Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Google Android 8.1 WiFi VPN denial of service

A vulnerability classified as problematic has been found in Google Android 8.1. Affected is an unknown function of the component WiFi VPN. The manipulation with an unknown input leads to a denial of service vulnerability. CWE is classifying the...
Auteur: VulDB

Analyse d’impact relative à la protection des données : publication d’une liste des traitements pour lesquels une analyse est requise

Le RGPD prévoit que les autorités de protection des données doivent établir une liste des traitements pour lesquels une analyse d’impact relative à la protection des données est requise. La CNIL a adopté sa liste définitive le 11 octobre...
Auteur: Cnil

Apache Releases Security Advisory for Apache Struts

Original release date: November 05, 2018 The Apache Software Foundation has released an advisory to address a vulnerable commons-fileupload library used in Apache Struts versions 2.3.36 and prior. A remote attacker could exploit this...
Auteur: US Cert

BLEEDINGBIT - Vulnerabilities Affecting Enterprise WiFi Devices (CERT-EU Security Advisory 2018-028)

Security researchers disclosed details about two critical vulnerabilities related to the use of BLE (Bluetooth Low Energy) chips made by Texas Instruments (TI). The vulnerable BLE chips are embedded in WiFi network equipment from Cisco, Meraki...
Auteur: Cert EU

PopojiCMS 2.0.1 route.php cross site request forgery

A vulnerability was found in PopojiCMS 2.0.1. It has been rated as problematic. This issue affects an unknown function of the file po-admin/route.php?mod=component&act=addnew. The manipulation with an unknown input leads to a cross site request...
Auteur: VulDB

PopojiCMS 2.0.1 admin_component.php fupload privilege escalation

A vulnerability was found in PopojiCMS 2.0.1. It has been declared as critical. This vulnerability affects an unknown function of the file admin_component.php. The manipulation of the argument fupload as part of a Parameter leads to a privilege...
Auteur: VulDB

PopojiCMS 2.0.1 route.php id directory traversal

A vulnerability classified as critical has been found in PopojiCMS 2.0.1. Affected is an unknown function in the library admin_library.php of the file po-admin/route.php?mod=library&act=delete. The manipulation of the argument id with an unknown...
Auteur: VulDB

JEECMS 9.3 update cross site scripting

A vulnerability was found in JEECMS 9.3. It has been rated as problematic. Affected by this issue is an unknown function of the file index.do#/content/update?type=update. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

KindEditor up to 4.1.11 php/upload_json.php path directory traversal

A vulnerability was found in KindEditor up to 4.1.11. It has been declared as problematic. Affected by this vulnerability is an unknown function of the file php/upload_json.php. The manipulation of the argument path with an unknown input leads...
Auteur: VulDB

Zoho ManageEngine OpManager up to 12.3 Mail Server Settings sql injection

A vulnerability was found in Zoho ManageEngine OpManager up to 12.3. It has been classified as critical. Affected is an unknown function of the component Mail Server Settings Handler. The manipulation with an unknown input leads to a sql...
Auteur: VulDB

BaserCMS up to 4.1.3 edit data[UploaderCategory][name] cross site scripting

A vulnerability was found in BaserCMS up to 4.1.3 and classified as problematic. This issue affects an unknown function of the file admin/uploader/uploader_categories/edit. The manipulation of the argument data[UploaderCategory][name] as part of...
Auteur: VulDB

WUZHI CMS 4.1.0 index.php cross site scripting

A vulnerability, which was classified as problematic, was found in WUZHI CMS 4.1.0. This affects an unknown function of the file index.php?m=core&f=index. The manipulation with an unknown input leads to a cross site scripting vulnerability...
Auteur: VulDB

WUZHI CMS 4.1.0 index.php Attribute cross site scripting

A vulnerability, which was classified as problematic, has been found in WUZHI CMS 4.1.0. Affected by this issue is an unknown function of the file index.php?m=core&f=index. The manipulation as part of a Attribute leads to a cross site scripting...
Auteur: VulDB

libIEC61850 1.3 client/ied_connection.c ClientDataSet_getValues denial of service

A vulnerability classified as problematic was found in libIEC61850 1.3. Affected by this vulnerability is the function ClientDataSet_getValues of the file client/ied_connection.c. The manipulation with an unknown input leads to a denial of...
Auteur: VulDB

BaserCMS up to 4.1.3 ThemeConfig.php data[ThemeConfig][logo] privilege escalation

A vulnerability has been found in BaserCMS up to 4.1.3 and classified as critical. This vulnerability affects an unknown function of the file lib\Baser\Model\ThemeConfig.php. The manipulation of the argument data[ThemeConfig][logo] as part of a...
Auteur: VulDB

jQuery Picture Cut 1.1Beta File Upload privilege escalation

A vulnerability classified as critical has been found in jQuery Picture Cut 1.1Beta. This affects an unknown function of the component File Upload. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is...
Auteur: VulDB

libIEC61850 1.3 goose/goose_publisher.c prepareGooseBuffer memory corruption

A vulnerability was found in libIEC61850 1.3. It has been rated as critical. This issue affects the function prepareGooseBuffer of the file goose/goose_publisher.c. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Omron CX-Supervisor up to 3.4.1.0 Project File Type Confusion memory corruption

A vulnerability was found in Omron CX-Supervisor up to 3.4.1.0. It has been classified as critical. This affects an unknown function of the component Project File Handler. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Omron CX-Supervisor up to 3.4.1.0 Project File memory corruption

A vulnerability was found in Omron CX-Supervisor up to 3.4.1.0 and classified as critical. Affected by this issue is an unknown function of the component Project File Handler. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Omron CX-Supervisor up to 3.4.1.0 Out-of-Array memory corruption

A vulnerability has been found in Omron CX-Supervisor up to 3.4.1.0 and classified as critical. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

Omron CX-Supervisor up to 3.4.1.0 Project File memory corruption

A vulnerability, which was classified as critical, was found in Omron CX-Supervisor up to 3.4.1.0. Affected is an unknown function of the component Project File Handler. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

SourceTree up to 2.x on Windows Git Subrepository Argument Code Execution

A vulnerability, which was classified as critical, has been found in SourceTree up to 2.x on Windows. This issue affects an unknown function of the component Git Subrepository Handler. The manipulation as part of a Argument leads to a privilege...
Auteur: VulDB

SourceTree up to 2.x on MacOS Git Subrepository Argument Code Execution

A vulnerability classified as critical was found in SourceTree up to 2.x on MacOS. This vulnerability affects an unknown function of the component Git Subrepository Handler. The manipulation as part of a Argument leads to a privilege escalation...
Auteur: VulDB

Suricata up to 4.0.5 SMTP Parser util-decode-mime.c ProcessMimeEntity denial of service

A vulnerability was found in Suricata up to 4.0.5. It has been declared as problematic. This vulnerability affects the function ProcessMimeEntity of the file util-decode-mime.c of the component SMTP Parser. The manipulation with an unknown input...
Auteur: VulDB

PublicCMS 4.0 attached cross site scripting

A vulnerability has been found in PublicCMS 4.0 and classified as problematic. Affected by this vulnerability is an unknown function. The manipulation of the argument attached with an unknown input leads to a cross site scripting vulnerability....
Auteur: VulDB
First1930193119321933193419351936193719381939Last

Événements SSI