Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Pagoda Linux Panel 6.0 Verification Code cross site scripting

A vulnerability was found in Pagoda Linux Panel 6.0 and classified as problematic. This issue affects an unknown function of the component Verification Code Handler. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

Grapixel New Media 2.0 pages.aspx pageref sql injection

A vulnerability has been found in Grapixel New Media 2.0 and classified as critical. This vulnerability affects an unknown function of the file pages.aspx. The manipulation of the argument pageref as part of a Parameter leads to a sql injection...
Auteur: VulDB

Linux Kernel up to 4.9.134/4.14.77/4.18.15 mremap() privilege escalation

A vulnerability, which was classified as critical, was found in Linux Kernel up to 4.9.134/4.14.77/4.18.15. This affects the function mremap(). The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is...
Auteur: VulDB

VGo Robot 3.0.3.52164/3.0.3.53662 XAMPP privilege escalation

A vulnerability, which was classified as critical, has been found in VGo Robot 3.0.3.52164/3.0.3.53662. Affected by this issue is an unknown function of the component XAMPP. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

VGo Robot 3.0.3.52164/3.0.3.53662 Code Execution [CVE-2018-17931]

A vulnerability classified as critical was found in VGo Robot 3.0.3.52164/3.0.3.53662. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code Execution)....
Auteur: VulDB

Merge Package up to 1.1 merge.recursive Object denial of service

A vulnerability was found in Merge Package up to 1.1. It has been declared as problematic. This vulnerability affects the function merge.recursive. The manipulation as part of a Object leads to a denial of service vulnerability. The CWE...
Auteur: VulDB

Loofah Gem up to 2.2.2 on Ruby SVG Javascript privilege escalation

A vulnerability was found in Loofah Gem up to 2.2.2 on Ruby. It has been classified as critical. This affects an unknown function of the component SVG Handler. The manipulation with an unknown input leads to a privilege escalation vulnerability...
Auteur: VulDB

Nextcloud Server up to 13.x Check privilege escalation

A vulnerability was found in Nextcloud Server up to 13.x and classified as critical. Affected by this issue is an unknown function of the component Check Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Nextcloud Server up to 12.0.10/13.0.5 Access Restriction privilege escalation

A vulnerability has been found in Nextcloud Server up to 12.0.10/13.0.5 and classified as critical. Affected by this vulnerability is an unknown function of the component Access Restriction. The manipulation with an unknown input leads to a...
Auteur: VulDB

Nextcloud Server up to 13.x Second Factor weak authentication

A vulnerability, which was classified as critical, was found in Nextcloud Server up to 13.x. Affected is an unknown function of the component Second Factor Handler. The manipulation with an unknown input leads to a weak authentication...
Auteur: VulDB

Nextcloud Server up to 13.x Access Check Password weak authentication

A vulnerability, which was classified as critical, has been found in Nextcloud Server up to 13.x. This issue affects an unknown function of the component Access Check. The manipulation as part of a Password leads to a weak authentication...
Auteur: VulDB

Nextcloud Server up to 12.0.7/13.0.2 Session Session Fixation weak authentication

A vulnerability classified as critical was found in Nextcloud Server up to 12.0.7/13.0.2. This vulnerability affects an unknown function of the component Session Handler. The manipulation with an unknown input leads to a weak authentication...
Auteur: VulDB

apex-publish-static-files up to 2.0.0 on npm Argument command injection

A vulnerability classified as critical has been found in apex-publish-static-files up to 2.0.0 on npm. This affects an unknown function. The manipulation as part of a Argument leads to a privilege escalation vulnerability (Command Injection)....
Auteur: VulDB

libnmapp up to 0.4.15 Range Option Argument command injection

A vulnerability was found in libnmapp up to 0.4.15. It has been rated as critical. Affected by this issue is an unknown function of the component Range Option Handler. The manipulation as part of a Argument leads to a privilege escalation...
Auteur: VulDB

Tenda AC7/AC9/AC10 goform/setUsbUnload dosystemCmd privilege escalation

A vulnerability was found in Tenda AC7, AC9 and AC10 (the affected version is unknown). It has been declared as critical. Affected by this vulnerability is the function dosystemCmd of the file goform/setUsbUnload. The manipulation with an...
Auteur: VulDB

ASRock RGBLED/A-Tuning/F-Stream/RestartToUEFI Driver AsrDrv102.sys privilege escalation

A vulnerability was found in ASRock RGBLED, A-Tuning, F-Stream and RestartToUEFI (the affected version is unknown). It has been classified as critical. Affected is an unknown function in the library AsrDrv101.sys/AsrDrv102.sys of the component...
Auteur: VulDB

ASRock RGBLED/A-Tuning/F-Stream/RestartToUEFI Driver AsrDrv102.sys privilege escalation

A vulnerability was found in ASRock RGBLED, A-Tuning, F-Stream and RestartToUEFI (the affected version is unknown) and classified as critical. This issue affects an unknown function in the library AsrDrv101.sys/AsrDrv102.sys of the component...
Auteur: VulDB

ASRock RGBLED/A-Tuning/F-Stream/RestartToUEFI Driver AsrDrv102.sys privilege escalation

A vulnerability, which was classified as critical, was found in ASRock RGBLED, A-Tuning, F-Stream and RestartToUEFI (the affected version is unknown). This affects an unknown function in the library AsrDrv101.sys/AsrDrv102.sys of the component...
Auteur: VulDB

EE 4GEE HH70 SSH core_app weak authentication

A vulnerability, which was classified as critical, has been found in EE 4GEE HH70 (the affected version is unknown). Affected by this issue is an unknown function of the file core_app of the component SSH. The manipulation with an unknown input...
Auteur: VulDB

OpenSSL up to 1.0.2p/1.1.0i/1.1.1 DSA Signature Timing Side-Channel weak encryption

A vulnerability classified as critical was found in OpenSSL up to 1.0.2p/1.1.0i/1.1.1. Affected by this vulnerability is an unknown function of the component DSA Signature Handler. The manipulation as part of a Timing leads to a weak encryption...
Auteur: VulDB

BitDefender GravityZone VMware Appliance up to 6.2.1-34 privilege escalation

A vulnerability classified as critical has been found in BitDefender GravityZone VMware Appliance up to 6.2.1-34. Affected is an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is...
Auteur: VulDB

Z-BlogPHP 1.5.2.1935 theme.js.php cross site request forgery

A vulnerability was found in Z-BlogPHP 1.5.2.1935. It has been rated as problematic. This issue affects an unknown function of the file zb_users/plugin/AppCentre/theme.js.php. The manipulation with an unknown input leads to a cross site request...
Auteur: VulDB

DocCms 2016.5.12 Template File system/changeskin.php upload_template() privilege escalation

A vulnerability was found in DocCms 2016.5.12 and classified as critical. Affected by this issue is the function upload_template() of the file system/changeskin.php of the component Template File Handler. The manipulation with an unknown input...
Auteur: VulDB

MantisBT up to 2.17.1 Edit Filter Page manage_filter_edit_page.php cross site scripting

A vulnerability classified as problematic has been found in MantisBT up to 2.17.1. Affected is an unknown function of the file manage_filter_edit_page.php of the component Edit Filter Page. The manipulation with an unknown input leads to a cross...
Auteur: VulDB

MantisBT up to 2.17.1 Filters Page manage_filter_page.php) cross site scripting

A vulnerability was found in MantisBT up to 2.17.1. It has been rated as problematic. This issue affects an unknown function of the file manage_filter_page.php) of the component Filters Page. The manipulation with an unknown input leads to a...
Auteur: VulDB
First1611161216131614161516161617161816191620Last

Événements SSI