Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Automattic WooCommerce plugin up to 3.2.3 on WordPress class-wc-shortcode-products.php get_products() privilege escalation

A vulnerability has been found in Automattic WooCommerce plugin up to 3.2.3 on WordPress and classified as critical. Affected by this vulnerability is the function WC_Shortcode_Products::get_products() of the file...
Auteur: VulDB

Juniper Junos OS RPD IPv4 PIM Join Packet Crash denial of service

A vulnerability was found in Juniper Junos OS (version unknown). It has been classified as problematic. Affected is code of the component RPD. The manipulation as part of a IPv4 PIM Join Packet leads to a denial of service vulnerability (Crash)....
Auteur: VulDB

Juniper Junos OS RPD BGP Packet Crash denial of service

A vulnerability was found in Juniper Junos OS (unknown version) and classified as problematic. This issue affects a part of the component RPD. The manipulation as part of a BGP Packet leads to a denial of service vulnerability (Crash). Using CWE...
Auteur: VulDB

Juniper Junos OS Management Interface Packet Crash denial of service

A vulnerability has been found in Juniper Junos OS (the affected version is unknown) and classified as problematic. This vulnerability affects a functionality of the component Management Interface. The manipulation as part of a Packet leads to a...
Auteur: VulDB

Juniper Junos OS on SRX HTTP Crash denial of service

A vulnerability, which was classified as problematic, was found in Juniper Junos OS on SRX (the affected version unknown). This affects a function of the component HTTP Handler. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

Juniper Junos OS Packet Forwarding Engine denial of service

A vulnerability, which was classified as problematic, has been found in Juniper Junos OS (affected version not known). Affected by this issue is some functionality of the component Packet Forwarding Engine. The manipulation as part of a Packet...
Auteur: VulDB

Juniper Junos OS up to 15.1 IP ID Generator spoofing

A vulnerability classified as critical was found in Juniper Junos OS up to 15.1. Affected by this vulnerability is the functionality of the component IP ID Generator. The manipulation with an unknown input leads to a spoofing vulnerability. The...
Auteur: VulDB

Juniper Junos OS Packet Forwarding Engine HTTP Packet Pointer Dereference denial of service

A vulnerability classified as problematic has been found in Juniper Junos OS (version unknown). Affected is an unknown function of the component Packet Forwarding Engine. The manipulation as part of a HTTP Packet leads to a denial of service...
Auteur: VulDB

Cleanto 5.0 export_ajax.php id sql injection

A vulnerability classified as critical has been found in Cleanto 5.0. This affects an unknown function in the library assets/lib/export_ajax.php. The manipulation of the argument id as part of a Parameter leads to a sql injection vulnerability....
Auteur: VulDB

Cleanto 5.0 service_method_ajax.php service_id sql injection

A vulnerability was found in Cleanto 5.0. It has been rated as critical. Affected by this issue is some processing in the library assets/lib/service_method_ajax.php. The manipulation of the argument service_id as part of a Parameter leads to a...
Auteur: VulDB

EasyCMS 1.5 cross site request forgery [CVE-2019-6294]

A vulnerability was found in EasyCMS 1.5. It has been declared as problematic. Affected by this vulnerability is a code block of the file index.php?s=/admin/articlem/insert/navTabId/listarticle/callbackType/closeCurrent. The manipulation with an...
Auteur: VulDB

sssd up to 2.0 chroot() Empty String privilege escalation

A vulnerability was found in sssd up to 2.0. It has been classified as critical. Affected is the function chroot(). The manipulation as part of a Empty String leads to a privilege escalation vulnerability. CWE is classifying the issue as...
Auteur: VulDB

HHVM up to 3.27.4/3.30 Stream Out-of-Bounds memory corruption

A vulnerability was found in HHVM up to 3.27.4/3.30 and classified as critical. This issue affects a part of the component Stream Handler. The manipulation with an unknown input leads to a memory corruption vulnerability (Out-of-Bounds). Using...
Auteur: VulDB

Wangle AcceptRoutingHandler prior 2019.01.14.00 TLS 1.3 denial of service

A vulnerability has been found in Wangle AcceptRoutingHandler and classified as problematic. This vulnerability affects a functionality of the component TLS 1.3 Handler. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

Juniper ATP up to 5.0.2 Password Hashing Salt weak encryption

A vulnerability, which was classified as critical, was found in Juniper ATP up to 5.0.2. This affects a function of the component Password Hashing. The manipulation with an unknown input leads to a weak encryption vulnerability (Salt). CWE is...
Auteur: VulDB

Juniper ATP up to 5.0.2 Splunk Credentials information disclosure

A vulnerability, which was classified as problematic, has been found in Juniper ATP up to 5.0.2. Affected by this issue is some functionality of the component Splunk Handler. The manipulation with an unknown input leads to a information...
Auteur: VulDB

Juniper ATP up to 5.0.2 Web Administration Persistent cross site scripting

A vulnerability classified as problematic was found in Juniper ATP up to 5.0.2. Affected by this vulnerability is the functionality of the component Web Administration. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

Juniper ATP up to 5.0.2 Web Administration Persistent cross site scripting

A vulnerability classified as problematic has been found in Juniper ATP up to 5.0.2. Affected is an unknown function of the component Web Administration. The manipulation with an unknown input leads to a cross site scripting vulnerability...
Auteur: VulDB

Juniper ATP up to 5.0.2 Web Administration Persistent cross site scripting

A vulnerability was found in Juniper ATP up to 5.0.2. It has been rated as problematic. This issue affects some processing of the component Web Administration. The manipulation with an unknown input leads to a cross site scripting vulnerability...
Auteur: VulDB

Juniper ATP up to 5.0.2 Web Administration Persistent cross site scripting

A vulnerability was found in Juniper ATP up to 5.0.2. It has been declared as problematic. This vulnerability affects a code block of the component Web Administration. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

Juniper ATP up to 5.0.2 Web Administration Persistent cross site scripting

A vulnerability was found in Juniper ATP up to 5.0.2. It has been classified as problematic. This affects code of the component Web Administration. The manipulation with an unknown input leads to a cross site scripting vulnerability...
Auteur: VulDB

Juniper ATP up to 5.0.2 Cyphort Core Default Credentials weak authentication

A vulnerability was found in Juniper ATP up to 5.0.2 and classified as critical. Affected by this issue is a part of the component Cyphort Core. The manipulation with an unknown input leads to a weak authentication vulnerability (Default...
Auteur: VulDB

Juniper ATP up to 5.0.3 Log /var/log/syslog information disclosure

A vulnerability has been found in Juniper ATP up to 5.0.3 and classified as problematic. Affected by this vulnerability is a functionality of the file /var/log/syslog of the component Log Handler. The manipulation with an unknown input leads to...
Auteur: VulDB

Juniper ATP up to 5.0.2 Web Collector Default Credentials weak authentication

A vulnerability, which was classified as critical, was found in Juniper ATP up to 5.0.2. Affected is a function of the component Web Collector. The manipulation with an unknown input leads to a weak authentication vulnerability (Default...
Auteur: VulDB

Juniper ATP up to 5.0.2 Web Administration Persistent cross site scripting

A vulnerability, which was classified as problematic, has been found in Juniper ATP up to 5.0.2. This issue affects some functionality of the component Web Administration. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB
First1724172517261727172817291730173117321733Last

Événements SSI