Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Foscam C1 Indoor HD Camera 2.52.2.43 DDNS Client memory corruption

A vulnerability classified as critical was found in Foscam C1 Indoor HD Camera 2.52.2.43. This vulnerability affects an unknown function of the component DDNS Client. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Foscam C1 Indoor HD Camera 2.52.2.43 DDNS Client memory corruption

A vulnerability classified as critical has been found in Foscam C1 Indoor HD Camera 2.52.2.43. This affects an unknown function of the component DDNS Client. The manipulation with an unknown input leads to a memory corruption vulnerability. CWE...
Auteur: VulDB

Foscam C1 Indoor HD Camera 2.52.2.43 DDNS Client memory corruption

A vulnerability was found in Foscam C1 Indoor HD Camera 2.52.2.43. It has been rated as critical. Affected by this issue is an unknown function of the component DDNS Client. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Iceni Argus 6.6.05 ipStringCreate PDF File memory corruption

A vulnerability was found in Iceni Argus 6.6.05. It has been declared as critical. Affected by this vulnerability is the function ipStringCreate. The manipulation as part of a PDF File leads to a memory corruption vulnerability (Integer...
Auteur: VulDB

Apache SpamAssassin up to 3.4.1 Scan Engine HTML::Parser Email denial of service

A vulnerability was found in Apache SpamAssassin up to 3.4.1. It has been classified as problematic. Affected is the function HTML::Parser of the component Scan Engine. The manipulation as part of a Email leads to a denial of service...
Auteur: VulDB

ProcessMaker Enterprise Core 3.0.1.7-community Deserialization Web Request PHP Code Execution privilege escalation

A vulnerability has been found in ProcessMaker Enterprise Core 3.0.1.7-community and classified as critical. This vulnerability affects an unknown function of the component Deserialization. The manipulation as part of a Web Request leads to a...
Auteur: VulDB

PoDoFo ParseToUnicode information disclosure

A vulnerability classified as problematic was found in PoDoFo (the affected version is unknown). Affected by this vulnerability is the function PdfEncoding::ParseToUnicode. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

Apache SpamAssassin 3.4.2 Meta Rule Syntax Code Injection privilege escalation

A vulnerability was found in Apache SpamAssassin 3.4.2. It has been declared as problematic. This vulnerability affects an unknown function of the component Meta Rule Syntax Handler. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Insteon Hub 1012 HTTP Server GET Parameter information disclosure

A vulnerability was found in Insteon Hub 1012 and classified as problematic. This issue affects an unknown function of the component HTTP Server. The manipulation as part of a GET Parameter leads to a information disclosure vulnerability. Using...
Auteur: VulDB

yiqicms up to 2016-11-20 comment.php cross site scripting

A vulnerability classified as problematic was found in yiqicms up to 2016-11-20. Affected by this vulnerability is an unknown function of the file comment.php. The manipulation with an unknown input leads to a cross site scripting vulnerability...
Auteur: VulDB

GPP up to 2.25 File Stack-based memory corruption

A vulnerability classified as critical has been found in GPP up to 2.25. Affected is an unknown function of the component File Handler. The manipulation with an unknown input leads to a memory corruption vulnerability (Stack-based). CWE is...
Auteur: VulDB

HTML Package prior 2018-07-13 on Go Insertion Mode HTMLTreeBuilder.cpp denial of service

A vulnerability was found in HTML Package on Go. It has been rated as problematic. This issue affects an unknown function of the file HTMLTreeBuilder.cpp of the component Insertion Mode. The manipulation with an unknown input leads to a denial...
Auteur: VulDB

Feed Statistics Plugin up to 3.x on WordPress feed-stats-url Open Redirect

A vulnerability was found in Feed Statistics Plugin up to 3.x on WordPress. It has been declared as problematic. This vulnerability affects an unknown function. The manipulation of the argument feed-stats-url as part of a Parameter leads to a...
Auteur: VulDB

wernsey bitmap prior 2018-08-18 4-Bit Image NULL Pointer Dereference denial of service

A vulnerability was found in wernsey bitmap. It has been classified as problematic. This affects an unknown function of the component 4-Bit Image Handler. The manipulation with an unknown input leads to a denial of service vulnerability (NULL...
Auteur: VulDB

JSON++ up to 2016-06-15 json.y yyparse() memory corruption

A vulnerability was found in JSON++ up to 2016-06-15 and classified as critical. Affected by this issue is the function yyparse() of the file json.y. The manipulation with an unknown input leads to a memory corruption vulnerability. Using CWE to...
Auteur: VulDB

jhead 3.00 gpsinfo.c ProcessGpsInfo JPEG File Format String

A vulnerability, which was classified as critical, has been found in jhead 3.00. Affected by this issue is the function ProcessGpsInfo of the file gpsinfo.c. The manipulation as part of a JPEG File leads to a format string vulnerability. Using...
Auteur: VulDB

OTCMS 3.61 admin/share_switch.php fieldName/fieldName2/tabName cross site scripting

A vulnerability was found in OTCMS 3.61 and classified as problematic. This issue affects an unknown function of the file admin/share_switch.php. The manipulation of the argument fieldName/fieldName2/tabName as part of a Parameter leads to a...
Auteur: VulDB

OTCMS 3.61 admin/users.php dataTypeCN/dataMode/dataModeStr cross site scripting

A vulnerability has been found in OTCMS 3.61 and classified as problematic. This vulnerability affects an unknown function of the file admin/users.php. The manipulation of the argument dataTypeCN/dataMode/dataModeStr as part of a Parameter leads...
Auteur: VulDB

PHP up to 5.6.37/7.0.31/7.1.21/7.2.9 Apache2 sapi_apache2.c php_handler cross site scripting

A vulnerability, which was classified as critical, was found in PHP up to 5.6.37/7.0.31/7.1.21/7.2.9. This affects the function php_handler of the file sapi/apache2handler/sapi_apache2.c of the component Apache2. The manipulation with an unknown...
Auteur: VulDB

SeaCMS 6.64 admin_video.php Parameter cross site scripting

A vulnerability, which was classified as problematic, has been found in SeaCMS 6.64. Affected by this issue is an unknown function of the file admin_video.php. The manipulation of the argument...
Auteur: VulDB

jhead 3.00 gpsinfo.c ProcessGpsInfo JPEG File memory corruption

A vulnerability was found in jhead 3.00. It has been classified as critical. Affected is the function ProcessGpsInfo of the file gpsinfo.c. The manipulation as part of a JPEG File leads to a memory corruption vulnerability (Integer Overflow)....
Auteur: VulDB

SBIbuddy App 1.41/1.42 on Android Security Question Response privilege escalation

A vulnerability has been found in SBIbuddy App 1.41/1.42 on Android and classified as critical. This vulnerability affects an unknown function of the component Security Question Response Handler. The manipulation with an unknown input leads to a...
Auteur: VulDB

Tinyftpd 1.1 ftpproto.c do_mkd Long Path memory corruption

A vulnerability, which was classified as critical, was found in Tinyftpd 1.1. This affects the function do_mkd of the file ftpproto.c. The manipulation as part of a Long Path leads to a memory corruption vulnerability. CWE is classifying the...
Auteur: VulDB

Microweber 1.0.7 api/save_user cross site request forgery

A vulnerability, which was classified as problematic, has been found in Microweber 1.0.7. Affected by this issue is an unknown function of the file api/save_user. The manipulation with an unknown input leads to a cross site request forgery...
Auteur: VulDB

GetSimple CMS 3.3.13 admin/settings.php cross site request forgery [Disputed]

A vulnerability classified as problematic was found in GetSimple CMS 3.3.13. Affected by this vulnerability is an unknown function of the file admin/settings.php. The manipulation with an unknown input leads to a cross site request forgery...
Auteur: VulDB
First1927192819291930193119321933193419351936Last

Événements SSI