jeudi 12 décembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Octeth Oempro 4.7 Campaign.Get CampaignID sql injection

A vulnerability, which was classified as critical, was found in Octeth Oempro 4.7. Affected is the function Campaign.Get. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

OpenBSD up to 6.6 setuid Program ld.so _dl_setup_env LD_LIBRARY_PATH privilege escalation

A vulnerability, which was classified as critical, has been found in OpenBSD up to 6.6 (Operating System). This issue affects the function _dl_setup_env of the file ld.so of the component setuid Program Handler. There is no information about...
Auteur: VulDB

SnakeYAML 1.18 Alias unknown vulnerability [CVE-2017-18640]

A vulnerability classified as critical was found in SnakeYAML 1.18. This vulnerability affects some unknown processing of the component Alias Handler. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Avaya IP Office Application Server up to 10.x Web UI Code Execution cross site scripting

A vulnerability, which was classified as problematic, was found in Avaya IP Office Application Server up to 10.x. This affects some unknown processing of the component Web UI. Upgrading to version 11.0 eliminates this vulnerability.
Auteur: VulDB

LEADTOOLS 20.0.2019.3.15 JPEG2000 File Image File Out-of-Bounds memory corruption

A vulnerability, which was classified as critical, has been found in LEADTOOLS 20.0.2019.3.15. Affected by this issue is an unknown code block of the component JPEG2000 File Handler. There is no information about possible countermeasures known....
Auteur: VulDB

LEADTOOLS 20.0.2019.3.15 DICOM libltdic.so Crafted Packet memory corruption

A vulnerability classified as critical was found in LEADTOOLS 20.0.2019.3.15. Affected by this vulnerability is an unknown code of the file libltdic.so of the component DICOM Handler. There is no information about possible countermeasures known....
Auteur: VulDB

LEADTOOLS 20.0.2019.3.15 DICOM Image Out-of-Bounds memory corruption

A vulnerability classified as critical has been found in LEADTOOLS 20.0.2019.3.15. Affected is an unknown part of the component DICOM Image Handler. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

LEADTOOLS 20.0.2019.3.15 libltdic.so Crafted Packet denial of service

A vulnerability was found in LEADTOOLS 20.0.2019.3.15. It has been rated as problematic. This issue affects some unknown functionality of the file libltdic.so. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

LEADTOOLS 20.0.2019.3.15 libltdic.so Crafted Packet information disclosure

A vulnerability was found in LEADTOOLS 20.0.2019.3.15. It has been declared as problematic. This vulnerability affects an unknown functionality of the file libltdic.so. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

LEADTOOLS 20.0.2019.3.15 DICOM Parser libltdic.so Crafted Packet memory corruption

A vulnerability was found in LEADTOOLS 20.0.2019.3.15. It has been classified as critical. This affects an unknown function of the file libltdic.so of the component DICOM Parser. There is no information about possible countermeasures known. It...
Auteur: VulDB

IBM Spectrum Scale 4.2/5.0 Request Command privilege escalation

A vulnerability was found in IBM Spectrum Scale 4.2/5.0 and classified as critical. Affected by this issue is some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

IBM Spectrum Scale 4.2/5.0 Web UI cross site scripting

A vulnerability has been found in IBM Spectrum Scale 4.2/5.0 and classified as problematic. Affected by this vulnerability is an unknown code block of the component Web UI. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Blink XT2 Sync Module up to 2.13.10 Network Configuration Command privilege escalation

A vulnerability, which was classified as critical, was found in Blink XT2 Sync Module up to 2.13.10. Affected is an unknown code of the component Network Configuration Handler. Upgrading to version 2.13.11 eliminates this vulnerability.
Auteur: VulDB

Blink XT2 Sync Module up to 2.13.10 WiFi bssid privilege escalation

A vulnerability, which was classified as critical, has been found in Blink XT2 Sync Module up to 2.13.10. This issue affects an unknown part of the component WiFi Handler. Upgrading to version 2.13.11 eliminates this vulnerability.
Auteur: VulDB

Blink XT2 Sync Module up to 2.13.10 WiFi key privilege escalation

A vulnerability classified as critical was found in Blink XT2 Sync Module up to 2.13.10. This vulnerability affects some unknown functionality of the component WiFi Handler. Upgrading to version 2.13.11 eliminates this vulnerability.
Auteur: VulDB

Blink XT2 Sync Module up to 2.13.10 WiFi encryption privilege escalation

A vulnerability classified as critical has been found in Blink XT2 Sync Module up to 2.13.10. This affects an unknown functionality of the component WiFi Handler. Upgrading to version 2.13.11 eliminates this vulnerability.
Auteur: VulDB

Blink XT2 Sync Module up to 2.13.10 WiFi ssid privilege escalation

A vulnerability was found in Blink XT2 Sync Module up to 2.13.10. It has been rated as critical. Affected by this issue is an unknown function of the component WiFi Handler. Upgrading to version 2.13.11 eliminates this vulnerability.
Auteur: VulDB

Blink XT2 Sync Module up to 2.13.10 UART Command privilege escalation

A vulnerability was found in Blink XT2 Sync Module up to 2.13.10. It has been declared as critical. Affected by this vulnerability is some unknown processing of the component UART Handler. Upgrading to version 2.13.11 eliminates this...
Auteur: VulDB

bson-objectid 1.3.0 on Node.js ObjectID() privilege escalation

A vulnerability was found in bson-objectid 1.3.0 on Node.js. It has been classified as critical. Affected is the function ObjectID(). There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

sysstat up to 12.2.0 sa_common.c check_file_actlst memory corruption

A vulnerability was found in sysstat up to 12.2.0 and classified as critical. This issue affects the function check_file_actlst of the file sa_common.c. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Zoho ManageEngine Applications Manager prior 13640 Agent.java agentid sql injection

A vulnerability has been found in Zoho ManageEngine Applications Manager and classified as critical. This vulnerability affects the function Agent.java. Upgrading to version 13640 eliminates this vulnerability.
Auteur: VulDB

Zoho ManageEngine Applications Manager prior 13620 SyncEventServlet.java doGet eventid sql injection

A vulnerability, which was classified as critical, was found in Zoho ManageEngine Applications Manager. This affects the function doGet of the file SyncEventServlet.java. Upgrading to version 13620 eliminates this vulnerability.
Auteur: VulDB

Xen up to 4.12.x VMX VMEntry Check PV Guest Crash denial of service

A vulnerability, which was classified as problematic, has been found in Xen up to 4.12.x. Affected by this issue is an unknown functionality of the component VMX VMEntry Check Handler. There is no information about possible countermeasures known....
Auteur: VulDB

Xen up to 4.12.x Bit Iteration Infinite Loop denial of service

A vulnerability classified as problematic was found in Xen up to 4.12.x (Virtualization Software). Affected by this vulnerability is an unknown function of the component Bit Iteration Handler. There is no information about possible...
Auteur: VulDB

Xen up to 4.12.x Bit Iteration Out-of-Bounds denial of service

A vulnerability classified as problematic has been found in Xen up to 4.12.x (Virtualization Software). Affected is some unknown processing of the component Bit Iteration Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB
12345678910Last

Événements SSI

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS