Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

grub2 Config File Parser grub.cfg memory corruption

A vulnerability was found in grub2 (unknown version) and classified as critical. This issue affects an unknown code block of the file grub.cfg of the component Config File Parser. Upgrading eliminates this vulnerability.
Auteur: VulDB

Magento up to 2.3.5-p1 DOM-Based cross site scripting

A vulnerability, which was classified as problematic, was found in Magento up to 2.3.5-p1. This affects an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Magento up to 2.3.5-p1 Signature Verification Timing information disclosure

A vulnerability, which was classified as problematic, has been found in Magento up to 2.3.5-p1. Affected by this issue is some unknown functionality of the component Signature Verification Handler. There is no information about possible...
Auteur: VulDB

Magento up to 2.3.5-p1 Code Execution directory traversal

A vulnerability classified as critical was found in Magento up to 2.3.5-p1. Affected by this vulnerability is an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Kubernetes up to 0.27.x ingress-nginx privilege escalation

A vulnerability classified as problematic has been found in Kubernetes up to 0.27.x (Virtualization Software). Affected is an unknown function of the component ingress-nginx. Upgrading to version 0.28.0 eliminates this vulnerability.
Auteur: VulDB

Gerapy up to 0.9.2 popen unknown vulnerability

A vulnerability was found in Gerapy up to 0.9.2. It has been rated as critical. Upgrading to version 0.9.3 eliminates this vulnerability.
Auteur: VulDB

mock2easy _data command injection

A vulnerability was found in mock2easy (the affected version is unknown). It has been declared as critical. This vulnerability affects an unknown code block. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

freeDiameter 1.3.2 Request denial of service

A vulnerability was found in freeDiameter 1.3.2. It has been classified as problematic. This affects an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

KonaWiki up to 3.1.0 directory traversal [CVE-2020-5614]

A vulnerability was found in KonaWiki up to 3.1.0 (Content Management System) and classified as critical. Affected by this issue is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

KonaWiki up to 3.1.0 URL cross site scripting

A vulnerability has been found in KonaWiki up to 3.1.0 and classified as problematic. Affected by this vulnerability is some unknown functionality of the component URL Handler. There is no information about possible countermeasures known. It may...
Auteur: VulDB

KonaWiki up to 2.2.0 URL cross site scripting

A vulnerability, which was classified as problematic, was found in KonaWiki up to 2.2.0. Affected is an unknown functionality of the component URL Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Dell EMC OpenManage Server Administrator up to 9.4 Web API API Request directory traversal

A vulnerability, which was classified as critical, has been found in Dell EMC OpenManage Server Administrator up to 9.4. This issue affects an unknown function of the component Web API. There is no information about possible countermeasures...
Auteur: VulDB

IBM Planning Analytics up to 2.0.9.1 Web UI cross site scripting

A vulnerability classified as problematic was found in IBM Planning Analytics up to 2.0.9.1. This vulnerability affects some unknown processing of the component Web UI. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

IBM Planning Analytics up to 2.0.9.1 Clickjacking privilege escalation

A vulnerability classified as critical has been found in IBM Planning Analytics up to 2.0.9.1. This affects an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

IBM Tivoli Key Lifecycle Manager weak authentication [CVE-2020-4574]

A vulnerability was found in IBM Tivoli Key Lifecycle Manager (affected version not known). It has been rated as problematic. Affected by this issue is an unknown code. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

IBM Tivoli Key Lifecycle Manager 3.0.1/4.0 HTTP Requests information disclosure

A vulnerability was found in IBM Tivoli Key Lifecycle Manager 3.0.1/4.0. It has been declared as problematic. Affected by this vulnerability is an unknown part. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

IBM Tivoli Key Lifecycle Manager 3.0.1/4.0 Error Message information disclosure

A vulnerability was found in IBM Tivoli Key Lifecycle Manager 3.0.1/4.0 (Directory Service Software). It has been classified as problematic. Affected is some unknown functionality of the component Error Message Handler. There is no information...
Auteur: VulDB

IBM Tivoli Key Lifecycle Manager 3.0.1/4.0 Protection Mechanism privilege escalation

A vulnerability was found in IBM Tivoli Key Lifecycle Manager 3.0.1/4.0 (Directory Service Software) and classified as critical. This issue affects an unknown functionality of the component Protection Mechanism. There is no information about...
Auteur: VulDB

IBM Tivoli Key Lifecycle Manager 3.0.1/4.0 Account Lockout weak authentication

A vulnerability has been found in IBM Tivoli Key Lifecycle Manager 3.0.1/4.0 (Directory Service Software) and classified as problematic. This vulnerability affects an unknown function of the component Account Lockout. There is no information...
Auteur: VulDB

IBM Maximo Asset Management 7.6.0.1/7.6.0.2 XML Data XML External Entity

A vulnerability, which was classified as critical, was found in IBM Maximo Asset Management 7.6.0.1/7.6.0.2 (Asset Management Software). This affects some unknown processing of the component XML Data Handler. There is no information about...
Auteur: VulDB

SICK Package Analytics 04.1.1 Configuration File Credentials information disclosure

A vulnerability, which was classified as problematic, has been found in SICK Package Analytics 04.1.1. Affected by this issue is an unknown code block of the component Configuration File Handler. There is no information about possible...
Auteur: VulDB

SICK Package Analytics 04.0.0 REST API information disclosure

A vulnerability classified as problematic was found in SICK Package Analytics 04.0.0. Affected by this vulnerability is an unknown code of the component REST API. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

SICK Package Analytics 04.0.0 REST API weak authentication

A vulnerability classified as critical has been found in SICK Package Analytics 04.0.0. Affected is an unknown part of the component REST API. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

dlf Extension up to 3.1.1 on TYPO3 cross site scripting [CVE-2020-16095]

A vulnerability was found in dlf Extension up to 3.1.1 on TYPO3. It has been rated as problematic. This issue affects some unknown functionality. Upgrading to version 3.1.2 eliminates this vulnerability.
Auteur: VulDB

Claws Mail up to 3.17.6 IMAP Server imap_scan_tree_recursive memory corruption

A vulnerability was found in Claws Mail up to 3.17.6 (Mail Client Software). It has been declared as critical. This vulnerability affects the function imap_scan_tree_recursive of the component IMAP Server Handler. There is no information about...
Auteur: VulDB
First9101112131415161718Last

Événements SSI

Article does not exist or Permission Denied.