vendredi 10 juillet 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Rundeck Plugin up to 3.6.6 on Jenkins XML Parser XML External Entity

A vulnerability was found in Rundeck Plugin up to 3.6.6 on Jenkins. It has been classified as critical. This affects an unknown part of the component XML Parser. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Logstash Plugin up to 2.3.1 on Jenkins Configuration Credentials information disclosure

A vulnerability was found in Logstash Plugin up to 2.3.1 on Jenkins and classified as problematic. Affected by this issue is some unknown functionality of the component Configuration. There is no information about possible countermeasures known....
Auteur: VulDB

P4 Plugin up to 1.10.10 on Jenkins Permission Check privilege escalation

A vulnerability has been found in P4 Plugin up to 1.10.10 on Jenkins and classified as critical. Affected by this vulnerability is an unknown functionality of the component Permission Check. There is no information about possible countermeasures...
Auteur: VulDB

P4 Plugin up to 1.10.10 on Jenkins Perforce cross site request forgery

A vulnerability, which was classified as problematic, was found in P4 Plugin up to 1.10.10 on Jenkins. Affected is an unknown function of the component Perforce. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Audit Trail Plugin up to 3.2 on Jenkins Error Message Reflected cross site scripting

A vulnerability, which was classified as problematic, has been found in Audit Trail Plugin up to 3.2 on Jenkins. This issue affects some unknown processing of the component Error Message Handler. There is no information about possible...
Auteur: VulDB

Cobertura Plugin up to 1.15 on Jenkins Coverage Report File privilege escalation

A vulnerability classified as critical was found in Cobertura Plugin up to 1.15 on Jenkins. This vulnerability affects an unknown code block of the component Coverage Report File Handler. There is no information about possible countermeasures...
Auteur: VulDB

Cobertura Plugin up to 1.15 on Jenkins XML Data XML External Entity

A vulnerability classified as critical has been found in Cobertura Plugin up to 1.15 on Jenkins (Jenkins Plugin). This affects an unknown code of the component XML Data Handler. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Timestamper Plugin up to 1.11.1 on Jenkins Stored cross site scripting

A vulnerability was found in Timestamper Plugin up to 1.11.1 on Jenkins (Jenkins Plugin). It has been rated as problematic. Affected by this issue is an unknown part. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Git Plugin up to 4.2.0 on Jenkins Error Message Stored cross site scripting

A vulnerability was found in Git Plugin up to 4.2.0 on Jenkins (Versioning Software). It has been declared as problematic. Affected by this vulnerability is some unknown functionality of the component Error Message Handler. There is no...
Auteur: VulDB

Script Security Plugin up to 1.70 on Jenkins Sandbox privilege escalation

A vulnerability was found in Script Security Plugin up to 1.70 on Jenkins (Jenkins Plugin). It has been classified as critical. Affected is an unknown functionality of the component Sandbox. There is no information about possible countermeasures...
Auteur: VulDB

Script Security Plugin up to 1.70 on Jenkins Sandbox privilege escalation

A vulnerability was found in Script Security Plugin up to 1.70 on Jenkins (Jenkins Plugin) and classified as critical. This issue affects an unknown function of the component Sandbox. There is no information about possible countermeasures known....
Auteur: VulDB

Ansible up to 2.7.17/2.8.9/2.9.6 win_unzip Extract-Zip Archive directory traversal

A vulnerability has been found in Ansible up to 2.7.17/2.8.9/2.9.6 and classified as problematic. This vulnerability affects the function Extract-Zip of the component win_unzip. There is no information about possible countermeasures known. It may...
Auteur: VulDB

openshift-enterprise 3.11/4.0/4.1/4.2/4.3 Permission /etc/passwd privilege escalation

A vulnerability, which was classified as critical, was found in openshift-enterprise 3.11/4.0/4.1/4.2/4.3 (Virtualization Software). This affects an unknown code block of the file /etc/passwd of the component Permission. There is no information...
Auteur: VulDB

ThemeREX Addons Plugin on WordPress REST API Endpoint sc_layout trx_addons_rest_get_sc_layout sc privilege escalation

A vulnerability, which was classified as critical, has been found in ThemeREX Addons Plugin on WordPress (WordPress Plugin) (affected version not known). Affected by this issue is the function trx_addons_rest_get_sc_layout of the file...
Auteur: VulDB

ImageMagick 7.0.9 coders\heic.c ReadHEICImageByID memory corruption

A vulnerability classified as critical was found in ImageMagick 7.0.9 (Image Processing Software). Affected by this vulnerability is the function ReadHEICImageByID of the file coders\heic.c. There is no information about possible countermeasures...
Auteur: VulDB

BWA DiREX-Pro 1.2181 uninstall.php3 PKG privilege escalation

A vulnerability classified as critical has been found in BWA DiREX-Pro 1.2181. Affected is some unknown functionality of the file uninstall.php3. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

BWA DiREX-Pro 1.2181 val_soft.php3 Parameter information disclosure

A vulnerability was found in BWA DiREX-Pro 1.2181. It has been rated as problematic. This issue affects an unknown functionality of the file val_soft.php3. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

BWA DiREX-Pro 1.2181 val_users.php3 information disclosure

A vulnerability was found in BWA DiREX-Pro 1.2181. It has been declared as problematic. This vulnerability affects an unknown function of the file val_users.php3. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

MISP 2.4.122 Sighting Popover Tool sighting_field.ctp cross site scripting

A vulnerability was found in MISP 2.4.122. It has been classified as problematic. This affects some unknown processing of the file app/View/Elements/Events/View/sighting_field.ctp of the component Sighting Popover Tool. There is no information...
Auteur: VulDB

MISP 2.4.122 statistics_orgs.ctp Parameter cross site scripting

A vulnerability was found in MISP 2.4.122 and classified as problematic. Affected by this issue is an unknown code block of the file app/View/Users/statistics_orgs.ctp. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

JPaseto up to 0.2.x Hash weak encryption

A vulnerability has been found in JPaseto up to 0.2.x and classified as problematic. Affected by this vulnerability is an unknown code. Upgrading to version 0.3.0 eliminates this vulnerability.
Auteur: VulDB

Froxlor up to 0.10.15 Installer class.FroxlorInstall.php _createUserdataConf Parameter information disclosure

A vulnerability, which was classified as problematic, was found in Froxlor up to 0.10.15. Affected is the function _createUserdataConf in the library install/lib/class.FroxlorInstall.php of the component Installer. There is no information about...
Auteur: VulDB

Froxlor up to 0.10.13 Temp File class.FroxlorInstall.php _createUserdataConf privilege escalation

A vulnerability, which was classified as critical, has been found in Froxlor up to 0.10.13. This issue affects the function _createUserdataConf in the library install/lib/class.FroxlorInstall.php of the component Temp File Handler. Upgrading to...
Auteur: VulDB

Froxlor up to 0.10.13 class.FroxlorInstall.php _backupExistingDatabase Code Execution

A vulnerability classified as critical was found in Froxlor up to 0.10.13. This vulnerability affects the function _backupExistingDatabase in the library install/lib/class.FroxlorInstall.php. Upgrading to version 0.10.14 eliminates this...
Auteur: VulDB

MunkiReport up to 5.3.0 /report/broken_client cross site scripting

A vulnerability classified as problematic has been found in MunkiReport up to 5.3.0. This affects an unknown function of the file /report/broken_client. Upgrading to version 5.3.0.3923 eliminates this vulnerability.
Auteur: VulDB
First272273274275276277278279280281Last

Événements SSI