Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Gitea up to 1.5.3 Session ID go-macaron/session Remote Code Execution

A vulnerability, which was classified as critical, was found in Gitea up to 1.5.3. Affected is an unknown function of the file go-macaron/session of the component Session ID Handler. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Gogs 0.11.66 Session ID go-macaron/session Remote Code Execution

A vulnerability, which was classified as critical, has been found in Gogs 0.11.66. This issue affects an unknown function of the file go-macaron/session of the component Session ID Handler. The manipulation with an unknown input leads to a...
Auteur: VulDB

WP Editor.MD Plugin 10.0.1 on WordPress Comment cross site scripting

A vulnerability classified as problematic has been found in WP Editor.MD Plugin 10.0.1 on WordPress. This affects an unknown function. The manipulation as part of a Comment leads to a cross site scripting vulnerability. CWE is classifying the...
Auteur: VulDB

ProjeQtOr 7.2.5 image-upload shtml File privilege escalation

A vulnerability classified as critical was found in ProjeQtOr 7.2.5. This vulnerability affects an unknown function of the component image-upload. The manipulation as part of a shtml File leads to a privilege escalation vulnerability. The CWE...
Auteur: VulDB

International Components for Unicode 63.1 number_decimalquantity.cpp toScientificString() memory corruption

A vulnerability was found in International Components for Unicode 63.1 and classified as critical. Affected by this issue is the function number::impl::DecimalQuantity::toScientificString() of the file i18n/number_decimalquantity.cpp. The...
Auteur: VulDB

Exiv2 0.27-RC1 image.cpp printIFDStructure denial of service

A vulnerability has been found in Exiv2 0.27-RC1 and classified as problematic. Affected by this vulnerability is the function Exiv2::Image::printIFDStructure of the file image.cpp. The manipulation with an unknown input leads to a denial of...
Auteur: VulDB

xhEditor 1.2.2 SRC Attribute iFRAME Element cross site scripting

A vulnerability was found in xhEditor 1.2.2. It has been rated as problematic. Affected by this issue is an unknown function of the component SRC Attribute Handler. The manipulation as part of a iFRAME Element leads to a cross site scripting...
Auteur: VulDB

Vanilla up to 2.6.3 Remote Code Execution [CVE-2018-18903]

A vulnerability was found in Vanilla up to 2.6.3. It has been declared as critical. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code Execution). The...
Auteur: VulDB

CERTFR-2018-AVI-528 : Vulnérabilité dans les points d’accès Cisco (02 novembre 2018)

Une vulnérabilité a été découverte dans les points d'accès Cisco . Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance et un déni de service à distance.

Auteur: Cert FR

CERTFR-2018-AVI-528 : Vulnérabilité dans les points d’accès Cisco (02 novembre 2018)

Une vulnérabilité a été découverte dans les points d'accès Cisco . Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance et un déni de service à distance.

Auteur: Cert FR

CERTFR-2018-AVI-527 : Multiples vulnérabilités dans le noyau Linux de SUSE (02 novembre 2018)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE . Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et une atteinte à l'intégrité des données.

Auteur: Cert FR

CERTFR-2018-AVI-527 : Multiples vulnérabilités dans le noyau Linux de SUSE (02 novembre 2018)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE . Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et une atteinte à l'intégrité des données.

Auteur: Cert FR

CERTFR-2018-AVI-526 : Multiples vulnérabilités dans Mozilla Thunderbird (02 novembre 2018)

De multiples vulnérabilités ont été découvertes dans Mozilla Thunderbird. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Auteur: Cert FR

CERTFR-2018-AVI-526 : Multiples vulnérabilités dans Mozilla Thunderbird (02 novembre 2018)

De multiples vulnérabilités ont été découvertes dans Mozilla Thunderbird. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Auteur: Cert FR

Schneider Electric Software Update up to 2.1.x DLL privilege escalation

A vulnerability was found in Schneider Electric Software Update up to 2.1.x and classified as critical. This issue affects an unknown function of the component DLL Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Schneider Electric Modicon M221 IPv4 Config privilege escalation

A vulnerability has been found in Schneider Electric Modicon M221 (the affected version is unknown) and classified as critical. This vulnerability affects an unknown function of the component IPv4 Config Handler. The manipulation with an unknown...
Auteur: VulDB

Yi Home Camera 27US 1.8.7.0D UDP Packet denial of service

A vulnerability, which was classified as problematic, was found in Yi Home Camera 27US 1.8.7.0D. This affects an unknown function of the component UDP Packet Handler. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

Yi Home Camera 27US 1.8.7.0D UDP Packet Code Execution weak authentication

A vulnerability, which was classified as critical, has been found in Yi Home Camera 27US 1.8.7.0D. Affected by this issue is an unknown function of the component UDP Packet Handler. The manipulation with an unknown input leads to a weak...
Auteur: VulDB

Yi Home Camera 27US 1.8.7.0D 7-zip File Code Execution

A vulnerability classified as critical was found in Yi Home Camera 27US 1.8.7.0D. Affected by this vulnerability is an unknown function of the component 7-zip File Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Yi Home Camera 27US 1.8.7.0D QR Code Scanner password_dst Code Execution memory corruption

A vulnerability classified as critical has been found in Yi Home Camera 27US 1.8.7.0D. Affected is an unknown function of the component QR Code Scanner. The manipulation of the argument password_dst with an unknown input leads to a memory...
Auteur: VulDB

Yi Home Camera 27US 1.8.7.0D QR Code Scanner ssid_dst Code Execution memory corruption

A vulnerability was found in Yi Home Camera 27US 1.8.7.0D. It has been rated as critical. This issue affects an unknown function of the component QR Code Scanner. The manipulation of the argument ssid_dst with an unknown input leads to a memory...
Auteur: VulDB

Yi Home Camera 27US 1.8.7.0D Crafted Packet Code Execution memory corruption

A vulnerability was found in Yi Home Camera 27US 1.8.7.0D. It has been declared as critical. This vulnerability affects an unknown function. The manipulation as part of a Crafted Packet leads to a memory corruption vulnerability (Code...
Auteur: VulDB

Yi Home Camera 27US 1.8.7.0D SD Card Firmware Downgrade privilege escalation

A vulnerability was found in Yi Home Camera 27US 1.8.7.0D. It has been classified as critical. This affects an unknown function of the component SD Card Handler. The manipulation as part of a Firmware leads to a privilege escalation...
Auteur: VulDB

Yi Home Camera 27US 1.8.7.0D SD Card Code Execution

A vulnerability was found in Yi Home Camera 27US 1.8.7.0D and classified as critical. Affected by this issue is an unknown function of the component SD Card Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

poppler 0.71.0 GfxState.cc setDisplayProfile denial of service

A vulnerability, which was classified as problematic, was found in poppler 0.71.0. Affected is the function GfxColorSpace::setDisplayProfile of the file GfxState.cc. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB
First1931193219331934193519361937193819391940Last

Événements SSI