vendredi 10 juillet 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

MunkiReport up to 5.2.x /module/comment/save cross site scripting

A vulnerability was found in MunkiReport up to 5.2.x (Reporting Software). It has been rated as problematic. Affected by this issue is some unknown processing of the file /module/comment/save. Upgrading to version 5.3.0 eliminates this...
Auteur: VulDB

MunkiReport up to 5.2.x tablequery.php sql injection

A vulnerability was found in MunkiReport up to 5.2.x (Reporting Software). It has been declared as critical. Affected by this vulnerability is an unknown code block of the file app/models/tablequery.php. Upgrading to version 5.3.0 eliminates this...
Auteur: VulDB

Halvotec RAQuest 10.23.10801.0 Login Page Wildcard information disclosure

A vulnerability was found in Halvotec RAQuest 10.23.10801.0. It has been classified as problematic. Affected is an unknown code of the component Login Page. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

vega-util up to 1.13.0 Object privilege escalation

A vulnerability was found in vega-util up to 1.13.0 and classified as critical. This issue affects an unknown part. Upgrading to version 1.13.1 eliminates this vulnerability.
Auteur: VulDB

The Sleuth Kit up to 4.8.0 fs/ntfs.c ntfs_dinode_lookup memory corruption

A vulnerability has been found in The Sleuth Kit up to 4.8.0 and classified as critical. This vulnerability affects the function ntfs_dinode_lookup of the file fs/ntfs.c. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

The Sleuth Kit up to 4.8.0 YAFFS File Timestamp fs/yaffs.c yaffsfs_istat() memory corruption

A vulnerability, which was classified as critical, was found in The Sleuth Kit up to 4.8.0. This affects the function yaffsfs_istat() of the file fs/yaffs.c of the component YAFFS File Timestamp Handler. There is no information about possible...
Auteur: VulDB

PHPGurukul Job Portal 1.0 File Upload admin/gallery.php PHP File privilege escalation

A vulnerability, which was classified as critical, has been found in PHPGurukul Job Portal 1.0. Affected by this issue is an unknown function of the file admin/gallery.php of the component File Upload. There is no information about possible...
Auteur: VulDB

PHPGurukul Online Book Store 1.0 File Upload admin_add.php PHP File privilege escalation

A vulnerability classified as critical was found in PHPGurukul Online Book Store 1.0. Affected by this vulnerability is some unknown processing of the file admin_add.php of the component File Upload. There is no information about possible...
Auteur: VulDB

Nitro Pro up to 13.13 npdf.dll JBIG2Decode PDF Document memory corruption

A vulnerability classified as critical has been found in Nitro Pro up to 13.13. Affected is the function JBIG2Decode in the library npdf.dll. Upgrading to version 13.13.2.242 eliminates this vulnerability.
Auteur: VulDB

Nitro Pro up to 13.13 npdf.dll nitro::get_property PDF Document memory corruption

A vulnerability was found in Nitro Pro up to 13.13. It has been rated as critical. This issue affects the function nitro::get_property in the library npdf.dll. Upgrading to version 13.13.2.242 eliminates this vulnerability.
Auteur: VulDB

rConfig up to 3.94 ajaxAddTemplate.php fileName privilege escalation

A vulnerability was found in rConfig up to 3.94. It has been declared as critical. This vulnerability affects an unknown part in the library lib/ajaxHandlers/ajaxAddTemplate.php. There is no information about possible countermeasures known. It...
Auteur: VulDB

rConfig up to 3.9.4 Web Interface commands.inc.php searchColumn sql injection

A vulnerability was found in rConfig up to 3.9.4. It has been classified as critical. This affects some unknown functionality of the file commands.inc.php of the component Web Interface. There is no information about possible countermeasures...
Auteur: VulDB

Quest Kace K1000 Systems Management Appliance up to 6.3 SP2 service/krashrpt.php kuid privilege escalation

A vulnerability was found in Quest Kace K1000 Systems Management Appliance up to 6.3 SP2 and classified as critical. Affected by this issue is an unknown functionality of the file service/krashrpt.php. Applying the patch 6.4 SP3 is able to...
Auteur: VulDB

Des femmes de la CNIL racontent leurs parcours

La CNIL compte 63 % de femmes et permet à chacune de s’intégrer et de valoriser ses compétences. Marie-Laure Denis, la Présidente de la CNIL et plusieurs agentes prennent la parole pour parler de leurs parcours et offrir des conseils inspirants.
Auteur: Cnil

Des femmes de la CNIL racontent leur parcours

La CNIL compte 63 % de femmes et permet à chacune de s’intégrer et de valoriser ses compétences. Marie-Laure Denis, Présidente de la CNIL, ainsi que plusieurs agentes prennent la parole pour parler de leur parcours et offrir des conseils...
Auteur: Cnil

Patriot Viper RGB Driver up to 1.1 Access Control privilege escalation

A vulnerability has been found in Patriot Viper RGB Driver up to 1.1 (Hardware Driver Software) and classified as critical. Affected by this vulnerability is an unknown function of the component Access Control. There is no information about...
Auteur: VulDB

Xiaomi MIUI V11.0.5.0.QFAEUXM GetApps Parameter privilege escalation

A vulnerability, which was classified as critical, was found in Xiaomi MIUI V11.0.5.0.QFAEUXM. Affected is some unknown processing of the component GetApps. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Xiaomi MIUI V11.0.5.0.QFAEUXM GetApps privilege escalation

A vulnerability, which was classified as critical, has been found in Xiaomi MIUI V11.0.5.0.QFAEUXM. This issue affects an unknown code block of the component GetApps. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Wing FTP Server up to 6.2.4 Administration Panel information disclosure

A vulnerability classified as problematic was found in Wing FTP Server up to 6.2.4 (File Transfer Software). This vulnerability affects an unknown code of the component Administration Panel. Upgrading to version 6.2.5 eliminates this...
Auteur: VulDB

RegistrationMagic Plugin up to 4.6.0.3 on WordPress class_rm_form_controller.php rm_form_export privilege escalation

A vulnerability classified as critical has been found in RegistrationMagic Plugin up to 4.6.0.3 on WordPress (WordPress Plugin). This affects the function rm_form_export of the file class_rm_form_controller.php. There is no information about...
Auteur: VulDB

RegistrationMagic Plugin up to 4.6.0.3 on WordPress class_rm_form_settings_controller.php privilege escalation

A vulnerability was found in RegistrationMagic Plugin up to 4.6.0.3 on WordPress. It has been rated as critical. Affected by this issue is some unknown functionality of the file class_rm_form_settings_controller.php. There is no information about...
Auteur: VulDB

RegistrationMagic Plugin up to 4.6.0.3 on WordPress class_rm_user_controller.php rm_user_edit privilege escalation

A vulnerability was found in RegistrationMagic Plugin up to 4.6.0.3 on WordPress. It has been declared as critical. Affected by this vulnerability is the function rm_user_edit of the file class_rm_user_controller.php. There is no information...
Auteur: VulDB

RegistrationMagic Plugin up to 4.6.0.3 on WordPress class_rm_user_services.php send_email_user_view privilege escalation

A vulnerability was found in RegistrationMagic Plugin up to 4.6.0.3 on WordPress. It has been classified as critical. Affected is the function send_email_user_view of the file class_rm_user_services.php. There is no information about possible...
Auteur: VulDB

RegistrationMagic Plugin up to 4.6.0.3 on WordPress PHP File Upload cross site request forgery

A vulnerability was found in RegistrationMagic Plugin up to 4.6.0.3 on WordPress and classified as critical. This issue affects some unknown processing of the component PHP File Upload. There is no information about possible countermeasures...
Auteur: VulDB

CKeditor up to 4.13 HTML Data Processor Comment cross site scripting

A vulnerability has been found in CKeditor up to 4.13 and classified as problematic. This vulnerability affects an unknown code block of the component HTML Data Processor. Upgrading to version 4.14 eliminates this vulnerability.
Auteur: VulDB
First273274275276277278279280281282Last

Événements SSI