Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

GitLab Community Edition/Enterprise Edition up to 11.1.7/11.2.4/11.3.1 JSON Endpoint Request information disclosure

A vulnerability classified as problematic has been found in GitLab Community Edition and Enterprise Edition up to 11.1.7/11.2.4/11.3.1. This affects an unknown function of the component JSON Endpoint. The manipulation as part of a Request leads...
Auteur: VulDB

FreeBSD up to 11.2 bhyve memory corruption

A vulnerability was found in FreeBSD up to 11.2. It has been rated as critical. Affected by this issue is an unknown function of the component bhyve. The manipulation with an unknown input leads to a memory corruption vulnerability. Using CWE to...
Auteur: VulDB

Data Ontap up to 8.2.5P1 7-Mode information disclosure

A vulnerability was found in Data Ontap up to 8.2.5P1. It has been declared as problematic. Affected by this vulnerability is an unknown function of the component 7-Mode. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

CX-One CX-Programmer/CX-Server Stack-based memory corruption

A vulnerability was found in CX-One CX-Programmer and CX-Server (unknown version) and classified as critical. This issue affects an unknown function. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

SCADA Webserver up to 2.03 Reflected cross site scripting

A vulnerability has been found in SCADA Webserver up to 2.03 and classified as problematic. This vulnerability affects an unknown function. The manipulation with an unknown input leads to a cross site scripting vulnerability (Reflected). The CWE...
Auteur: VulDB

CX-One CX-Programmer/CX-Server Project File Code Execution [CVE-2018-18989]

A vulnerability, which was classified as critical, was found in CX-One CX-Programmer and CX-Server (the affected version unknown). This affects an unknown function of the component Project File Handler. The manipulation with an unknown input...
Auteur: VulDB

GitLab Enterprise Edition up to 11.2.7/11.3.8/11.4.3 Kubernetes Server-Side Request Forgery

A vulnerability, which was classified as critical, has been found in GitLab Enterprise Edition up to 11.2.7/11.3.8/11.4.3. Affected by this issue is an unknown function of the component Kubernetes. The manipulation with an unknown input leads to...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.2.6/11.3.7/11.4.2 Error Message information disclosure

A vulnerability classified as problematic was found in GitLab Community Edition and Enterprise Edition up to 11.2.6/11.3.7/11.4.2. Affected by this vulnerability is an unknown function of the component Error Message Handler. The manipulation ...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.2.6/11.3.7/11.4.2 Authorization privilege escalation

A vulnerability classified as critical has been found in GitLab Community Edition and Enterprise Edition up to 11.2.6/11.3.7/11.4.2. Affected is an unknown function of the component Authorization. The manipulation with an unknown input leads to...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.2.6/11.3.7/11.4.2 Server-Side Request Forgery

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 11.2.6/11.3.7/11.4.2. It has been rated as critical. This issue affects an unknown function. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.2.6/11.3.7/11.4.2 Email Reply information disclosure

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 11.2.6/11.3.7/11.4.2. It has been declared as problematic. This vulnerability affects an unknown function of the component Email Reply Handler. The manipulation ...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.2.6/11.3.7/11.4.2 Prometheus information disclosure

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 11.2.6/11.3.7/11.4.2. It has been classified as problematic. This affects an unknown function of the component Prometheus. The manipulation with an unknown input...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.2.6/11.3.7/11.4.2 cross site scripting

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 11.2.6/11.3.7/11.4.2 and classified as problematic. Affected by this issue is an unknown function. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.2.6/11.3.7/11.4.2 Cleartext information disclosure

A vulnerability has been found in GitLab Community Edition and Enterprise Edition up to 11.2.6/11.3.7/11.4.2 and classified as problematic. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.2.6/11.3.7/11.4.2 Bowser Cache information disclosure

A vulnerability, which was classified as problematic, was found in GitLab Community Edition and Enterprise Edition up to 11.2.6/11.3.7/11.4.2. Affected is an unknown function of the component Bowser Cache. The manipulation with an unknown input...
Auteur: VulDB

GitLab Community Edition up to 11.1.7/11.2.4/11.3.1 Epic Change Description information disclosure

A vulnerability, which was classified as problematic, has been found in GitLab Community Edition up to 11.1.7/11.2.4/11.3.1. This issue affects an unknown function of the component Epic Change Description Handler. The manipulation with an...
Auteur: VulDB

GitLab Community Edition up to 11.1.7/11.2.4/11.3.1 GFM Markdown API information disclosure

A vulnerability classified as problematic was found in GitLab Community Edition up to 11.1.7/11.2.4/11.3.1. This vulnerability affects an unknown function of the component GFM Markdown API. The manipulation with an unknown input leads to a...
Auteur: VulDB

SamSam Ransomware

Original release date: December 03, 2018 The Department of Homeland Security and the Federal Bureau of Investigation have identified cyber threat actors using SamSam ransomware—also known as MSIL/SAMAS.A—to target industries in the United...
Auteur: US Cert

CERTFR-2018-AVI-581 : Multiples vulnérabilités dans le noyau Linux d’Ubuntu (03 décembre 2018)

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et une atteinte à la confidentialité des données.

Auteur: Cert FR

CERTFR-2018-AVI-580 : Multiples vulnérabilités dans le noyau Linux de SUSE (03 décembre 2018)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et un déni de service.
Auteur: Cert FR

Arigato Autoresponder and Newsletter 2.5.1.8 on WordPress integration-contact-form.html.php POST Request cross site scripting

A vulnerability was found in Arigato Autoresponder and Newsletter 2.5.1.8 on WordPress and classified as problematic. This issue affects an unknown function of the file integration-contact-form.html.php. The manipulation as part of a POST...
Auteur: VulDB

Arigato Autoresponder and Newsletter 2.5.1.8 on WordPress bft_list.html.php filter_signup_date cross site scripting

A vulnerability has been found in Arigato Autoresponder and Newsletter 2.5.1.8 on WordPress and classified as problematic. This vulnerability affects an unknown function of the file bft_list.html.php. The manipulation of the argument...
Auteur: VulDB

Arigato Autoresponder and Newsletter 2.5.1.8 on WordPress Reflected cross site scripting

A vulnerability, which was classified as problematic, was found in Arigato Autoresponder and Newsletter 2.5.1.8 on WordPress. This affects an unknown function. The manipulation with an unknown input leads to a cross site scripting vulnerability...
Auteur: VulDB

Arigato Autoresponder and Newsletter 2.5.1.8 on WordPress Reflected cross site scripting

A vulnerability, which was classified as problematic, has been found in Arigato Autoresponder and Newsletter 2.5.1.8 on WordPress. Affected by this issue is an unknown function. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

Arigato Autoresponder and Newsletter 2.5.1.8 on WordPress Reflected cross site scripting

A vulnerability classified as problematic was found in Arigato Autoresponder and Newsletter 2.5.1.8 on WordPress. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB
First1733173417351736173717381739174017411742Last

Événements SSI