Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

libsndfile 1.0.28 wav.c wav_write_header memory corruption

A vulnerability was found in libsndfile 1.0.28 and classified as critical. This issue affects the function wav_write_header of the file wav.c. The manipulation with an unknown input leads to a memory corruption vulnerability (Heap-based). Using...
Auteur: VulDB

libsixel 1.8.2 status.c sixel_helper_set_additional_message denial of service

A vulnerability has been found in libsixel 1.8.2 and classified as problematic. This vulnerability affects the function sixel_helper_set_additional_message of the file status.c. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

libsixel 1.8.2 stb_image.h stbi__tga_load memory corruption

A vulnerability, which was classified as critical, was found in libsixel 1.8.2. This affects the function stbi__tga_load of the file stb_image.h. The manipulation with an unknown input leads to a memory corruption vulnerability (Heap-based). CWE...
Auteur: VulDB

Netwide Assembler 2.14rc16 Array Access asm/preproc.c denial of service

A vulnerability, which was classified as problematic, has been found in Netwide Assembler 2.14rc16. Affected by this issue is an unknown function of the file asm/preproc.c of the component Array Access. The manipulation with an unknown input...
Auteur: VulDB

Modicon M340, Premium, Quantum PLCs and BMXNOR0200 Embedded Web Server cross site scripting

A vulnerability was found in Modicon M340, Premium, Quantum PLCs and BMXNOR0200 (affected version unknown). It has been declared as problematic. Affected by this vulnerability is an unknown function of the component Embedded Web Server. The...
Auteur: VulDB

Modicon M340, Premium, Quantum PLCs and BMXNOR0200 Embedded Web Server HTTP Response Response Splitting privilege escalation

A vulnerability was found in Modicon M340, Premium, Quantum PLCs and BMXNOR0200 (version unknown). It has been classified as critical. Affected is an unknown function of the component Embedded Web Server. The manipulation as part of a HTTP...
Auteur: VulDB

Modicon M340, Premium, Quantum PLCs and BMXNOR0200 Embedded Web Server cross site scripting

A vulnerability has been found in Modicon M340, Premium, Quantum PLCs and BMXNOR0200 (the affected version is unknown) and classified as problematic. This vulnerability affects an unknown function of the component Embedded Web Server. The...
Auteur: VulDB

IBM StoredIQ 7.6.0 privilege escalation [CVE-2018-1928]

A vulnerability, which was classified as critical, has been found in IBM StoredIQ 7.6.0. This issue affects an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability. Using CWE to declare the...
Auteur: VulDB

IBM StoredIQ 7.6 cross site request forgery [CVE-2018-1927]

A vulnerability classified as problematic was found in IBM StoredIQ 7.6. This vulnerability affects an unknown function. The manipulation with an unknown input leads to a cross site request forgery vulnerability. The CWE definition for the...
Auteur: VulDB

VT-Designer 2.1.7.31 Code Execution [CVE-2018-18987]

A vulnerability classified as critical has been found in VT-Designer 2.1.7.31. This affects an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code Execution). CWE is classifying the issue...
Auteur: VulDB

VT-Designer 2.1.7.31 Heap-based memory corruption

A vulnerability was found in VT-Designer 2.1.7.31. It has been rated as critical. Affected by this issue is an unknown function. The manipulation with an unknown input leads to a memory corruption vulnerability (Heap-based). Using CWE to declare...
Auteur: VulDB

IBM DB2 9.7/10.1/10.5./11.1 db2pdcfg Stack-based memory corruption

A vulnerability was found in IBM DB2 9.7/10.1/10.5./11.1. It has been declared as critical. Affected by this vulnerability is an unknown function of the component db2pdcfg. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

SwitchVPN Client 2.1012.03 on MacOS privilege escalation [CVE-2018-18860]

A vulnerability was found in SwitchVPN Client 2.1012.03 on MacOS. It has been classified as critical. Affected is an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is classifying the...
Auteur: VulDB

Active Storage 5.2.0 content-disposition/content-type Code Injection privilege escalation

A vulnerability was found in Active Storage 5.2.0 and classified as critical. This issue affects an unknown function. The manipulation of the argument content-disposition/content-type with an unknown input leads to a privilege escalation...
Auteur: VulDB

Active Job 4.2.0 Access Control GlobalId Deserialization privilege escalation

A vulnerability has been found in Active Job 4.2.0 and classified as critical. This vulnerability affects an unknown function of the component Access Control. The manipulation of the argument GlobalId with an unknown input leads to a privilege...
Auteur: VulDB

Google Android up to 9.0 Permission privilege escalation

A vulnerability classified as critical was found in Google Android up to 9.0. Affected by this vulnerability is an unknown function of the component Permission. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Dell OpenManage Network Manager up to 6.4.x MySQL privilege escalation

A vulnerability classified as critical has been found in Dell OpenManage Network Manager up to 6.4.x. Affected is an unknown function of the component MySQL. The manipulation with an unknown input leads to a privilege escalation vulnerability....
Auteur: VulDB

Dell Network Manager up to 6.5.2 Authorization /etc/sudoers privilege escalation

A vulnerability was found in Dell Network Manager up to 6.5.2. It has been rated as critical. This issue affects an unknown function of the file /etc/sudoers of the component Authorization. The manipulation with an unknown input leads to a...
Auteur: VulDB

NUUO NVRMini2 up to 3.10.0 upgrade_handle.php Request privilege escalation

A vulnerability was found in NUUO NVRMini2 up to 3.10.0. It has been declared as critical. This vulnerability affects an unknown function of the file upgrade_handle.php. The manipulation as part of a Request leads to a privilege escalation...
Auteur: VulDB

KeyCloak prior 4.6.0.Final SAML Broker Endpoint SAML Assertion Replay weak authentication

A vulnerability was found in KeyCloak and classified as critical. Affected by this issue is an unknown function of the component SAML Broker Endpoint. The manipulation as part of a SAML Assertion leads to a weak authentication vulnerability...
Auteur: VulDB

LXCI for VMware up to 5.4 File Download information disclosure

A vulnerability was found in LXCI for VMware up to 5.4. It has been rated as problematic. Affected by this issue is an unknown function of the component File Download. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

Modicon M340, Premium, Quantum PLCs and BMXNOR0200 Embedded Web Server Password Reset privilege escalation

A vulnerability was found in Modicon M340, Premium, Quantum PLCs and BMXNOR0200 (unknown version) and classified as critical. This issue affects an unknown function of the component Embedded Web Server. The manipulation with an unknown input...
Auteur: VulDB

Modicon M340, Premium, Quantum PLCs and BMXNOR0200 Embedded Web Server Password Reset privilege escalation

A vulnerability, which was classified as critical, was found in Modicon M340, Premium, Quantum PLCs and BMXNOR0200 (the affected version unknown). This affects an unknown function of the component Embedded Web Server. The manipulation with an...
Auteur: VulDB

StruxureWare Data Center Expert up to 7.5.0 File Upload ZIP File directory traversal

A vulnerability, which was classified as critical, has been found in StruxureWare Data Center Expert up to 7.5.0. Affected by this issue is an unknown function of the component File Upload. The manipulation as part of a ZIP File leads to a...
Auteur: VulDB

StruxureWare Data Center Operation File Upload ZIP File directory traversal

A vulnerability classified as critical was found in StruxureWare Data Center Operation (affected version unknown). Affected by this vulnerability is an unknown function of the component File Upload. The manipulation as part of a ZIP File leads...
Auteur: VulDB
First1738173917401741174217431744174517461747Last

Événements SSI