dimanche 19 janvier 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

GitLab Community Edition/Enterprise Edition up to 9.x/10.x/11.8.7/11.6.5/11.7.0 Access Control privilege escalation

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 9.x/10.x/11.8.7/11.6.5/11.7.0 (Bug Tracking Software). It has been declared as critical. This vulnerability affects an unknown code block of the component Access...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.5.7/11.6.5/11.7.0 spoofing

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 11.5.7/11.6.5/11.7.0 (Bug Tracking Software). It has been classified as critical. This affects an unknown code. Upgrading to version 11.5.8, 11.6.6 or 11.7.1...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.5.7/11.6.5/11.7.0 Project Import Commit information disclosure

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 11.5.7/11.6.5/11.7.0 (Bug Tracking Software) and classified as problematic. Affected by this issue is an unknown part of the component Project Import. Upgrading to...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.5.7/11.6.5/11.7.0 Jira Integration Server-Side Request Forgery

A vulnerability has been found in GitLab Community Edition and Enterprise Edition up to 11.5.7/11.6.5/11.7.0 (Bug Tracking Software) and classified as critical. Affected by this vulnerability is some unknown functionality of the component Jira...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.5.7/11.6.5/11.7.0 Project Import Error information disclosure

A vulnerability, which was classified as problematic, was found in GitLab Community Edition and Enterprise Edition up to 11.5.7/11.6.5/11.7.0 (Bug Tracking Software). Affected is an unknown functionality of the component Project Import. Upgrading...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.5.7/11.6.5/11.7.0 Access Control privilege escalation

A vulnerability, which was classified as critical, has been found in GitLab Community Edition and Enterprise Edition up to 11.5.7/11.6.5/11.7.0 (Bug Tracking Software). This issue affects an unknown function of the component Access Control....
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.5.7/11.6.5/11.7.0 Permission information disclosure

A vulnerability classified as problematic was found in GitLab Community Edition and Enterprise Edition up to 11.5.7/11.6.5/11.7.0 (Bug Tracking Software). This vulnerability affects some unknown processing of the component Permission. Upgrading...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.5.7/11.6.5/11.7.0 information disclosure

A vulnerability classified as problematic has been found in GitLab Community Edition and Enterprise Edition up to 11.5.7/11.6.5/11.7.0 (Bug Tracking Software). This affects an unknown code block. Upgrading to version 11.5.8, 11.6.6 or 11.7.1...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.5.7/11.6.5/11.7.0 Access Control privilege escalation

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 11.5.7/11.6.5/11.7.0 (Bug Tracking Software). It has been rated as critical. Affected by this issue is an unknown code of the component Access Control. Upgrading...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.5.7/11.6.5/11.7.0 Project Import Long String denial of service

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 11.5.7/11.6.5/11.7.0 (Bug Tracking Software). It has been declared as problematic. Affected by this vulnerability is an unknown part of the component Project...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.5.7/11.6.5/11.7.0 KaTeX Markdown Persistent cross site scripting

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 11.5.7/11.6.5/11.7.0 (Bug Tracking Software). It has been classified as problematic. Affected is some unknown functionality of the component KaTeX Handler....
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.5.7/11.6.5/11.7.0 directory traversal

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 11.5.7/11.6.5/11.7.0 (Bug Tracking Software) and classified as critical. This issue affects an unknown functionality. Upgrading to version 11.5.8, 11.6.6 or 11.7.1...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.5.7/11.6.5/11.7.0 Project information disclosure

A vulnerability has been found in GitLab Community Edition and Enterprise Edition up to 11.5.7/11.6.5/11.7.0 (Bug Tracking Software) and classified as problematic. This vulnerability affects an unknown function of the component Project Handler....
Auteur: VulDB

Seneca up to 3.8.x Environment Variable information disclosure

A vulnerability, which was classified as problematic, was found in Seneca up to 3.8.x. This affects some unknown processing of the component Environment Variable Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.0.3/12.1.1 Email Verification weak authentication

A vulnerability, which was classified as critical, has been found in GitLab Community Edition and Enterprise Edition up to 12.0.3/12.1.1 (Bug Tracking Software). Affected by this issue is an unknown code block of the component Email Verification....
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.11.5/12.0.3/12.1.1 Email Notification Persistent cross site scripting

A vulnerability classified as problematic was found in GitLab Community Edition and Enterprise Edition up to 11.11.5/12.0.3/12.1.1 (Bug Tracking Software). Affected by this vulnerability is an unknown code of the component Email Notification...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.11.5/12.0.3/12.1.1 Wiki Page Persistent cross site scripting

A vulnerability classified as problematic has been found in GitLab Community Edition and Enterprise Edition up to 11.11.5/12.0.3/12.1.1 (Bug Tracking Software). Affected is an unknown part of the component Wiki Page. Upgrading to version 11.11.6,...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.11.5/12.0.3/12.1.1 Authorization information disclosure

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 11.11.5/12.0.3/12.1.1 (Bug Tracking Software). It has been rated as problematic. This issue affects some unknown functionality of the component Authorization....
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.11.5/12.0.3/12.1.1 Service Integration POST Request Internal privilege escalation

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 11.11.5/12.0.3/12.1.1 (Bug Tracking Software). It has been declared as critical. This vulnerability affects an unknown functionality of the component Service...
Auteur: VulDB

DocCms up to 2016.5.17 Module Management File managemodel.php upload_model() ZIP Archive privilege escalation

A vulnerability was found in DocCms up to 2016.5.17. It has been classified as critical. This affects the function upload_model() of the file /admini/controllers/system/managemodel.php of the component Module Management File Handler. There is no...
Auteur: VulDB

D-Link DIR-868L REVB/DIR-885L REVA/DIR-895L REVA SharePort Web Access folder_view.php Request weak authentication

A vulnerability was found in D-Link DIR-868L REVB, DIR-885L REVA and DIR-895L REVA (Router Operating System) (affected version not known) and classified as critical. Affected by this issue is some unknown processing of the file folder_view.php of...
Auteur: VulDB

LimeSurvey up to 3.17.13 Cookie httponly privilege escalation

A vulnerability has been found in LimeSurvey up to 3.17.13 (Survey Software) and classified as critical. Affected by this vulnerability is an unknown code block of the component Cookie Handler. Upgrading to version 3.17.14 eliminates this...
Auteur: VulDB

LimeSurvey up to 3.17.13 Plugin Manager privilege escalation

A vulnerability, which was classified as critical, was found in LimeSurvey up to 3.17.13 (Survey Software). Affected is an unknown code of the component Plugin Manager. Upgrading to version 3.17.14 eliminates this vulnerability.
Auteur: VulDB

LimeSurvey up to 3.17.13 Permission privilege escalation

A vulnerability, which was classified as critical, has been found in LimeSurvey up to 3.17.13 (Survey Software). This issue affects an unknown part of the component Permission. Upgrading to version 3.17.14 eliminates this vulnerability.
Auteur: VulDB

LimeSurvey up to 3.17.13 Response command injection

A vulnerability classified as critical was found in LimeSurvey up to 3.17.13 (Survey Software). This vulnerability affects some unknown functionality of the component Response Handler. Upgrading to version 3.17.14 eliminates this vulnerability.
Auteur: VulDB
First280281282283284285286287288289Last

Événements SSI

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS