vendredi 3 avril 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Enghouse Web Chat 6.1.300.31 POST Request Server-Side Request Forgery

A vulnerability, which was classified as critical, has been found in Enghouse Web Chat 6.1.300.31. This issue affects some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Texas Instruments CC256x/WL18xx Bluetooth Low Energy Packet memory corruption

A vulnerability classified as critical was found in Texas Instruments CC256x and WL18xx (the affected version is unknown). This vulnerability affects an unknown code block of the component Bluetooth Low Energy. There is no information about...
Auteur: VulDB

Mitsubishi Electric MELSEC-Q/MELSEC-L FTP Service denial of service

A vulnerability classified as problematic has been found in Mitsubishi Electric MELSEC-Q and MELSEC-L (the affected version unknown). This affects an unknown code of the component FTP Service. There is no information about possible...
Auteur: VulDB

SAP BusinessObjects Business Intelligence Platform prior 4.1/4.2 XML Data XML Document privilege escalation

A vulnerability was found in SAP BusinessObjects Business Intelligence Platform. It has been rated as critical. Affected by this issue is an unknown part of the component XML Data Handler. Upgrading to version 4.1 or 4.2 eliminates this...
Auteur: VulDB

SAP Quality Management prior 1.0/1.01/1.02/1.03 sql injection

A vulnerability was found in SAP Quality Management. It has been declared as critical. Affected by this vulnerability is some unknown functionality. Upgrading to version 1.0, 1.01, 1.02 or 1.03 eliminates this vulnerability.
Auteur: VulDB

SAP NetWeaver AS JAVA up to vor 7.10 privilege escalation [CVE-2019-0391]

A vulnerability was found in SAP NetWeaver AS JAVA (Solution Stack Software). It has been classified as critical. Affected is an unknown functionality. Upgrading to version 7.10, 7.20, 7.30, 7.31, 7.40 or 7.50 eliminates this vulnerability.
Auteur: VulDB

SAP Data Hub prior 2 Connection Manager privilege escalation

A vulnerability was found in SAP Data Hub and classified as critical. This issue affects an unknown function of the component Connection Manager. Upgrading to version 2 eliminates this vulnerability.
Auteur: VulDB

SAP NetWeaver Application Server up to vor 7.1 privilege escalation

A vulnerability has been found in SAP NetWeaver Application Server and classified as critical. This vulnerability affects some unknown processing. Upgrading to version 7.1, 7.2, 7.3, 7.31, 7.4 or 7.5 eliminates this vulnerability.
Auteur: VulDB

SAP UI5 HTTP Handler unknown vulnerability [CVE-2019-0388]

A vulnerability, which was classified as problematic, was found in SAP UI5 HTTP Handler (the affected version unknown). This affects an unknown code block of the component HTTP Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

SAP ERP Sales/S4HANA Sales/S4CORE Order Proessing privilege escalation

A vulnerability, which was classified as critical, has been found in SAP ERP Sales, S4HANA Sales and S4CORE (Enterprise Resource Planning Software) (affected version not known). Affected by this issue is an unknown code of the component Order...
Auteur: VulDB

SAP Enable Now up to 1907 cross site scripting [CVE-2019-0385]

A vulnerability classified as problematic was found in SAP Enable Now up to 1907. Affected by this vulnerability is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

SP Business Intelligence Platform 4.2 cross site scripting [CVE-2019-0382]

A vulnerability classified as problematic has been found in SP Business Intelligence Platform 4.2 (Business Process Management Software). Affected is some unknown functionality. There is no information about possible countermeasures known. It may...
Auteur: VulDB

vdsm/vdsclient Hostname Validator Man-in-the-Middle weak authentication

A vulnerability was found in vdsm and vdsclient (unknown version). It has been rated as critical. This issue affects an unknown functionality of the component Hostname Validator. There is no information about possible countermeasures known. It...
Auteur: VulDB

JBoss KeyCloak Soft Token cross site request forgery [CVE-2014-3655]

A vulnerability was found in JBoss KeyCloak (the affected version is unknown). It has been declared as problematic. This vulnerability affects an unknown function of the component Soft Token Handler. There is no information about possible...
Auteur: VulDB

openshift Team Name Stored cross site scripting

A vulnerability was found in openshift (the affected version unknown). It has been classified as problematic. This affects some unknown processing of the component Team Name Handler. There is no information about possible countermeasures known....
Auteur: VulDB

ProJoom Smart Flash Header up to 3.0.2 on Joomla views/upload.php Filename privilege escalation

A vulnerability was found in ProJoom Smart Flash Header up to 3.0.2 on Joomla (Joomla Component) and classified as critical. Affected by this issue is an unknown code block of the file views/upload.php. There is no information about possible...
Auteur: VulDB

Netgear WNR3500U/WNR3500L SMB Service Symlink directory traversal

A vulnerability has been found in Netgear WNR3500U and WNR3500L (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown code of the component SMB Service. There is no information about possible...
Auteur: VulDB

CERTFR-2019-AVI-571 : Multiples vulnérabilités dans le noyau Linux de Debian (14 novembre 2019)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données et une élévation de privilèges.

Auteur: Cert FR

Asus RT-AC66U/RT-N56U SMB Service Symlink directory traversal

A vulnerability, which was classified as critical, was found in Asus RT-AC66U and RT-N56U (version unknown). Affected is an unknown part of the component SMB Service. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Belkin N900 SMB Service Symlink directory traversal

A vulnerability, which was classified as critical, has been found in Belkin N900 (unknown version). This issue affects some unknown functionality of the component SMB Service. There is no information about possible countermeasures known. It may...
Auteur: VulDB

TP-LINK TL-WDR4300/TL-1043ND Symlink directory traversal [CVE-2013-4654]

A vulnerability classified as critical was found in TP-LINK TL-WDR4300 and TL-1043ND (the affected version is unknown). This vulnerability affects an unknown functionality. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Netgear WNR3500U/WNR3500L cross site scripting [CVE-2013-3517]

A vulnerability was found in Netgear WNR3500U and WNR3500L (affected version not known). It has been rated as problematic. Affected by this issue is some unknown processing. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Netgear WNR3500U/WNR3500L CSRF Token cross site request forgery

A vulnerability was found in Netgear WNR3500U and WNR3500L (affected version unknown). It has been declared as problematic. Affected by this vulnerability is an unknown code block of the component CSRF Token. There is no information about...
Auteur: VulDB

TRENDnet TEW-691GR/TEW-692GR Telnet Service Parameter Backdoor privilege escalation

A vulnerability was found in TRENDnet TEW-691GR and TEW-692GR (version unknown). It has been classified as critical. Affected is an unknown code of the component Telnet Service. There is no information about possible countermeasures known. It may...
Auteur: VulDB

TRENDnet TEW-812DRU Telnet Service broadcom.c Parameter privilege escalation

A vulnerability was found in TRENDnet TEW-812DRU (unknown version) and classified as critical. This issue affects an unknown part of the file broadcom.c of the component Telnet Service. There is no information about possible countermeasures...
Auteur: VulDB
First280281282283284285286287288289Last

Événements SSI