Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

creditease-sec insight up to 2018-09-11 srcpm/app/admin/views.py role_perm_delete cross site request forgery

A vulnerability classified as problematic has been found in creditease-sec insight up to 2018-09-11. Affected is the function role_perm_delete of the file srcpm/app/admin/views.py. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

creditease-sec insight up to 2018-09-11 srcpm/app/admin/views.py login_user_delete cross site request forgery

A vulnerability was found in creditease-sec insight up to 2018-09-11. It has been rated as problematic. This issue affects the function login_user_delete of the file srcpm/app/admin/views.py. The manipulation with an unknown input leads to a...
Auteur: VulDB

Chatopera Cosin 3.10.0 Deserialization TemplateController.java toObject File privilege escalation

A vulnerability was found in Chatopera Cosin 3.10.0 (Web Browser). It has been declared as critical. This vulnerability affects the function toObject of the file TemplateController.java of the component Deserialization. The manipulation as part...
Auteur: VulDB

OpenSC 0.19.0 ctx.c sc_context_create denial of service

A vulnerability was found in OpenSC 0.19.0. It has been classified as problematic. This affects the function sc_context_create of the file ctx.c. The manipulation with an unknown input leads to a denial of service vulnerability (Memory Leak)....
Auteur: VulDB

Drupal up to 7.61/8.5.8/8.6.5 Phar Stream Wrapper Code Execution

A vulnerability was found in Drupal up to 7.61/8.5.8/8.6.5 (Content Management System) and classified as critical. Affected by this issue is a part of the component Phar Stream Wrapper. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Drupal up to 7.61/8.5.8/8.6.5 PEAR Archive_Tar privilege escalation

A vulnerability has been found in Drupal up to 7.61/8.5.8/8.6.5 (Content Management System) and classified as critical. Affected by this vulnerability is a functionality of the component PEAR Archive_Tar. The manipulation with an unknown input...
Auteur: VulDB

Jenkins up to 2.158 Authentication AuthenticationProcessingFilter2.java privilege escalation

A vulnerability, which was classified as critical, was found in Jenkins up to 2.158 (Continuous Integration Software). Affected is a function of the file core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java of the component...
Auteur: VulDB

Jenkins up to 2.158 Authorization TokenBasedRememberMeServices2.java Cookie privilege escalation

A vulnerability, which was classified as critical, has been found in Jenkins up to 2.158 (Continuous Integration Software). This issue affects some functionality of the file core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java of...
Auteur: VulDB

Pipeline Declarative Plugin up to 1.3.3 Sandbox Converter.groovy Code Execution

A vulnerability classified as critical was found in Pipeline Declarative Plugin up to 1.3.3. This vulnerability affects the functionality of the file...
Auteur: VulDB

Pipeline Groovy Plugin up to 2.61 on Jenkins Sandbox CpsFlowDefinition.java Code Execution

A vulnerability classified as critical has been found in Pipeline Groovy Plugin up to 2.61 on Jenkins. This affects an unknown function of the file src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java of the component Sandbox....
Auteur: VulDB

Script Security Plugin up to 2.49 on Jenkins GroovySandbox.java Code Execution

A vulnerability was found in Script Security Plugin up to 2.49 on Jenkins. It has been rated as critical. Affected by this issue is some processing of the file src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java....
Auteur: VulDB

CA Service Desk Manager 14.1/17 User Interface privilege escalation

A vulnerability has been found in CA Service Desk Manager 14.1/17 and classified as critical. This vulnerability affects a functionality of the component User Interface. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

CA Service Desk Manager 14.1/17 information disclosure [CVE-2018-19634]

A vulnerability, which was classified as problematic, was found in CA Service Desk Manager 14.1/17. This affects a function. The manipulation with an unknown input leads to a information disclosure vulnerability. CWE is classifying the issue as...
Auteur: VulDB

Foreman Smart Class Feature privilege escalation [CVE-2018-14666]

A vulnerability, which was classified as critical, has been found in Foreman (Service Management Software). Affected by this issue is some functionality of the component Smart Class Feature. The manipulation with an unknown input leads to a...
Auteur: VulDB

Fortinet FortiOS up to 5.6.7/6.0.2 Access Control Credentials information disclosure

A vulnerability classified as problematic was found in Fortinet FortiOS up to 5.6.7/6.0.2 (Firewall Software). Affected by this vulnerability is the functionality of the component Access Control. The manipulation with an unknown input leads to a...
Auteur: VulDB

Brocade Network Advisor up to 14.0.2 User Database weak encryption

A vulnerability was found in Brocade Network Advisor up to 14.0.2. It has been declared as critical. Affected by this vulnerability is a code block of the component User Database. The manipulation with an unknown input leads to a weak encryption...
Auteur: VulDB

Brocade Network Advisor up to 14.0.x Remote Code Execution [CVE-2018-6444]

A vulnerability was found in Brocade Network Advisor up to 14.0.x. It has been classified as critical. Affected is code. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code Execution). CWE is classifying...
Auteur: VulDB

Brocade Network Advisor up to 14.3.0 JBoss Administration Interface Default Credentials weak authentication

A vulnerability was found in Brocade Network Advisor up to 14.3.0 and classified as critical. This issue affects a part of the component JBoss Administration Interface. The manipulation with an unknown input leads to a weak authentication...
Auteur: VulDB

ASPEED ast2400/ast2500 AHB Bridge privilege escalation [CVE-2019-6260]

A vulnerability was found in ASPEED ast2400 and ast2500. It has been declared as critical. Affected by this vulnerability is a code block of the component AHB Bridge. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

CX-Supervisor up to 3.42 Project File Type Confusion memory corruption

A vulnerability was found in CX-Supervisor up to 3.42. It has been classified as critical. Affected is code of the component Project File Handler. The manipulation with an unknown input leads to a memory corruption vulnerability (Type...
Auteur: VulDB

CX-Supervisor up to 3.42 Project File Use-After-Free memory corruption

A vulnerability was found in CX-Supervisor up to 3.42 and classified as critical. This issue affects a part of the component Project File Handler. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

CX-Supervisor up to 3.42 Project File command injection

A vulnerability has been found in CX-Supervisor up to 3.42 and classified as critical. This vulnerability affects a functionality of the component Project File Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

CX-Supervisor up to 3.42 Project File Code Execution

A vulnerability, which was classified as critical, was found in CX-Supervisor up to 3.42. This affects a function of the component Project File Handler. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code...
Auteur: VulDB

Apple iOS up to 12.1.2 WebKit memory corruption

A vulnerability classified as critical was found in Apple iOS up to 12.1.2 (Smartphone Operating System). Affected by this vulnerability is the functionality of the component WebKit. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

Apple iOS up to 12.1.2 WebKit memory corruption

A vulnerability classified as critical has been found in Apple iOS up to 12.1.2 (Smartphone Operating System). Affected is an unknown function of the component WebKit. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB
First1724172517261727172817291730173117321733Last

Événements SSI