lundi 18 novembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Joget Workflow 6.0.20 account_new Account ID/Account Name privilege escalation [Disputed]

A vulnerability was found in Joget Workflow 6.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file jw/web/userview/crm_community/crm_userview_sales/_/account_new. The manipulation of the...
Auteur: VulDB

EspoCRM 5.6.4 api/v1/User information disclosure

A vulnerability was found in EspoCRM 5.6.4. It has been classified as problematic. Affected is an unknown function of the file api/v1/User?filterList. The manipulation with an unknown input leads to a information disclosure vulnerability...
Auteur: VulDB

EspoCRM 5.6.4 KnowledgeBaseArticle body cross site scripting

A vulnerability was found in EspoCRM 5.6.4 and classified as problematic. This issue affects some unknown processing of the file api/v1/KnowledgeBaseArticle. The manipulation of the argument body as part of a Parameter leads to a cross site...
Auteur: VulDB

EspoCRM 5.6.4 api/v1/Document cross site scripting

A vulnerability has been found in EspoCRM 5.6.4 and classified as problematic. This vulnerability affects an unknown code block of the file api/v1/Document. The manipulation with an unknown input leads to a cross site scripting vulnerability...
Auteur: VulDB

EspoCRM up to 5.6.5 Create User firstName/lastName Stored cross site scripting

A vulnerability, which was classified as problematic, was found in EspoCRM up to 5.6.5. This affects an unknown code of the component Create User Handler. The manipulation of the argument firstName/lastName with an unknown input leads to a cross...
Auteur: VulDB

EspoCRM up to 5.6.5 Create Case firstName/lastName Stored cross site scripting

A vulnerability, which was classified as problematic, has been found in EspoCRM up to 5.6.5. Affected by this issue is an unknown part of the component Create Case Handler. The manipulation of the argument firstName/lastName with an unknown...
Auteur: VulDB

EspoCRM up to 5.6.5 Create Task name Stored cross site scripting

A vulnerability classified as problematic was found in EspoCRM up to 5.6.5. Affected by this vulnerability is some unknown functionality of the component Create Task Handler. The manipulation of the argument name as part of a Parameter leads to...
Auteur: VulDB

Simple Membership Plugin up to 3.8.4 on WordPress Bulk Operation Section cross site request forgery

A vulnerability classified as problematic has been found in Simple Membership Plugin up to 3.8.4 on WordPress (WordPress Plugin). Affected is an unknown functionality of the component Bulk Operation Section. The manipulation with an unknown...
Auteur: VulDB

SSDP Responder up to 1.5 Network Message ssdpd.c ssdp_recv memory corruption

A vulnerability was found in SSDP Responder up to 1.5. It has been rated as critical. This issue affects the function ssdp_recv of the file ssdpd.c of the component Network Message Handler. The manipulation with an unknown input leads to a...
Auteur: VulDB

Pallets Werkzeug up to 0.15.4 Windows SharedDataMiddleware unknown vulnerability

A vulnerability was found in Pallets Werkzeug up to 0.15.4. It has been declared as problematic. This vulnerability affects the function SharedDataMiddleware of the component Windows. The impact remains unknown. The weakness was released ...
Auteur: VulDB

Save the Date: 2019 CISA Cybersecurity Summit

Original release date: July 29, 2019The Cybersecurity and Infrastructure Security Agency (CISA) will be hosting the 2019 CISA Cybersecurity Summit from September 18-20, 2019, at National Harbor, MD. This summit will provide a forum for critical...
Auteur: US Cert

SunHater KCFinder up to 3.12/3.20-test1/3.20-test2 upload.php CKEditorFuncNum cross site scripting

A vulnerability was found in SunHater KCFinder up to 3.12/3.20-test1/3.20-test2. It has been classified as problematic. This affects an unknown code block of the file upload.php. The manipulation of the argument CKEditorFuncNum as part of a...
Auteur: VulDB

Veeam ONE Reporter 9.5.0.3201 CommonDataHandlerReadOnly.ashx addDashboard/editDashboard Description(config) cross site scripting

A vulnerability was found in Veeam ONE Reporter 9.5.0.3201 and classified as problematic. Affected by this issue is the function addDashboard/editDashboard of the file CommonDataHandlerReadOnly.ashx. The manipulation of the argument...
Auteur: VulDB

Veeam ONE Reporter 9.5.0.3201 CommonDataHandlerReadOnly.ashx setDashboardWidget cross site scripting

A vulnerability has been found in Veeam ONE Reporter 9.5.0.3201 and classified as problematic. Affected by this vulnerability is the function setDashboardWidget of the file CommonDataHandlerReadOnly.ashx. The manipulation with an unknown input...
Auteur: VulDB

UPX 3.95 p_vmlinx.cpp canUnpack memory corruption

A vulnerability, which was classified as critical, was found in UPX 3.95. Affected is the function canUnpack of the file p_vmlinx.cpp. The manipulation with an unknown input leads to a memory corruption vulnerability (Segmentation Fault). CWE is...
Auteur: VulDB

UPX 3.95 p_vmlinx.cpp getElfSections memory corruption

A vulnerability, which was classified as critical, has been found in UPX 3.95. This issue affects the function getElfSections of the file p_vmlinx.cpp. The manipulation with an unknown input leads to a memory corruption vulnerability (Integer...
Auteur: VulDB

Xpdf 4.01.01 JPXStream.cc JPXStream::fillReadBuf memory corruption

A vulnerability classified as critical was found in Xpdf 4.01.01. This vulnerability affects the function JPXStream::fillReadBuf of the file JPXStream.cc. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

Xpdf 4.01.01 GfxState.cc parse memory corruption

A vulnerability classified as critical has been found in Xpdf 4.01.01. This affects the function GfxPatchMeshShading::parse of the file GfxState.cc. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

Xpdf 4.01.01 GfxState.cc parse memory corruption

A vulnerability was found in Xpdf 4.01.01. It has been rated as critical. Affected by this issue is the function GfxPatchMeshShading::parse of the file GfxState.cc. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Xpdf 4.01.01 GfxState.cc parse memory corruption

A vulnerability was found in Xpdf 4.01.01. It has been declared as critical. Affected by this vulnerability is the function GfxPatchMeshShading::parse of the file GfxState.cc. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Xpdf 4.01.01 GfxState.cc parse memory corruption

A vulnerability was found in Xpdf 4.01.01. It has been classified as critical. Affected is the function GfxPatchMeshShading::parse of the file GfxState.cc. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

Xpdf 4.01.01 JBIG2Stream.cc JBIG2Bitmap::combine memory corruption

A vulnerability was found in Xpdf 4.01.01 and classified as critical. This issue affects the function JBIG2Bitmap::combine of the file JBIG2Stream.cc. The manipulation with an unknown input leads to a memory corruption vulnerability (Integer...
Auteur: VulDB

Xpdf 4.01.01 JBIG2Stream.cc JBIG2Bitmap::combine memory corruption

A vulnerability has been found in Xpdf 4.01.01 and classified as critical. This vulnerability affects the function JBIG2Bitmap::combine of the file JBIG2Stream.cc. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

MISP 2.4.111 event-graph View event-graph.js cross site scripting

A vulnerability, which was classified as problematic, was found in MISP 2.4.111. This affects an unknown function of the file app/webroot/js/event-graph.js of the component event-graph View. The manipulation with an unknown input leads to a...
Auteur: VulDB

Linux Kernel up to 4.13 drivers/nvme/target/fc.c memory corruption

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 4.13. Affected by this issue is some unknown processing of the file drivers/nvme/target/fc.c. The manipulation with an unknown input leads to a memory...
Auteur: VulDB
First267268269270271272273274275276Last

Événements SSI

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS