Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

tmux up to 2.8 format.c format_cb_pane_tabs denial of service

A vulnerability was found in tmux up to 2.8. It has been rated as problematic. This issue affects the function format_cb_pane_tabs of the file format.c. The manipulation with an unknown input leads to a denial of service vulnerability (NULL...
Auteur: VulDB

GreenCMS 2.3.0603 Log File index.php cross site request forgery

A vulnerability was found in GreenCMS 2.3.0603. It has been declared as problematic. This vulnerability affects an unknown function of the file index.php?m=admin&c=data&a=clear of the component Log File Handler. The manipulation with an unknown...
Auteur: VulDB

Royal Browser Extensions TS Credentials information disclosure

A vulnerability was found in Royal Browser Extensions TS and Royal Browser Extensions TSX (the affected version unknown). It has been classified as problematic. This affects an unknown function. The manipulation with an unknown input leads to a...
Auteur: VulDB

Loadbalancer.org Enterprise VA MAX up to 8.3.2 Apache HTTP Server Log cross site scripting

A vulnerability was found in Loadbalancer.org Enterprise VA MAX up to 8.3.2 and classified as problematic. Affected by this issue is an unknown function of the component Apache HTTP Server Log Handler. The manipulation with an unknown input...
Auteur: VulDB

PCMan FTP Server 2.0.7 APPE Command Code Execution memory corruption

A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this vulnerability is an unknown function of the component APPE Command Handler. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

LiquidVPN Client up to 1.37 on MacOS XPC Service kextload() tun_path/tap_path privilege escalation

A vulnerability, which was classified as critical, was found in LiquidVPN Client up to 1.37 on MacOS. Affected is the function kextload() of the component XPC Service. The manipulation of the argument tun_path/tap_path with an unknown input...
Auteur: VulDB

LiquidVPN Client up to 1.37 XPC Service tun_path/tap_path OS Command Injection privilege escalation

A vulnerability, which was classified as critical, has been found in LiquidVPN Client up to 1.37. This issue affects an unknown function of the component XPC Service. The manipulation of the argument tun_path/tap_path with an unknown input leads...
Auteur: VulDB

LiquidVPN Client up to 1.37 on macos XPC Service command_line OS Command Injection privilege escalation

A vulnerability classified as critical was found in LiquidVPN Client up to 1.37 on macos. This vulnerability affects an unknown function of the component XPC Service. The manipulation of the argument command_line as part of a Parameter leads to...
Auteur: VulDB

LiquidVPN Client up to 1.37 on MacOS XPC Service openvpncmd OS Command Injection privilege escalation

A vulnerability classified as critical has been found in LiquidVPN Client up to 1.37 on MacOS. This affects an unknown function of the component XPC Service. The manipulation of the argument openvpncmd as part of a Parameter leads to a privilege...
Auteur: VulDB

CWP CentOS Web Panel up to 0.9.8.740 admin/index.php module cross site scripting

A vulnerability was found in CWP CentOS Web Panel up to 0.9.8.740. It has been rated as problematic. Affected by this issue is an unknown function of the file admin/index.php. The manipulation of the argument module as part of a Parameter leads...
Auteur: VulDB

CWP CentOS Web Panel up to 0.9.8.740 index.php cross site request forgery

A vulnerability was found in CWP CentOS Web Panel up to 0.9.8.740. It has been declared as problematic. Affected by this vulnerability is an unknown function of the file admin/index.php?module=rootpwd. The manipulation with an unknown input...
Auteur: VulDB

CWP CentOS Web Panel up to 0.9.8.740 index.php cross site request forgery

A vulnerability was found in CWP CentOS Web Panel up to 0.9.8.740. It has been classified as problematic. Affected is an unknown function of the file admin/index.php?module=send_ssh. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

Zoho ManageEngine OpManager up to 12.3 cross site scripting [CVE-2018-18716]

A vulnerability was found in Zoho ManageEngine OpManager up to 12.3 and classified as problematic. This issue affects an unknown function. The manipulation with an unknown input leads to a cross site scripting vulnerability. Using CWE to declare...
Auteur: VulDB

Zoho ManageEngine OpManager up to 12.3 Stored cross site scripting

A vulnerability has been found in Zoho ManageEngine OpManager up to 12.3 and classified as problematic. This vulnerability affects an unknown function. The manipulation with an unknown input leads to a cross site scripting vulnerability...
Auteur: VulDB

Foxit Reader 9.3.0.10826 TIFF Data FoxitReader.exe FCP_SendEmailNotification denial of service

A vulnerability, which was classified as problematic, has been found in Foxit Reader 9.3.0.10826. Affected by this issue is the function ConvertToPDF_x86!ConnectedPDF::ConnectedPDFSDK::FCP_SendEmailNotification of the file FoxitReader.exe of the...
Auteur: VulDB

Foxit Reader 9.3.0.10826 BMP Data FoxitReader.exe FCP_SendEmailNotification denial of service

A vulnerability classified as problematic was found in Foxit Reader 9.3.0.10826. Affected by this vulnerability is the function ConvertToPDF_x86!ConnectedPDF::ConnectedPDFSDK::FCP_SendEmailNotification of the file FoxitReader.exe of the component...
Auteur: VulDB

Foxit Reader 9.3.0.10826 TIFF Data FoxitReader.exe ConvertToPDF_x86!ReleaseFXURLToHtml memory corruption

A vulnerability classified as critical has been found in Foxit Reader 9.3.0.10826. Affected is the function ConvertToPDF_x86!ReleaseFXURLToHtml of the file FoxitReader.exe of the component TIFF Data Handler. The manipulation with an unknown...
Auteur: VulDB

Adobe Flash Player up to 31.0.0.148 Type Confusion memory corruption

A vulnerability, which was classified as critical, has been found in Adobe Flash Player up to 31.0.0.148. Affected by this issue is an unknown function. The manipulation with an unknown input leads to a memory corruption vulnerability (Type...
Auteur: VulDB

VMware vSphere Data Protection up to 6.0.8/6.1.9 OS Command Injection privilege escalation

A vulnerability has been found in VMware vSphere Data Protection up to 6.0.8/6.1.9 and classified as critical. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

VMware vSphere Data Protection up to 6.0.8/6.1.9 Java Management Client Private Key information disclosure

A vulnerability, which was classified as problematic, was found in VMware vSphere Data Protection up to 6.0.8/6.1.9. Affected is an unknown function of the component Java Management Client. The manipulation with an unknown input leads to a...
Auteur: VulDB

VMware vSphere Data Protection up to 6.0.8/6.1.9 URL Open Redirect

A vulnerability, which was classified as critical, has been found in VMware vSphere Data Protection up to 6.0.8/6.1.9. This issue affects an unknown function of the component URL Handler. The manipulation with an unknown input leads to a...
Auteur: VulDB

VMware vSphere Data Protection up to 6.0.8/6.1.9 Remote Code Execution

A vulnerability classified as critical was found in VMware vSphere Data Protection up to 6.0.8/6.1.9. This vulnerability affects an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code...
Auteur: VulDB

GNOME Seahorse up to 3.30 quickAllow Password information disclosure

A vulnerability was found in GNOME Seahorse up to 3.30. It has been rated as problematic. Affected by this issue is an unknown function of the component quickAllow Handler. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

Customer Files Upload Addon 1.5/1.6/1.7 on PrestaShop upload.php PHP File privilege escalation

A vulnerability, which was classified as critical, was found in Customer Files Upload Addon 1.5/1.6/1.7 on PrestaShop. Affected is an unknown function of the file modules/orderfiles/ajax/upload.php. The manipulation as part of a PHP File leads...
Auteur: VulDB

Apache Spark Request Code Execution [CVE-2018-17190]

A vulnerability was found in Apache Spark (unknown version). It has been rated as critical. This issue affects an unknown function. The manipulation as part of a Request leads to a privilege escalation vulnerability (Code Execution). Using CWE...
Auteur: VulDB
First1480148114821483148414851486148714881489Last

Événements SSI