Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

openmptcprouter-vps-admin up to 0.57.3 omr-admin.py timing discrepancy

A vulnerability has been found in openmptcprouter-vps-admin up to 0.57.3 (Router Operating System) and classified as problematic. Affected by this vulnerability is an unknown code block of the file omr-admin.py. Applying a patch is able to...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition 13.7 Dependency Proxy unknown vulnerability

A vulnerability, which was classified as critical, was found in GitLab Community Edition and Enterprise Edition 13.7 (Bug Tracking Software). Affected is an unknown code of the component Dependency Proxy. There is no information about possible...
Auteur: VulDB

ShapeShift KeepKey Hardware Wallet up to 7.0.x Message ethereum.c ethereum_extractThorchainSwapData buffer overflow

A vulnerability, which was classified as critical, has been found in ShapeShift KeepKey Hardware Wallet up to 7.0.x. This issue affects the function ethereum_extractThorchainSwapData of the file ethereum.c of the component Message Handler....
Auteur: VulDB

NXP LPC55S6x ROM Patch Peripheral access control [CVE-2021-31532]

A vulnerability classified as critical was found in NXP LPC55S6x, i.MX RT500, i.MX RT600, LPC55S6x, LPC55S2x, LPC552x, LPC55S1x and LPC551x. This vulnerability affects some unknown functionality of the component ROM Patch Peripheral. There is no...
Auteur: VulDB

Vaadin up to 8.12.4 EmailValidator resource consumption

A vulnerability classified as problematic has been found in Vaadin up to 8.12.4. This affects an unknown functionality of the component EmailValidator. Applying a patch is able to eliminate this problem. The bugfix is ready for download at...
Auteur: VulDB

Jellyfin up to 10.7.2 API Endpoint Download imageUrl server-side request forgery

A vulnerability was found in Jellyfin up to 10.7.2. It has been rated as critical. Affected by this issue is an unknown function of the file /Items/*/RemoteImages/Download of the component API Endpoint. Upgrading to version 10.7.3 eliminates this...
Auteur: VulDB

Business Directory Plugin up to 5.11.0 on WordPress cross-site request forgery

A vulnerability was found in Business Directory Plugin up to 5.11.0 on WordPress (WordPress Plugin). It has been declared as problematic. Affected by this vulnerability is some unknown processing. Upgrading to version 5.11.1 eliminates this...
Auteur: VulDB

Business Directory Plugin up to 5.11.1 on WordPress cross-site request forgery

A vulnerability was found in Business Directory Plugin up to 5.11.1 on WordPress (WordPress Plugin). It has been classified as problematic. Affected is an unknown code block. Upgrading to version 5.11.2 eliminates this vulnerability.
Auteur: VulDB

Business Directory Plugin up to 5.11.1 on WordPress Form Field cross site scripting

A vulnerability was found in Business Directory Plugin up to 5.11.1 on WordPress (WordPress Plugin) and classified as problematic. This issue affects an unknown code of the component Form Field Handler. Upgrading to version 5.11.2 eliminates this...
Auteur: VulDB

Business Directory Plugin up to 5.11.1 on WordPress cross-site request forgery

A vulnerability has been found in Business Directory Plugin up to 5.11.1 on WordPress (WordPress Plugin) and classified as problematic. This vulnerability affects an unknown part. Upgrading to version 5.11.2 eliminates this vulnerability.
Auteur: VulDB

Contact Form Check Tester Plugin up to 1.0.2 on WordPress Dashboard cross site scripting

A vulnerability, which was classified as problematic, was found in Contact Form Check Tester Plugin up to 1.0.2 on WordPress (WordPress Plugin). This affects some unknown functionality of the component Dashboard. There is no information about...
Auteur: VulDB

Workscout Core Plugin up to 1.3.3 on WordPress AJAX Action workscout_send_message_chat cross site scripting

A vulnerability, which was classified as problematic, has been found in Workscout Core Plugin up to 1.3.3 on WordPress (WordPress Plugin). Affected by this issue is the function workscout_send_message_chat of the component AJAX Action Handler....
Auteur: VulDB

Stop Spammers Plugin prior 2021.9 on WordPress cross site scripting

A vulnerability classified as problematic was found in Stop Spammers Plugin on WordPress (WordPress Plugin). Affected by this vulnerability is an unknown function. Upgrading to version 2021.9 eliminates this vulnerability.
Auteur: VulDB

WPBakery Page Builder Clipboard Plugin up to 4.5.5 on WordPress AJAX Action cross site scripting

A vulnerability classified as problematic has been found in WPBakery Page Builder Clipboard Plugin up to 4.5.5 on WordPress (WordPress Plugin). Affected is some unknown processing of the component AJAX Action Handler. Upgrading to version 4.5.6...
Auteur: VulDB

WPBakery Page Builder Clipboard Plugin up to 4.5.7 on WordPress AJAX Action authorization

A vulnerability was found in WPBakery Page Builder Clipboard Plugin up to 4.5.7 on WordPress (WordPress Plugin). It has been rated as problematic. This issue affects an unknown code block of the component AJAX Action Handler. Upgrading to version...
Auteur: VulDB

OpenID Connect Generic Client Plugin 3.8.0/3.8.1 on WordPress cross site scripting

A vulnerability was found in OpenID Connect Generic Client Plugin 3.8.0/3.8.1 on WordPress (WordPress Plugin). It has been declared as problematic. This vulnerability affects an unknown code. There is no information about possible countermeasures...
Auteur: VulDB

Business Directory Plugin & Easy Listing Directories cross-site request forgery

A vulnerability was found in Business Directory Plugin & Easy Listing Directories up to 5.10 on WordPress (WordPress Plugin). It has been classified as problematic. This affects an unknown part. Upgrading to version 5.11 eliminates this...
Auteur: VulDB

stdlib ipaddress up to 3.10 on Python input validation [CVE-2021-29921]

A vulnerability was found in stdlib ipaddress up to 3.10 on Python and classified as critical. Affected by this issue is some unknown functionality. Applying a patch is able to eliminate this problem. The bugfix is ready for download at...
Auteur: VulDB

Linux Kernel up to 5.11 KVM API out-of-bounds write

A vulnerability has been found in Linux Kernel up to 5.11 (Operating System) and classified as critical. Affected by this vulnerability is an unknown functionality of the component KVM API. Upgrading to version 5.12 eliminates this vulnerability....
Auteur: VulDB

Cisco AnyConnect Secure Mobility Client Interprocess Communication input validation

A vulnerability, which was classified as problematic, was found in Cisco AnyConnect Secure Mobility Client (Network Encryption Software) (version unknown). Affected is an unknown function of the component Interprocess Communication Handler....
Auteur: VulDB

Cisco SD-WAN CLI Command file access [CVE-2021-1512]

A vulnerability, which was classified as problematic, has been found in Cisco SD-WAN (Network Management Software) (unknown version). This issue affects some unknown processing of the component CLI Command Handler. Upgrading eliminates this...
Auteur: VulDB

Cisco AnyConnect Secure Mobility Client on Windows temp file

A vulnerability classified as critical was found in Cisco AnyConnect Secure Mobility Client on Windows (Network Encryption Software) (the affected version is unknown). This vulnerability affects an unknown code block. Upgrading eliminates this...
Auteur: VulDB

Cisco Wide Area Application Services CLI exposure of resource

A vulnerability classified as problematic has been found in Cisco Wide Area Application Services (the affected version unknown). This affects an unknown code of the component CLI. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco AnyConnect Secure Mobility Client on Windows temp file

A vulnerability was found in Cisco AnyConnect Secure Mobility Client on Windows (Network Encryption Software) (affected version not known). It has been rated as critical. Affected by this issue is an unknown part. Upgrading eliminates this...
Auteur: VulDB

Cisco AnyConnect Secure Mobility Client on Windows temp file

A vulnerability was found in Cisco AnyConnect Secure Mobility Client on Windows (Network Encryption Software) (affected version unknown). It has been declared as critical. Affected by this vulnerability is some unknown functionality. Upgrading...
Auteur: VulDB
First10111213141516171819Last

Événements SSI