Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Vela up to 0.7.4 ~/.netrc improper authorization

A vulnerability was found in Vela up to 0.7.4. It has been declared as critical. Affected by this vulnerability is some unknown processing of the file ~/.netrc. Upgrading to version 0.7.5 eliminates this vulnerability. The upgrade is hosted for...
Auteur: VulDB

Google Chrome prior 89.0.4389.114 on Linux Aura use after free

A vulnerability was found in Google Chrome on Linux (Web Browser). It has been classified as critical. Affected is an unknown code block of the component Aura. Upgrading to version 89.0.4389.114 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 89.0.4389.114 IPC out-of-bounds read

A vulnerability was found in Google Chrome (Web Browser) and classified as critical. This issue affects an unknown code of the component IPC. Upgrading to version 89.0.4389.114 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 89.0.4389.114 TabStrip heap-based overflow

A vulnerability has been found in Google Chrome (Web Browser) and classified as critical. This vulnerability affects an unknown part of the component TabStrip. Upgrading to version 89.0.4389.114 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 89.0.4389.114 on Windows TabStrip heap-based overflow

A vulnerability, which was classified as critical, was found in Google Chrome on Windows (Web Browser). This affects some unknown functionality of the component TabStrip. Upgrading to version 89.0.4389.114 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 89.0.4389.114 v8 use after free

A vulnerability, which was classified as critical, has been found in Google Chrome (Web Browser). Affected by this issue is an unknown functionality of the component v8. Upgrading to version 89.0.4389.114 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 89.0.4389.114 Screen Sharing use after free

A vulnerability classified as critical was found in Google Chrome (Web Browser). Affected by this vulnerability is an unknown function of the component Screen Sharing Handler. Upgrading to version 89.0.4389.114 eliminates this vulnerability.
Auteur: VulDB

Zoho ManageEngine ServiceDesk Plus/AssetExplorer XML Asset File cross site scripting

A vulnerability classified as problematic has been found in Zoho ManageEngine ServiceDesk Plus and AssetExplorer (version unknown). Affected is some unknown processing of the component XML Asset File Handler. Upgrading eliminates this...
Auteur: VulDB

SonicWALL Email Security 10.0.9.x unrestricted upload [CVE-2021-20022]

A vulnerability was found in SonicWALL Email Security 10.0.9.x (Anti-Malware Software). It has been rated as critical. This issue affects an unknown code block. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

SonicWALL Email Security 10.0.9.x HTTP Request privileges management

A vulnerability was found in SonicWALL Email Security 10.0.9.x (Anti-Malware Software). It has been declared as critical. This vulnerability affects an unknown code of the component HTTP Request Handler. There is no information about possible...
Auteur: VulDB

Online Book Store 1.0 admin.php sql injection

A vulnerability was found in Online Book Store 1.0. It has been classified as critical. This affects an unknown part of the file admin.php. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Larsens Calender Plugin up to 1.2 on WordPress titel cross site scripting

A vulnerability was found in Larsens Calender Plugin up to 1.2 on WordPress (WordPress Plugin) and classified as problematic. Affected by this issue is some unknown functionality. There is no information about possible countermeasures known. It...
Auteur: VulDB

Subrion CMS up to 4.2.1 Payment Gateway cross site scripting

A vulnerability has been found in Subrion CMS up to 4.2.1 (Content Management System) and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Payment Gateway. There is no information about...
Auteur: VulDB

Rukovoditel Project Management App 2.7.2 global_lists/choices sql injection

A vulnerability, which was classified as critical, was found in Rukovoditel Project Management App 2.7.2 (Project Management Software). Affected is an unknown function of the file global_lists/choices. There is no information about possible...
Auteur: VulDB

Rukovoditel Project Management App 2.7.2 access_rules/rules_form sql injection

A vulnerability, which was classified as critical, has been found in Rukovoditel Project Management App 2.7.2 (Project Management Software). This issue affects some unknown processing of the file access_rules/rules_form. There is no information...
Auteur: VulDB

Rukovoditel Project Management App 2.7.2 forms_fields_rules/rules cross-site request forgery

A vulnerability classified as problematic was found in Rukovoditel Project Management App 2.7.2 (Project Management Software). This vulnerability affects an unknown code block of the file forms_fields_rules/rules. There is no information about...
Auteur: VulDB

Dreamreport Dream Report 5 R20-2 CLSID access control

A vulnerability classified as critical has been found in Dreamreport Dream Report 5 R20-2 (Reporting Software). This affects an unknown code of the component CLSID Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Dreamreport Dream Report 5 R20-2 Binary backdoor

A vulnerability was found in Dreamreport Dream Report 5 R20-2 (Reporting Software). It has been rated as critical. Affected by this issue is an unknown part of the component Binary Handler. There is no information about possible countermeasures...
Auteur: VulDB

Dreamreport Dream Report 5 R20-2 Syncfusion Dashboard Service access control

A vulnerability was found in Dreamreport Dream Report 5 R20-2 (Reporting Software). It has been declared as critical. Affected by this vulnerability is some unknown functionality of the component Syncfusion Dashboard Service. There is no...
Auteur: VulDB

IBM Spectrum Scale 5.1.0.1 Filesystem Audit Log unknown vulnerability

A vulnerability was found in IBM Spectrum Scale 5.1.0.1 (Network Attached Storage Software). It has been classified as problematic. Affected is an unknown functionality of the component Filesystem Audit Log. There is no information about possible...
Auteur: VulDB

Erlang OTP up to 23.2.2 erlsrv.exe access control

A vulnerability was found in Erlang OTP up to 23.2.2 and classified as critical. This issue affects an unknown function of the file erlsrv.exe. Upgrading to version 23.2.3 eliminates this vulnerability. The upgrade is hosted for download at...
Auteur: VulDB

Skyworth Digital Technology RN510 3.1.0.4 app-staticIP.asp unknown vulnerability

A vulnerability has been found in Skyworth Digital Technology RN510 3.1.0.4 and classified as problematic. This vulnerability affects some unknown processing of the file /cgi-bin/app-staticIP.asp. There is no information about possible...
Auteur: VulDB

Skyworth Digital Technology RN510 3.1.0.4 net-routeadd.asp cross-site request forgery

A vulnerability, which was classified as problematic, was found in Skyworth Digital Technology RN510 3.1.0.4. This affects an unknown code block of the file /cgi-bin/net-routeadd.asp. There is no information about possible countermeasures known....
Auteur: VulDB

Skyworth Digital Technology RN510 3.1.0.4 Wi-Fi test_version.asp access control

A vulnerability, which was classified as critical, has been found in Skyworth Digital Technology RN510 3.1.0.4. Affected by this issue is an unknown code of the file in/cgi-bin/test_version.asp of the component Wi-Fi Handler. There is no...
Auteur: VulDB

sopel-channelmgnt up to 2.0.0 on sopel Kick Command access control

A vulnerability classified as problematic was found in sopel-channelmgnt up to 2.0.0 on sopel. Affected by this vulnerability is an unknown part of the component Kick Command Handler. Upgrading to version 2.0.1 eliminates this vulnerability....
Auteur: VulDB
12345678910Last

Événements SSI