Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Eaton UPS 9PX 8000 SP SNMP Password Cleartext information disclosure

A vulnerability was found in Eaton UPS 9PX 8000 SP (the affected version is unknown). It has been classified as problematic. Affected is an unknown function of the component SNMP Password Handler. The manipulation with an unknown input leads to...
Auteur: VulDB

Eaton UPS 9PX 8000 SP Web Page Cleartext information disclosure

A vulnerability was found in Eaton UPS 9PX 8000 SP (the affected version is unknown) and classified as problematic. This issue affects an unknown function of the component Web Page. The manipulation with an unknown input leads to a information...
Auteur: VulDB

Neato Botvac Connected 2.2.0 Setup API /robot/initialize ntp command injection

A vulnerability, which was classified as critical, was found in Neato Botvac Connected 2.2.0. This affects an unknown function of the file /robot/initialize of the component Setup API. The manipulation of the argument ntp as part of a Shell...
Auteur: VulDB

D-Link DSL-2640T cgi-bin/webcm var:RelaodHref/var:conid cross site scripting

A vulnerability, which was classified as problematic, has been found in D-Link DSL-2640T (the affected version is unknown). Affected by this issue is an unknown function of the file cgi-bin/webcm. The manipulation of the argument...
Auteur: VulDB

MailCleaner CE 2018.08/2018.09 Administration Login Interface UserController.php cross site scripting

A vulnerability classified as problematic was found in MailCleaner CE 2018.08/2018.09. Affected by this vulnerability is an unknown function of the file www/guis/admin/application/controllers/UserController.php of the component Administration...
Auteur: VulDB

Communigate Pro 6.2 Pronto! Mail Composer /MIME/INBOX-MM-1/ Message Body cross site scripting

A vulnerability classified as problematic has been found in Communigate Pro 6.2. Affected is an unknown function of the file /MIME/INBOX-MM-1/ of the component Pronto! Mail Composer. The manipulation as part of a Message Body leads to a cross...
Auteur: VulDB

Polycom VVX 500/VVX 601 up to 5.8.0.12848 X.509 Certificate Validation Man-in-the-Middle weak authentication

A vulnerability was found in Polycom VVX 500 and VVX 601 up to 5.8.0.12848. It has been rated as critical. This issue affects an unknown function of the component X.509 Certificate Validation. The manipulation with an unknown input leads to a...
Auteur: VulDB

AudioCodes 440HD/450HD up to 3.1.2.89 X.509 Certificate Validation Man-in-the-Middle weak authentication

A vulnerability was found in AudioCodes 440HD and 450HD up to 3.1.2.89. It has been declared as critical. This vulnerability affects an unknown function of the component X.509 Certificate Validation. The manipulation with an unknown input leads...
Auteur: VulDB

ServersCheck Monitoring Software up to 14.3.3 Parameter cross site scripting

A vulnerability has been found in ServersCheck Monitoring Software up to 14.3.3 and classified as problematic. Affected by this vulnerability is an unknown function. The manipulation as part of a Parameter leads to a cross site scripting...
Auteur: VulDB

ajenti up to 1.2.23.13 ajenticp Filename cross site scripting

A vulnerability, which was classified as problematic, was found in ajenti up to 1.2.23.13. Affected is an unknown function of the component ajenticp. The manipulation as part of a Filename leads to a cross site scripting vulnerability. CWE is...
Auteur: VulDB

Vesta Control Panel up to 0.9.8-22 edit/web/ domain cross site scripting

A vulnerability, which was classified as problematic, has been found in Vesta Control Panel up to 0.9.8-22. This issue affects an unknown function. The manipulation of the argument edit/web/ domain with an unknown input leads to a cross site...
Auteur: VulDB

Citrix Netscaler Gateway up to 10.5.x/11.1.x/12.0.x/12.1.x cross site scripting

A vulnerability classified as problematic was found in Citrix Netscaler Gateway up to 10.5.x/11.1.x/12.0.x/12.1.x. This vulnerability affects an unknown function. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

mysql-binuuid-rails up to 1.1.0 Database Column sql injection

A vulnerability classified as critical has been found in mysql-binuuid-rails up to 1.1.0. This affects an unknown function of the component Database Column Handler. The manipulation with an unknown input leads to a sql injection vulnerability....
Auteur: VulDB

Telecrane F25 Series Radio Controls prior 00.0A Message Replay privilege escalation

A vulnerability was found in Telecrane F25 Series Radio Controls. It has been classified as critical. Affected is an unknown function. The manipulation as part of a Message leads to a privilege escalation vulnerability (Replay). CWE is...
Auteur: VulDB

SAGA1-L8B prior A0.10 privilege escalation [CVE-2018-17923]

A vulnerability was found in SAGA1-L8B and classified as critical. This issue affects an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability. Using CWE to declare the problem leads to CWE-269....
Auteur: VulDB

SAGA1-L8B prior A0.10 Pairing privilege escalation

A vulnerability has been found in SAGA1-L8B and classified as critical. This vulnerability affects an unknown function of the component Pairing Handler. The manipulation with an unknown input leads to a privilege escalation vulnerability. The...
Auteur: VulDB

SAGA1-L8B prior A0.10 Replay privilege escalation

A vulnerability, which was classified as critical, was found in SAGA1-L8B. This affects an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability (Replay). CWE is classifying the issue as CWE-269....
Auteur: VulDB

IBM WebSphere Commerce Enterprise 7.x/8.x/9.x Web UI cross site scripting

A vulnerability was found in IBM WebSphere Commerce Enterprise 7.x/8.x/9.x. It has been rated as problematic. This issue affects an unknown function of the component Web UI. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

Fuji Energy Savings Estimator up to 1.0.2.0 DLL Loader Search Path privilege escalation

A vulnerability was found in Fuji Energy Savings Estimator up to 1.0.2.0. It has been declared as problematic. This vulnerability affects an unknown function of the component DLL Loader. The manipulation as part of a Search Path leads to a...
Auteur: VulDB

Anda App Server API Default Credentials weak authentication

A vulnerability was found in Anda App (the affected version is unknown). It has been classified as critical. This affects an unknown function of the component Server API. The manipulation with an unknown input leads to a weak authentication...
Auteur: VulDB

Adrenalin HRMS 5.4.0 ApplicationtEmployeeSearch prntDDLCntrlName/prntFrmName cross site scripting

A vulnerability was found in Adrenalin HRMS 5.4.0 and classified as problematic. Affected by this issue is an unknown function of the file ApplicationtEmployeeSearch. The manipulation of the argument prntDDLCntrlName/prntFrmName with an unknown...
Auteur: VulDB

Spark 1.3.x Zinc Server Request information disclosure

A vulnerability has been found in Spark 1.3.x and classified as problematic. Affected by this vulnerability is an unknown function of the component Zinc Server. The manipulation as part of a Request leads to a information disclosure...
Auteur: VulDB

Apache Impala up to 3.0.0 ALTER privilege escalation

A vulnerability, which was classified as critical, was found in Apache Impala up to 3.0.0. Affected is an unknown function of the component ALTER Handler. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE...
Auteur: VulDB

Apache Impala up to 3.0.0 Queue Injection privilege escalation

A vulnerability, which was classified as critical, has been found in Apache Impala up to 3.0.0. This issue affects an unknown function of the component Queue Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Amanda 3.3.1 Backup and Restore Command Line Argument privilege escalation

A vulnerability classified as critical was found in Amanda 3.3.1. This vulnerability affects an unknown function of the component Backup and Restore. The manipulation as part of a Command Line Argument leads to a privilege escalation...
Auteur: VulDB
First1822182318241825182618271828182918301831Last

Événements SSI