Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Foxit PDF Reader 9.1.0.5096 Javascript Engine Use-After-Free memory corruption

A vulnerability classified as critical has been found in Foxit PDF Reader 9.1.0.5096. This affects an unknown function of the component Javascript Engine. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

Foxit PDF Reader 9.1.0.5096 Javascript Engine Use-After-Free memory corruption

A vulnerability was found in Foxit PDF Reader 9.1.0.5096. It has been rated as critical. Affected by this issue is an unknown function of the component Javascript Engine. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Foxit PDF Reader 9.1.0.5096 Javascript Engine PDF Document Use-After-Free memory corruption

A vulnerability was found in Foxit PDF Reader 9.1.0.5096. It has been declared as critical. Affected by this vulnerability is an unknown function of the component Javascript Engine. The manipulation as part of a PDF Document leads to a memory...
Auteur: VulDB

Foxit PDF Reader 9.1.0.5096 Javascript Engine PDF Document Use-After-Free memory corruption

A vulnerability was found in Foxit PDF Reader 9.1.0.5096. It has been classified as critical. Affected is an unknown function of the component Javascript Engine. The manipulation as part of a PDF Document leads to a memory corruption...
Auteur: VulDB

JEESNS 1.3 Incomplete Fix Request cross site scripting

A vulnerability was found in JEESNS 1.3 and classified as problematic. This issue affects an unknown function of the component Incomplete Fix. The manipulation as part of a Request leads to a cross site scripting vulnerability. Using CWE to...
Auteur: VulDB

Gwolle Guestbook up to 2.5.3 on WordPress gb-dashboard-widget.php PATH_INFO cross site scripting

A vulnerability has been found in Gwolle Guestbook up to 2.5.3 on WordPress and classified as problematic. This vulnerability affects an unknown function of the file admin/gb-dashboard-widget.php. The manipulation of the argument PATH_INFO with...
Auteur: VulDB

D-Link DIR-823G GoAhead Configuration /HNAP1 Shell Metacharacter command injection

A vulnerability, which was classified as critical, was found in D-Link DIR-823G (the affected version is unknown). This affects an unknown function of the file /HNAP1 of the component GoAhead Configuration. The manipulation as part of a Shell...
Auteur: VulDB

Zoho ManageEngine AssetExplorer 6.2.0 /AssetDef.do ciName/assetName cross site scripting

A vulnerability classified as problematic was found in Zoho ManageEngine AssetExplorer 6.2.0. Affected by this vulnerability is an unknown function of the file /AssetDef.do. The manipulation of the argument ciName/assetName as part of a...
Auteur: VulDB

Fork CMS 5.4.0 Backend /backend/ajax cross site scripting

A vulnerability classified as problematic has been found in Fork CMS 5.4.0. Affected is an unknown function of the file /backend/ajax of the component Backend. The manipulation with an unknown input leads to a cross site scripting vulnerability...
Auteur: VulDB

AirTies Air 5443v2 1.0.0.18 top.html productboardtype cross site scripting

A vulnerability was found in AirTies Air 5443v2 1.0.0.18. It has been rated as problematic. This issue affects an unknown function of the file top.html. The manipulation of the argument productboardtype as part of a Parameter leads to a cross...
Auteur: VulDB

AirTies Air 5453 1.0.0.18 top.html productboardtype cross site scripting

A vulnerability was found in AirTies Air 5453 1.0.0.18. It has been declared as problematic. This vulnerability affects an unknown function of the file top.html. The manipulation of the argument productboardtype as part of a Parameter leads to a...
Auteur: VulDB

AirTies Air 5343v2 1.0.0.18 top.html productboardtype cross site scripting

A vulnerability was found in AirTies Air 5343v2 1.0.0.18. It has been classified as problematic. This affects an unknown function of the file top.html. The manipulation of the argument productboardtype as part of a Parameter leads to a cross...
Auteur: VulDB

AirTies Air 5442 1.0.0.18 top.html productboardtype cross site scripting

A vulnerability was found in AirTies Air 5442 1.0.0.18 and classified as problematic. Affected by this issue is an unknown function of the file top.html. The manipulation of the argument productboardtype as part of a Parameter leads to a cross...
Auteur: VulDB

AirTies Air 5650 1.0.0.18 top.html productboardtype cross site scripting

A vulnerability has been found in AirTies Air 5650 1.0.0.18 and classified as problematic. Affected by this vulnerability is an unknown function of the file top.html. The manipulation of the argument productboardtype as part of a Parameter leads...
Auteur: VulDB

AirTies Air 5021 1.0.0.18 top.html productboardtype cross site scripting

A vulnerability, which was classified as problematic, was found in AirTies Air 5021 1.0.0.18. Affected is an unknown function of the file top.html. The manipulation of the argument productboardtype as part of a Parameter leads to a cross site...
Auteur: VulDB

AirTies Air 5750 1.0.0.18 top.html productboardtype cross site scripting

A vulnerability, which was classified as problematic, has been found in AirTies Air 5750 1.0.0.18. This issue affects an unknown function of the file top.html. The manipulation of the argument productboardtype as part of a Parameter leads to a...
Auteur: VulDB

Django 2.1.0/2.1.1 Password Hash information disclosure

A vulnerability classified as problematic was found in Django 2.1.0/2.1.1. This vulnerability affects an unknown function of the component Password Hash Handler. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

IBM Rational Quality Manager up to 6.0.6 Web UI cross site scripting

A vulnerability classified as problematic has been found in IBM Rational Quality Manager up to 6.0.6. This affects an unknown function of the component Web UI. The manipulation with an unknown input leads to a cross site scripting vulnerability....
Auteur: VulDB

IBM Rational Quality Manager up to 6.0.6 Web UI cross site scripting

A vulnerability was found in IBM Rational Quality Manager up to 6.0.6. It has been rated as problematic. Affected by this issue is an unknown function of the component Web UI. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

Adobe Releases Security Updates

Original release date: October 01, 2018 Adobe has released security updates to address multiple vulnerabilities in Adobe Acrobat and Reader. An attacker could exploit some of these vulnerabilities to take control of an affected...
Auteur: US Cert

CERTFR-2018-AVI-461 : Multiples vulnérabilités dans le noyau Linux de SUSE (01 octobre 2018)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un déni de service et une atteinte à la confidentialité des données.

Auteur: Cert FR

PTC ThingWorx Platform up to 8.2 SQUEAL Search Reflected cross site scripting

A vulnerability was found in PTC ThingWorx Platform up to 8.2 and classified as problematic. Affected by this issue is an unknown function of the component SQUEAL Search. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

PTC ThingWorx Platform up to 8.2 Default Key weak encryption

A vulnerability has been found in PTC ThingWorx Platform up to 8.2 and classified as critical. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a weak encryption vulnerability (Default Key)....
Auteur: VulDB

PTC ThingWorx Platform up to 8.2 Password Hash information disclosure

A vulnerability, which was classified as problematic, was found in PTC ThingWorx Platform up to 8.2. Affected is an unknown function of the component Password Hash Handler. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

WUZHI CMS 4.1.0 card.php groupname sql injection

A vulnerability was found in WUZHI CMS 4.1.0 and classified as critical. This issue affects an unknown function of the file coreframe/app/coupon/admin/card.php. The manipulation of the argument groupname as part of a Parameter leads to a sql...
Auteur: VulDB
First1308130913101311131213131314131513161317Last

Événements SSI