Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

AirTies Air 5750 1.0.0.18 top.html productboardtype cross site scripting

A vulnerability, which was classified as problematic, has been found in AirTies Air 5750 1.0.0.18. This issue affects an unknown function of the file top.html. The manipulation of the argument productboardtype as part of a Parameter leads to a...
Auteur: VulDB

Django 2.1.0/2.1.1 Password Hash information disclosure

A vulnerability classified as problematic was found in Django 2.1.0/2.1.1. This vulnerability affects an unknown function of the component Password Hash Handler. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

IBM Rational Quality Manager up to 6.0.6 Web UI cross site scripting

A vulnerability classified as problematic has been found in IBM Rational Quality Manager up to 6.0.6. This affects an unknown function of the component Web UI. The manipulation with an unknown input leads to a cross site scripting vulnerability....
Auteur: VulDB

IBM Rational Quality Manager up to 6.0.6 Web UI cross site scripting

A vulnerability was found in IBM Rational Quality Manager up to 6.0.6. It has been rated as problematic. Affected by this issue is an unknown function of the component Web UI. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

Adobe Releases Security Updates

Original release date: October 01, 2018 Adobe has released security updates to address multiple vulnerabilities in Adobe Acrobat and Reader. An attacker could exploit some of these vulnerabilities to take control of an affected...
Auteur: US Cert

CERTFR-2018-AVI-461 : Multiples vulnérabilités dans le noyau Linux de SUSE (01 octobre 2018)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un déni de service et une atteinte à la confidentialité des données.

Auteur: Cert FR

PTC ThingWorx Platform up to 8.2 SQUEAL Search Reflected cross site scripting

A vulnerability was found in PTC ThingWorx Platform up to 8.2 and classified as problematic. Affected by this issue is an unknown function of the component SQUEAL Search. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

PTC ThingWorx Platform up to 8.2 Default Key weak encryption

A vulnerability has been found in PTC ThingWorx Platform up to 8.2 and classified as critical. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a weak encryption vulnerability (Default Key)....
Auteur: VulDB

PTC ThingWorx Platform up to 8.2 Password Hash information disclosure

A vulnerability, which was classified as problematic, was found in PTC ThingWorx Platform up to 8.2. Affected is an unknown function of the component Password Hash Handler. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

WUZHI CMS 4.1.0 card.php groupname sql injection

A vulnerability was found in WUZHI CMS 4.1.0 and classified as critical. This issue affects an unknown function of the file coreframe/app/coupon/admin/card.php. The manipulation of the argument groupname as part of a Parameter leads to a sql...
Auteur: VulDB

JsonCpp 1.8.4 json_reader.cpp readValue() JSON Request denial of service

A vulnerability has been found in JsonCpp 1.8.4 and classified as problematic. This vulnerability affects the function Json::OurReader::readValue() of the file json_reader.cpp. The manipulation as part of a JSON Request leads to a denial of...
Auteur: VulDB

JsonCpp 1.8.4 json_value.cpp Json::Value::clear() JSON Request denial of service

A vulnerability, which was classified as problematic, was found in JsonCpp 1.8.4. This affects the function Json::Value::clear() of the file json_value.cpp. The manipulation as part of a JSON Request leads to a denial of service vulnerability....
Auteur: VulDB

Google Go html Package denial of service [CVE-2018-17848]

A vulnerability, which was classified as problematic, has been found in Google Go (the affected version is unknown). Affected by this issue is an unknown function of the component html Package. The manipulation with an unknown input leads to a...
Auteur: VulDB

Google Go html Package denial of service [CVE-2018-17847]

A vulnerability classified as problematic was found in Google Go (the affected version is unknown). Affected by this vulnerability is an unknown function of the component html Package. The manipulation with an unknown input leads to a denial of...
Auteur: VulDB

Google Go html Package Loop denial of service

A vulnerability classified as problematic has been found in Google Go (the affected version is unknown). Affected is an unknown function of the component html Package. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

JTBC(PHP) 3.0.1.6 information disclosure [CVE-2018-17838]

A vulnerability was found in JTBC(PHP) 3.0.1.6. It has been rated as problematic. This issue affects an unknown function of the file /console/#/console/file/manage.php?type=list&path=c:/. The manipulation with an unknown input leads to a...
Auteur: VulDB

JTBC(PHP) 3.0.1.6 manage.php denial of service

A vulnerability was found in JTBC(PHP) 3.0.1.6. It has been declared as problematic. This vulnerability affects an unknown function of the file /console/file/manage.php?type=action&action=delete&path=c%3A%2F. The manipulation with an unknown...
Auteur: VulDB

GetSimple CMS 3.3.15 admin/settings.php Structure cross site scripting

A vulnerability was found in GetSimple CMS 3.3.15 and classified as problematic. Affected by this issue is an unknown function of the file admin/settings.php. The manipulation of the argument Structure as part of a Parameter leads to a cross...
Auteur: VulDB

WUZHI CMS 2.0 index.php f cross site scripting

A vulnerability has been found in WUZHI CMS 2.0 and classified as problematic. Affected by this vulnerability is an unknown function of the file index.php. The manipulation of the argument f as part of a Parameter leads to a cross site scripting...
Auteur: VulDB

Redaxo up to 5.6.2 core/lib/list.php prepareQuery sort sql injection

A vulnerability, which was classified as critical, was found in Redaxo up to 5.6.2. Affected is the function prepareQuery in the library core/lib/list.php. The manipulation of the argument sort as part of a Parameter leads to a sql injection...
Auteur: VulDB

Redaxo 5.6.2 index.php $args cross site scripting

A vulnerability, which was classified as problematic, has been found in Redaxo 5.6.2. This issue affects an unknown function of the file addons/mediapool/pages/index.php. The manipulation of the argument $args as part of a Variable leads to a...
Auteur: VulDB

ZZIPlib 0.13.69 bins/unzzipcat-mem.c unzzip_cat directory traversal

A vulnerability classified as critical was found in ZZIPlib 0.13.69. This vulnerability affects the function unzzip_cat of the file bins/unzzipcat-mem.c. The manipulation with an unknown input leads to a directory traversal vulnerability. The...
Auteur: VulDB

HisiPHP 1.0.8 adduser.html cross site request forgery

A vulnerability was found in HisiPHP 1.0.8. It has been rated as problematic. Affected by this issue is an unknown function of the file admin.php/admin/user/adduser.html. The manipulation with an unknown input leads to a cross site request...
Auteur: VulDB

AdPlug 2.3.1 emuopl.cpp CEmuopl denial of service

A vulnerability was found in AdPlug 2.3.1. It has been declared as problematic. Affected by this vulnerability is the function CEmuopl of the file emuopl.cpp. The manipulation with an unknown input leads to a denial of service vulnerability...
Auteur: VulDB

Nullsoft Scriptable Install System up to 2.48 Protection Mechanism Version.dll privilege escalation

A vulnerability was found in Nullsoft Scriptable Install System up to 2.48 and classified as problematic. This issue affects an unknown function in the library Version.dll of the component Protection Mechanism. The manipulation with an unknown...
Auteur: VulDB
First1991199219931994199519961997199819992000Last

Événements SSI