samedi 21 septembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Anker Roav A1 Dashcam RoavA1SWV1.9 HTTP Server HTTP POST Request privilege escalation

A vulnerability was found in Anker Roav A1 Dashcam RoavA1SWV1.9. It has been declared as problematic. This vulnerability affects a code block of the component HTTP Server. The manipulation as part of a HTTP POST Request leads to a privilege...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 Crafted Packet Deadlock denial of service

A vulnerability was found in Anker Roav A1 Dashcam RoavA1SWV1.9. It has been classified as problematic. This affects code. The manipulation as part of a Crafted Packet leads to a denial of service vulnerability (Deadlock). CWE is classifying the...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 Reboot denial of service

A vulnerability was found in Anker Roav A1 Dashcam RoavA1SWV1.9 and classified as problematic. Affected by this issue is a part. The manipulation with an unknown input leads to a denial of service vulnerability (Reboot). Using CWE to declare the...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 Crafted Packet Memory denial of service

A vulnerability has been found in Anker Roav A1 Dashcam RoavA1SWV1.9 and classified as problematic. Affected by this vulnerability is a functionality. The manipulation as part of a Crafted Packet leads to a denial of service vulnerability...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 Thumbnail Crafted Packet NULL Pointer Dereference denial of service

A vulnerability, which was classified as problematic, was found in Anker Roav A1 Dashcam RoavA1SWV1.9. Affected is a function of the component Thumbnail Handler. The manipulation as part of a Crafted Packet leads to a denial of service...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 Wi-Fi Command Crafted Packet Stack-based memory corruption

A vulnerability, which was classified as critical, has been found in Anker Roav A1 Dashcam RoavA1SWV1.9. This issue affects some functionality of the component Wi-Fi Command Handler. The manipulation as part of a Crafted Packet leads to a memory...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 HTTP Server HTTP PUT Request Firmware privilege escalation

A vulnerability classified as critical was found in Anker Roav A1 Dashcam RoavA1SWV1.9. This vulnerability affects the functionality of the component HTTP Server. The manipulation as part of a HTTP PUT Request leads to a privilege escalation...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 Default Credentials weak authentication

A vulnerability classified as critical has been found in Anker Roav A1 Dashcam RoavA1SWV1.9. This affects an unknown function. The manipulation with an unknown input leads to a weak authentication vulnerability (Default Credentials). CWE is...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 URL Parser Crafted Packet Stack-based memory corruption

A vulnerability was found in Anker Roav A1 Dashcam RoavA1SWV1.9. It has been rated as critical. Affected by this issue is some processing of the component URL Parser. The manipulation as part of a Crafted Packet leads to a memory corruption...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 Wi-Fi Command Crafted Packet Stack-based memory corruption

A vulnerability was found in Anker Roav A1 Dashcam RoavA1SWV1.9. It has been declared as critical. Affected by this vulnerability is a code block of the component Wi-Fi Command Handler. The manipulation as part of a Crafted Packet leads to a...
Auteur: VulDB

D-Link DIR-822 B1 SetWiFiVerifyAlpha do_wps WPSPIN privilege escalation

A vulnerability was found in D-Link DIR-822 B1 (Router Operating System) (version unknown). It has been classified as critical. Affected is the function do_wps of the file /HNAP1/SetWiFiVerifyAlpha. The manipulation of the argument WPSPIN as...
Auteur: VulDB

D-Link DIR-822 3.10B06 SetQoSSettings.php uplink privilege escalation

A vulnerability was found in D-Link DIR-822 3.10B06 (Router Operating System) and classified as critical. This issue affects a part of the file SetQoSSettings.php. The manipulation of the argument uplink as part of a Shell Metacharacter leads to...
Auteur: VulDB

D-Link DIR-868L 2.05B02 /HNAP1/SetClientInfoDemo AudioMute/AudioEnable command injection

A vulnerability has been found in D-Link DIR-868L 2.05B02 (Router Operating System) and classified as critical. This vulnerability affects a functionality of the file /HNAP1/SetClientInfoDemo. The manipulation of the argument...
Auteur: VulDB

D-Link DIR-822/DIR-860L/DIR-868L/DIR-880L/DIR-890L SetAccessPointMode IsAccessPoint command injection

A vulnerability, which was classified as critical, was found in D-Link DIR-822, DIR-860L, DIR-868L, DIR-880L and DIR-890L (Router Operating System). This affects a function of the file /HNAP1/SetAccessPointMode. The manipulation of the argument...
Auteur: VulDB

D-Link DIR-818LW/DIR-822 B1 SetRouterSettings.php IPTWAN_build_command RemotePort privilege escalation

A vulnerability, which was classified as critical, has been found in D-Link DIR-818LW and DIR-822 B1 (Router Operating System) (affected version not known). Affected by this issue is the function IPTWAN_build_command of the file...
Auteur: VulDB

Simditor up to 2.3.21 SVG Element DOM-Based cross site scripting

A vulnerability classified as problematic was found in Simditor up to 2.3.21. Affected by this vulnerability is the functionality. The manipulation as part of a SVG Element leads to a cross site scripting vulnerability (DOM-Based). The CWE...
Auteur: VulDB

Virgin Media Wireless Router 3.0 Web Interface POST Request Persistent denial of service

A vulnerability classified as problematic has been found in Virgin Media Wireless Router 3.0 (Router Operating System). Affected is an unknown function of the component Web Interface. The manipulation as part of a POST Request leads to a denial...
Auteur: VulDB

Kieran O'Shea Calendar Plugin up to 1.3.10 on WordPress admin.php event_title parameter cross site scripting

A vulnerability was found in Kieran O'Shea Calendar Plugin up to 1.3.10 on WordPress (Calendar Software). It has been rated as problematic. This issue affects some processing of the file wp-admin/admin.php?page=calendar. The manipulation of the...
Auteur: VulDB

Espressif ESP-IDF up to 2.x/3.0.5/3.1.0 Bootloader esp_image_format.c process_segment privilege escalation

A vulnerability was found in Espressif ESP-IDF up to 2.x/3.0.5/3.1.0. It has been declared as problematic. This vulnerability affects a code block of the file components/bootloader_support/src/esp_image_format.c of the component Bootloader. The...
Auteur: VulDB

Evernote 6.15 on Windows Present Mode Stored cross site scripting

A vulnerability was found in Evernote 6.15 on Windows. It has been classified as problematic. This affects code of the component Present Mode. The manipulation with an unknown input leads to a cross site scripting vulnerability (Stored). CWE is...
Auteur: VulDB

Typesetter 5.1 Page Creation index.php/Admin LABEL cross site scripting

A vulnerability was found in Typesetter 5.1 and classified as problematic. Affected by this issue is a part of the file index.php/Admin of the component Page Creation. The manipulation of the argument LABEL as part of a Parameter leads to a...
Auteur: VulDB

Typesetter 5.1 New Class Name index.php/Admin/Classes cross site scripting

A vulnerability has been found in Typesetter 5.1 and classified as problematic. Affected by this vulnerability is a functionality of the file index.php/Admin/Classes of the component New Class Name Handler. The manipulation with an unknown input...
Auteur: VulDB

Typesetter 5.1 Script Element index.php/Admin/Uploaded SVG File cross site scripting

A vulnerability, which was classified as problematic, was found in Typesetter 5.1. Affected is a function of the file index.php/Admin/Uploaded of the component Script Element Handler. The manipulation as part of a SVG File leads to a cross site...
Auteur: VulDB

Kirby 2.5.12 New Page panel/pages/home/edit title cross site scripting

A vulnerability, which was classified as problematic, has been found in Kirby 2.5.12. This issue affects some functionality of the file panel/pages/home/edit of the component New Page Handler. The manipulation of the argument title with an...
Auteur: VulDB

Kirby 2.5.12 Admin Panel Persistent cross site scripting

A vulnerability classified as problematic was found in Kirby 2.5.12. This vulnerability affects the functionality of the component Admin Panel. The manipulation with an unknown input leads to a cross site scripting vulnerability (Persistent)....
Auteur: VulDB
First277278279280281282283284285286Last

Événements SSI

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS