Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

libpano13 up to 2.9.20~rc2+dfsg-3 panoFileOutputNamesCreate format string

A vulnerability was found in libpano13 up to 2.9.20~rc2+dfsg-3 and classified as critical. This issue affects the function panoFileOutputNamesCreate. Upgrading eliminates this vulnerability. The upgrade is hosted for download at sourceforge.net.
Auteur: VulDB

Nettle up to 3.7.1 signature verification [CVE-2021-20305]

A vulnerability has been found in Nettle up to 3.7.1 and classified as problematic. This vulnerability affects an unknown code block. Upgrading to version 3.7.2 eliminates this vulnerability.
Auteur: VulDB

Core FTP Server 1.2 username buffer overflow

A vulnerability, which was classified as critical, was found in Core FTP Server 1.2 (File Transfer Software). This affects an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Core FTP Server 2 Build 697 username buffer overflow

A vulnerability, which was classified as critical, has been found in Core FTP Server 2 Build 697 (File Transfer Software). Affected by this issue is an unknown part. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

WSO2 Management Console up to 5.10 carbon/admin/login.jsp msgId cross site scripting

A vulnerability classified as problematic was found in WSO2 Management Console up to 5.10. Affected by this vulnerability is some unknown functionality of the file carbon/admin/login.jsp. There is no information about possible countermeasures...
Auteur: VulDB

IBM InfoSphere Information Server 11.7 Web UI cross site scripting

A vulnerability classified as problematic has been found in IBM InfoSphere Information Server 11.7 (Reporting Software). Affected is an unknown functionality of the component Web UI. There is no information about possible countermeasures known....
Auteur: VulDB

IBM Edge 4.2 Web UI cross site scripting

A vulnerability was found in IBM Edge 4.2. It has been rated as problematic. This issue affects an unknown function of the component Web UI. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Froala Editor 3.2.6 Hyperlink Creation Module cross site scripting

A vulnerability was found in Froala Editor 3.2.6. It has been declared as problematic. This vulnerability affects some unknown processing of the component Hyperlink Creation Module. There is no information about possible countermeasures known. It...
Auteur: VulDB

Knowage Suite up to 7.3 execute SBI_HOST cross site scripting

A vulnerability was found in Knowage Suite up to 7.3. It has been classified as problematic. This affects an unknown code block of the file /knowagecockpitengine/api/1.0/pages/execute. Upgrading to version 7.4 eliminates this vulnerability.
Auteur: VulDB

Knowage Suite 7.1 analyticalDrivers LABEL/NAME cross site scripting

A vulnerability was found in Knowage Suite 7.1 and classified as problematic. Affected by this issue is an unknown code of the file /restful-services/2.0/analyticalDrivers. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Knowage Suite up to 7.3 publish EXEC_FROM cross site scripting

A vulnerability has been found in Knowage Suite up to 7.3 and classified as problematic. Affected by this vulnerability is an unknown part of the file /restful-services/publish. Upgrading to version 7.4 eliminates this vulnerability.
Auteur: VulDB

Knowage Suite 7.1 URL Analytics Driver par_year sql injection

A vulnerability, which was classified as critical, was found in Knowage Suite 7.1. Affected is some unknown functionality of the component URL Analytics Driver. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Mark Text up to 0.16.3 md File cross site scripting

A vulnerability, which was classified as problematic, has been found in Mark Text up to 0.16.3. This issue affects an unknown functionality of the component md File Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Svelte Extension up to 104.7.x on Visual Studio Workspace Configuration unknown vulnerability

A vulnerability classified as problematic was found in Svelte Extension up to 104.7.x on Visual Studio. This vulnerability affects an unknown function of the component Workspace Configuration Handler. Upgrading to version 104.8.0 eliminates this...
Auteur: VulDB

VSCodeVim up to 1.18.x Workspace Configuration unknown vulnerability

A vulnerability classified as problematic has been found in VSCodeVim up to 1.18.x. This affects some unknown processing of the component Workspace Configuration Handler. Upgrading to version 1.19.0 eliminates this vulnerability. Applying a patch...
Auteur: VulDB

TerraMaster F2-210 up to 2021-04-03 UPnP information disclosure

A vulnerability was found in TerraMaster F2-210 up to 2021-04-03. It has been rated as problematic. Affected by this issue is an unknown code block of the component UPnP. It is possible to mitigate the problem by applying the configuration...
Auteur: VulDB

Dell Wyse Management Suite up to 3.2 Job Status Retrieval Page denial of service

A vulnerability was found in Dell Wyse Management Suite up to 3.2. It has been declared as problematic. Affected by this vulnerability is an unknown code of the component Job Status Retrieval Page. There is no information about possible...
Auteur: VulDB

Dell Wyse ThinOS 8.6 Management Server certificate validation

A vulnerability was found in Dell Wyse ThinOS 8.6. It has been classified as critical. Affected is an unknown part of the component Management Server. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Dell System Update up to 1.9 resource consumption [CVE-2021-21529]

A vulnerability was found in Dell System Update up to 1.9 and classified as problematic. This issue affects some unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

RStudio Shiny Server up to 1.5.15 pathname traversal [CVE-2021-3374]

A vulnerability has been found in RStudio Shiny Server up to 1.5.15 and classified as critical. This vulnerability affects an unknown functionality. Upgrading to version 1.5.16 eliminates this vulnerability. The upgrade is hosted for download at...
Auteur: VulDB

Lightmeter ControlCenter up to 1.5.0 Setting HTTP Query information disclosure

A vulnerability, which was classified as problematic, was found in Lightmeter ControlCenter up to 1.5.0. This affects an unknown function of the component Setting HTTP Query Handler. Upgrading to version 1.5.1 eliminates this vulnerability. The...
Auteur: VulDB

Webiness Jamf Pro up to 10.27.x Inventory History cross site scripting

A vulnerability, which was classified as problematic, has been found in Webiness Jamf Pro up to 10.27.x. Affected by this issue is some unknown processing of the component Inventory History. Upgrading to version 10.28.0 eliminates this...
Auteur: VulDB

docsify 4.12.1 Code Block cross site scripting

A vulnerability classified as problematic was found in docsify 4.12.1. Affected by this vulnerability is an unknown code block of the component Code Block Handler. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

D-Link DIR-878 1.30B08 prog.cgi strcat stack-based overflow

A vulnerability classified as critical has been found in D-Link DIR-878 1.30B08 (Router Operating System). Affected is the function strcat of the file prog.cgi. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Softing OPC Toolbox up to 4.10.1.13035 Trace File /en/diag_values.html ITEMLISTVALUES##ITEMID cross site scripting

A vulnerability was found in Softing OPC Toolbox up to 4.10.1.13035. It has been rated as problematic. This issue affects an unknown part of the file /en/diag_values.html of the component Trace File Handler. There is no information about possible...
Auteur: VulDB
First891011121314151617Last

Événements SSI