Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Zoho ManageEngine OpManager up to 12.2 File Upload privilege escalation

A vulnerability classified as critical has been found in Zoho ManageEngine OpManager up to 12.2. This affects an unknown function of the component File Upload. The manipulation with an unknown input leads to a privilege escalation vulnerability....
Auteur: VulDB

Daniel Gultsch Conversations 2.3.4 Message spoofing

A vulnerability was found in Daniel Gultsch Conversations 2.3.4. It has been rated as critical. Affected by this issue is an unknown function of the component Message Handler. The manipulation with an unknown input leads to a spoofing...
Auteur: VulDB

Axios Italia Axioscloud Sissiweb Registro Elettronico 1.7.0 secret/relogoff.aspx Error_Desc cross site scripting

A vulnerability was found in Axios Italia Axioscloud Sissiweb Registro Elettronico 1.7.0. It has been declared as problematic. Affected by this vulnerability is an unknown function of the file secret/relogoff.aspx. The manipulation of the...
Auteur: VulDB

Splunk Enterprise up to 6.2.13/6.3.9/6.4.6/6.5.4 HTTP Request denial of service

A vulnerability was found in Splunk Enterprise up to 6.2.13/6.3.9/6.4.6/6.5.4. It has been classified as problematic. Affected is an unknown function. The manipulation as part of a HTTP Request leads to a denial of service vulnerability. CWE is...
Auteur: VulDB

Splunk Enterprise up to 6.5.2 Django App directory traversal

A vulnerability was found in Splunk Enterprise up to 6.5.2 and classified as critical. This issue affects an unknown function of the component Django App. The manipulation with an unknown input leads to a directory traversal vulnerability. Using...
Auteur: VulDB

Mozilla Firefox up to 62.x Remote Code Execution [CVE-2018-12390]

A vulnerability, which was classified as critical, has been found in Mozilla Firefox up to 62.x. This issue affects an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code Execution). Using...
Auteur: VulDB

Mozilla Firefox up to 62.x Remote Code Execution [CVE-2018-12389]

A vulnerability classified as critical was found in Mozilla Firefox up to 62.x. This vulnerability affects an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code Execution). The CWE...
Auteur: VulDB

Mozilla Firefox up to 62.x Remote Code Execution [CVE-2018-12388]

A vulnerability classified as critical has been found in Mozilla Firefox up to 62.x. This affects an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code Execution). CWE is classifying the...
Auteur: VulDB

Mozilla Firefox up to 62.x HTTP Warning spoofing

A vulnerability was found in Mozilla Firefox up to 62.x. It has been rated as critical. Affected by this issue is an unknown function of the component HTTP Handler. The manipulation with an unknown input leads to a spoofing vulnerability...
Auteur: VulDB

Mozilla Firefox up to 62.x Cookie privilege escalation

A vulnerability was found in Mozilla Firefox up to 62.x. It has been declared as critical. Affected by this vulnerability is an unknown function of the component Cookie Handler. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Mozilla Firefox up to 62.x URL Parser Favicon denial of service

A vulnerability was found in Mozilla Firefox up to 62.x. It has been classified as problematic. Affected is an unknown function of the component URL Parser. The manipulation as part of a Favicon leads to a denial of service vulnerability. CWE is...
Auteur: VulDB

Mozilla Firefox up to 62.x on Android Cache Favicon privilege escalation

A vulnerability was found in Mozilla Firefox up to 62.x on Android and classified as critical. This issue affects an unknown function of the component Cache Handler. The manipulation as part of a Favicon leads to a privilege escalation...
Auteur: VulDB

Mozilla Firefox up to 62.x Protocol Registration Notification Bar spoofing

A vulnerability has been found in Mozilla Firefox up to 62.x and classified as critical. This vulnerability affects an unknown function of the component Protocol Registration Notification Bar. The manipulation with an unknown input leads to a...
Auteur: VulDB

Mozilla Firefox up to 62.x CSS Content Security Policy privilege escalation

A vulnerability, which was classified as critical, was found in Mozilla Firefox up to 62.x. This affects an unknown function of the component CSS Handler. The manipulation with an unknown input leads to a privilege escalation vulnerability...
Auteur: VulDB

Mozilla Firefox up to 62.x WebExtension privilege escalation

A vulnerability, which was classified as critical, has been found in Mozilla Firefox up to 62.x. Affected by this issue is an unknown function of the component WebExtension. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Mozilla Firefox up to 62.x WebExtension privilege escalation

A vulnerability classified as critical was found in Mozilla Firefox up to 62.x. Affected by this vulnerability is an unknown function of the component WebExtension. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Mozilla Firefox up to 62.x WebExtension privilege escalation

A vulnerability classified as critical has been found in Mozilla Firefox up to 62.x. Affected is an unknown function of the component WebExtension. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is...
Auteur: VulDB

Mozilla Firefox up to 62.x on 32-bit Unicode Converter Integer memory corruption

A vulnerability was found in Mozilla Firefox up to 62.x on 32-bit. It has been rated as critical. This issue affects an unknown function of the component Unicode Converter. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Mozilla Firefox up to 62.x Nested Event Loop denial of service

A vulnerability was found in Mozilla Firefox up to 62.x. It has been declared as problematic. This vulnerability affects an unknown function of the component Nested Event Handler. The manipulation with an unknown input leads to a denial of...
Auteur: VulDB

Mozilla Firefox up to 62.x on Android HTTP Live Streaming privilege escalation

A vulnerability was found in Mozilla Firefox up to 62.x on Android. It has been classified as critical. This affects an unknown function of the component HTTP Live Streaming Handler. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Leanote 2.6.1 Blog Basic Setting Title cross site scripting

A vulnerability was found in Leanote 2.6.1. It has been classified as problematic. This affects an unknown function of the component Blog Basic Setting Title. The manipulation with an unknown input leads to a cross site scripting vulnerability....
Auteur: VulDB

LuPng up to 2017-03-10 miniz/lupng.c insertByte memory corruption

A vulnerability, which was classified as critical, has been found in LuPng up to 2017-03-10. This issue affects the function insertByte of the file miniz/lupng.c. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

LuPng up to 2017-03-10 miniz/lupng.c insertByte memory corruption

A vulnerability classified as critical was found in LuPng up to 2017-03-10. This vulnerability affects the function insertByte of the file miniz/lupng.c. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

LuPng up to 2017-03-10 miniz/lupng.c internalPrintf memory corruption

A vulnerability classified as critical has been found in LuPng up to 2017-03-10. This affects the function internalPrintf of the file miniz/lupng.c. The manipulation with an unknown input leads to a memory corruption vulnerability (Heap-based)....
Auteur: VulDB

DeDeCMS 5.7 /member/pm.php folder cross site scripting

A vulnerability was found in DeDeCMS 5.7. It has been rated as problematic. Affected by this issue is an unknown function of the file /member/pm.php. The manipulation of the argument folder as part of a Parameter leads to a cross site scripting...
Auteur: VulDB
First1826182718281829183018311832183318341835Last

Événements SSI