Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

VyOS 1.1.8 Sandbox privilege escalation

A vulnerability has been found in VyOS 1.1.8 and classified as critical. Affected by this vulnerability is an unknown function of the component Sandbox. The manipulation with an unknown input leads to a privilege escalation vulnerability. The...
Auteur: VulDB

Swisscom Internet Box Light prior 09.04.00 LAN UPnP Service UDP Packet Stack-based memory corruption

A vulnerability was found in Swisscom Internet Box Light, Internet Box 2, Internet Box Standard and Internet Box Plus. It has been classified as critical. Affected is an unknown function of the component LAN UPnP Service. The manipulation as...
Auteur: VulDB

Modicon M340/Premium/Quantum PLCs/BMXNOR0200 Embedded Web Server Response information disclosure

A vulnerability, which was classified as problematic, has been found in Modicon M340, Premium, Quantum PLCs and BMXNOR0200 (unknown version). This issue affects an unknown function of the component Embedded Web Server. The manipulation as part...
Auteur: VulDB

Schneider Electric Power Monitoring Expert URL Open Redirect

A vulnerability classified as problematic has been found in Schneider Electric Power Monitoring Expert and EcoStruxure Power Monitoring Expert (the affected version unknown). This affects an unknown function of the component URL Handler. The...
Auteur: VulDB

LibSass 3.5.5 eval.cpp Supports_Operator*) denial of service

A vulnerability was found in LibSass 3.5.5. It has been rated as problematic. Affected by this issue is the function Sass::Eval::operator()(Sass::Supports_Operator*) of the file eval.cpp. The manipulation with an unknown input leads to a denial...
Auteur: VulDB

GraphicsMagick 1.3.31 dib File coders/dib.c ReadDIBImage denial of service

A vulnerability was found in GraphicsMagick 1.3.31. It has been declared as problematic. Affected by this vulnerability is the function ReadDIBImage of the file coders/dib.c of the component dib File Handler. The manipulation with an unknown...
Auteur: VulDB

Fuel CMS 1.4.3 users/create/ cross site request forgery

A vulnerability was found in Fuel CMS 1.4.3. It has been classified as problematic. Affected is an unknown function of the file users/create/. The manipulation with an unknown input leads to a cross site request forgery vulnerability. CWE is...
Auteur: VulDB

Bento4 1.5.1-627 Core/Ap4Sample.cpp AP4_Sample::ReadData denial of service

A vulnerability was found in Bento4 1.5.1-627 and classified as problematic. This issue affects the function AP4_Sample::ReadData of the file Core/Ap4Sample.cpp. The manipulation with an unknown input leads to a denial of service vulnerability...
Auteur: VulDB

GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit bmp.c ReadBMPImage BMP Image File memory corruption

A vulnerability has been found in GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit and classified as critical. This vulnerability affects the function ReadBMPImage of the file bmp.c. The manipulation as part of a BMP Image File leads to a...
Auteur: VulDB

GraphicsMagick 1.4 snapshot-20181209 Q8 tga.c WriteTGAImage Image File memory corruption

A vulnerability, which was classified as critical, was found in GraphicsMagick 1.4 snapshot-20181209 Q8. This affects the function WriteTGAImage of the file tga.c. The manipulation as part of a Image File leads to a memory corruption...
Auteur: VulDB

Nagios XI up to 5.5.7 magpie_slashbox.php rss_url cross site scripting

A vulnerability, which was classified as problematic, has been found in Nagios XI up to 5.5.7. Affected by this issue is an unknown function of the file rss_dashlet/magpierss/scripts/magpie_slashbox.php. The manipulation of the argument rss_url...
Auteur: VulDB

Nagios XI up to 5.5.7 magpie_simple.php url cross site scripting

A vulnerability classified as problematic was found in Nagios XI up to 5.5.7. Affected by this vulnerability is an unknown function of the file rss_dashlet/magpierss/scripts/magpie_simple.php. The manipulation of the argument url as part of a...
Auteur: VulDB

ymlref Code Injection privilege escalation [CVE-2018-20133]

A vulnerability classified as critical has been found in ymlref (version unknown). Affected is an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code Injection). CWE is classifying the...
Auteur: VulDB

QEMU pvrdma_main.c pvrdma_realize denial of service

A vulnerability was found in QEMU (unknown version). It has been rated as problematic. This issue affects the function pvrdma_realize of the file hw/rdma/vmw/pvrdma_main.c. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

PTC ThingWorx Platform up to 8.3.0 ZIP File POST Request directory traversal

A vulnerability was found in PTC ThingWorx Platform up to 8.3.0. It has been declared as critical. This vulnerability affects an unknown function of the component ZIP File Handler. The manipulation as part of a POST Request leads to a directory...
Auteur: VulDB

Pylearn2 yaml_parse.load privilege escalation

A vulnerability was found in Pylearn2 (the affected version unknown). It has been classified as critical. This affects the function yaml_parse.load. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code...
Auteur: VulDB

YARA 3.8.1 libyara/exec.c information disclosure

A vulnerability was found in YARA 3.8.1 and classified as problematic. Affected by this issue is an unknown function of the file libyara/exec.c. The manipulation with an unknown input leads to a information disclosure vulnerability. Using CWE to...
Auteur: VulDB

YARA 3.8.1 libyara/exec.c memory corruption

A vulnerability has been found in YARA 3.8.1 and classified as critical. Affected by this vulnerability is an unknown function of the file libyara/exec.c. The manipulation with an unknown input leads to a memory corruption vulnerability. The CWE...
Auteur: VulDB

YARA 3.8.1 libyara/exec.c information disclosure

A vulnerability, which was classified as problematic, was found in YARA 3.8.1. Affected is an unknown function of the file libyara/exec.c. The manipulation with an unknown input leads to a information disclosure vulnerability (Address). CWE is...
Auteur: VulDB

PrinterOn Enterprise 4.1.4 File denial of service

A vulnerability, which was classified as problematic, has been found in PrinterOn Enterprise 4.1.4. This issue affects an unknown function. The manipulation with an unknown input leads to a denial of service vulnerability (File). Using CWE to...
Auteur: VulDB

Bolt CMS up to 3.6.1 Text Input Click Preview Title cross site scripting

A vulnerability classified as problematic was found in Bolt CMS up to 3.6.1. This vulnerability affects an unknown function of the component Text Input Click Preview. The manipulation of the argument Title with an unknown input leads to a cross...
Auteur: VulDB

Artica Integria IMS 5.0.83 search_string cross site scripting

A vulnerability classified as problematic has been found in Artica Integria IMS 5.0.83. This affects an unknown function. The manipulation of the argument search_string as part of a Parameter leads to a cross site scripting vulnerability. CWE is...
Auteur: VulDB

InfoVista VistaPortal SE 5.1 SharedCriteria.jsp ConnPoolName/GroupId cross site scripting

A vulnerability was found in InfoVista VistaPortal SE 5.1. It has been rated as problematic. Affected by this issue is an unknown function of the file /VPortal/mgtconsole/SharedCriteria.jsp. The manipulation of the argument ConnPoolName/GroupId...
Auteur: VulDB

InfoVista VistaPortal SE 5.1 SecurityPolicies.jsp ConnPoolName cross site scripting

A vulnerability was found in InfoVista VistaPortal SE 5.1. It has been declared as problematic. Affected by this vulnerability is an unknown function of the file /VPortal/mgtconsole/SecurityPolicies.jsp. The manipulation of the argument...
Auteur: VulDB

InfoVista VistaPortal SE 5.1 Roles.jsp ConnPoolName cross site scripting

A vulnerability was found in InfoVista VistaPortal SE 5.1. It has been classified as problematic. Affected is an unknown function of the file /VPortal/mgtconsole/Roles.jsp. The manipulation of the argument ConnPoolName as part of a Parameter...
Auteur: VulDB
First1728172917301731173217331734173517361737Last

Événements SSI