stack-based memory corruption

A vulnerability was found in Delta Industrial Automation TPEditor up to 1.90. It has been classified as critical. This affects an unknown function of the component Project File Handler. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

Delta Industrial Automation TPEditor up to 1.90 Project File Out-of-Bounds memory corruption

A vulnerability was found in Delta Industrial Automation TPEditor up to 1.90 and classified as critical. Affected by this issue is an unknown function of the component Project File Handler. The manipulation with an unknown input leads to a...
Auteur: VulDB

IBM Spectrum Symphony 7.2.0.2 Web UI cross site scripting

A vulnerability classified as problematic has been found in IBM Spectrum Symphony 7.2.0.2. This affects an unknown function of the component Web UI. The manipulation with an unknown input leads to a cross site scripting vulnerability. CWE is...
Auteur: VulDB

Dell Encryption/Endpoint Security Suite Enterprise Group Policy Bypass privilege escalation

A vulnerability was found in Dell Encryption and Endpoint Security Suite Enterprise (the affected version is unknown). It has been rated as problematic. Affected by this issue is an unknown function of the component Group Policy Handler. The...
Auteur: VulDB

Whale Browser up to 0.4.3.0 Installer privilege escalation

A vulnerability was found in Whale Browser up to 0.4.3.0. It has been declared as problematic. Affected by this vulnerability is an unknown function of the component Installer. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

IBM Security Key Lifecycle Manager 2.7/3.0 SKLM Server Restart denial of service

A vulnerability has been found in IBM Security Key Lifecycle Manager 2.7/3.0 and classified as problematic. Affected by this vulnerability is an unknown function of the component SKLM Server. The manipulation with an unknown input leads to a...
Auteur: VulDB

IBM Security Key Lifecycle Manager 2.6/2.7/3.0 Authentication Mechanism privilege escalation

A vulnerability, which was classified as critical, was found in IBM Security Key Lifecycle Manager 2.6/2.7/3.0. Affected is an unknown function of the component Authentication Mechanism. The manipulation with an unknown input leads to a...
Auteur: VulDB

IBM Spectrum LSF 9.1.1/9.1.2/9.1.3/10.1 File Permission privilege escalation

A vulnerability, which was classified as critical, has been found in IBM Spectrum LSF 9.1.1/9.1.2/9.1.3/10.1. This issue affects an unknown function of the component File Permission. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB
First1222122312241225122612271228122912301231Last

Événements SSI