samedi 4 avril 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Netgear WNR3500U/WNR3500L SMB Service Symlink directory traversal

A vulnerability has been found in Netgear WNR3500U and WNR3500L (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown code of the component SMB Service. There is no information about possible...
Auteur: VulDB

CERTFR-2019-AVI-571 : Multiples vulnérabilités dans le noyau Linux de Debian (14 novembre 2019)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données et une élévation de privilèges.

Auteur: Cert FR

Asus RT-AC66U/RT-N56U SMB Service Symlink directory traversal

A vulnerability, which was classified as critical, was found in Asus RT-AC66U and RT-N56U (version unknown). Affected is an unknown part of the component SMB Service. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Belkin N900 SMB Service Symlink directory traversal

A vulnerability, which was classified as critical, has been found in Belkin N900 (unknown version). This issue affects some unknown functionality of the component SMB Service. There is no information about possible countermeasures known. It may...
Auteur: VulDB

TP-LINK TL-WDR4300/TL-1043ND Symlink directory traversal [CVE-2013-4654]

A vulnerability classified as critical was found in TP-LINK TL-WDR4300 and TL-1043ND (the affected version is unknown). This vulnerability affects an unknown functionality. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Netgear WNR3500U/WNR3500L cross site scripting [CVE-2013-3517]

A vulnerability was found in Netgear WNR3500U and WNR3500L (affected version not known). It has been rated as problematic. Affected by this issue is some unknown processing. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Netgear WNR3500U/WNR3500L CSRF Token cross site request forgery

A vulnerability was found in Netgear WNR3500U and WNR3500L (affected version unknown). It has been declared as problematic. Affected by this vulnerability is an unknown code block of the component CSRF Token. There is no information about...
Auteur: VulDB

TRENDnet TEW-691GR/TEW-692GR Telnet Service Parameter Backdoor privilege escalation

A vulnerability was found in TRENDnet TEW-691GR and TEW-692GR (version unknown). It has been classified as critical. Affected is an unknown code of the component Telnet Service. There is no information about possible countermeasures known. It may...
Auteur: VulDB

TRENDnet TEW-812DRU Telnet Service broadcom.c Parameter privilege escalation

A vulnerability was found in TRENDnet TEW-812DRU (unknown version) and classified as critical. This issue affects an unknown part of the file broadcom.c of the component Telnet Service. There is no information about possible countermeasures...
Auteur: VulDB

Verizon FIOS Actiontec MI424WR-GEN3I cross site scripting [CVE-2013-3097]

A vulnerability has been found in Verizon FIOS Actiontec MI424WR-GEN3I (the affected version is unknown) and classified as problematic. This vulnerability affects some unknown functionality. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Bitweaver up to 2.8.1 stats/index.php highlight cross site scripting

A vulnerability, which was classified as problematic, was found in Bitweaver up to 2.8.1. This affects an unknown functionality of the file stats/index.php. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

LetoDMS 3.3.6 cross site request forgery [CVE-2012-4385]

A vulnerability, which was classified as problematic, has been found in LetoDMS 3.3.6. Affected by this issue is an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

LetoDMS Login Page/Document Owner/Calendar Stored cross site scripting

A vulnerability classified as problematic was found in LetoDMS (affected version unknown). Affected by this vulnerability is some unknown processing of the component Login Page/Document Owner/Calendar. There is no information about possible...
Auteur: VulDB

Zen Theme up to 6.x-1.x/7.x-3.1/7.x-5.3 on Drupal template.php zen_breadcrumb cross site scripting

A vulnerability classified as problematic has been found in Zen Theme up to 6.x-1.x/7.x-3.1/7.x-5.3 on Drupal. This affects the function zen_breadcrumb of the file template.php. Upgrading to version 7.x-3.2 or 7.x-5.4 eliminates this...
Auteur: VulDB

Ckeditor Module 7.x-1.4 on Drupal hook_file_download Request information disclosure

A vulnerability classified as problematic has been found in Ckeditor Module 7.x-1.4 on Drupal. Affected is the function hook_file_download. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

phpBB up to 3.0.6 BB Tag flash cross site scripting

A vulnerability was found in phpBB up to 3.0.6. It has been declared as problematic. This vulnerability affects an unknown part of the component BB Tag Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Trac up to 0.11.5 Workflow Permission privilege escalation

A vulnerability was found in Trac up to 0.11.5. It has been classified as critical. This affects some unknown functionality of the component Workflow Permission Handler. Upgrading to version 0.11.6 eliminates this vulnerability. A possible...
Auteur: VulDB

Pithos up to 0.3.4 Symlink privilege escalation

A vulnerability was found in Pithos up to 0.3.4 and classified as critical. Affected by this issue is an unknown functionality. Upgrading to version 0.3.5 eliminates this vulnerability.
Auteur: VulDB

ConsoleKit up to 0.4.1 Security Policy privilege escalation

A vulnerability has been found in ConsoleKit up to 0.4.1 and classified as critical. Affected by this vulnerability is an unknown function of the component Security Policy. Upgrading to version 0.4.2 eliminates this vulnerability. Applying a...
Auteur: VulDB

udisks up to 1.0.2 Kernel Module Loader privilege escalation

A vulnerability, which was classified as critical, was found in udisks up to 1.0.2. Affected is some unknown processing of the component Kernel Module Loader. Upgrading to version 1.0.3 eliminates this vulnerability. A possible mitigation has...
Auteur: VulDB

PHP up to 5.4.3 libxml2 Memory Leak denial of service

A vulnerability, which was classified as problematic, has been found in PHP up to 5.4.3. This issue affects an unknown code block of the component libxml2. Upgrading to version 5.4.4 eliminates this vulnerability.
Auteur: VulDB

Poppler up to 0.16.2 Command Stack-based memory corruption

A vulnerability classified as critical was found in Poppler up to 0.16.2. This vulnerability affects an unknown code of the component Command Handler. Upgrading to version 0.16.3 eliminates this vulnerability. A possible mitigation has been...
Auteur: VulDB

Poppler up to 0.16.2 Font Integer memory corruption

A vulnerability classified as critical has been found in Poppler up to 0.16.2. This affects an unknown part of the component Font Handler. Upgrading to version 0.16.3 eliminates this vulnerability. A possible mitigation has been published even...
Auteur: VulDB

Offlineimap up to 6.3.3 SSL weak encryption

A vulnerability was found in Offlineimap up to 6.3.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the component SSL Handler. Upgrading to version 6.3.4 eliminates this vulnerability.
Auteur: VulDB

Offlineimap up to 6.3.1 SSL Certificate Validator Man-in-the-Middle weak authentication

A vulnerability was found in Offlineimap up to 6.3.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component SSL Certificate Validator. Upgrading to version 6.3.2 eliminates this...
Auteur: VulDB
First284285286287288289290291292293Last

Événements SSI