Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Vmware SD-WAN Orchestrator up to 3.3.2 P2/3.4.3/4.0.0 pathname traversal

A vulnerability was found in Vmware SD-WAN Orchestrator up to 3.3.2 P2/3.4.3/4.0.0 (Network Management Software). It has been declared as critical. This vulnerability affects some unknown processing. Upgrading to version 3.3.2 P3, 3.4.4 or 4.0.1...
Auteur: VulDB

Vmware SD-WAN Orchestrator up to 3.3.2 P2/3.4.3 API access control

A vulnerability was found in Vmware SD-WAN Orchestrator up to 3.3.2 P2/3.4.3 (Network Management Software). It has been classified as critical. This affects an unknown code block of the component API. Upgrading to version 3.3.2 P3 or 3.4.4...
Auteur: VulDB

Vmware SD-WAN Orchestrator up to 3.3.2 P2/3.4.3 sql injection

A vulnerability was found in Vmware SD-WAN Orchestrator up to 3.3.2 P2/3.4.3 (Network Management Software) and classified as critical. Affected by this issue is an unknown code. Upgrading to version 3.3.2 P3 or 3.4.4 eliminates this vulnerability.
Auteur: VulDB

Modern Honey Network up to 2020-11-23 Geolocations server/mhn/ui/utils.py _get_flag_ip_localdb denial of service

A vulnerability has been found in Modern Honey Network up to 2020-11-23 and classified as problematic. Affected by this vulnerability is the function _get_flag_ip_localdb of the file server/mhn/ui/utils.py of the component Geolocations Handler....
Auteur: VulDB

CDATA FD8000 inadequate encryption [CVE-2020-29063]

A vulnerability, which was classified as problematic, was found in CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN,...
Auteur: VulDB

CDATA FD8000 improper authentication [CVE-2020-29062]

A vulnerability, which was classified as critical, has been found in CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN,...
Auteur: VulDB

CDATA FD8000 hard-coded password [CVE-2020-29061]

A vulnerability classified as critical was found in CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2,...
Auteur: VulDB

CDATA FD8000 Debug Account hard-coded password [CVE-2020-29060]

A vulnerability classified as critical has been found in CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2,...
Auteur: VulDB

CDATA FD8000 hard-coded password [CVE-2020-29059]

A vulnerability was found in CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1,...
Auteur: VulDB

CDATA FD8000 /opt/lighttpd/web/cgi/ missing encryption

A vulnerability was found in CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1,...
Auteur: VulDB

CDATA FD8000 Telnet Service denial of service [CVE-2020-29057]

A vulnerability was found in CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1,...
Auteur: VulDB

CDATA FD8000 TFTP Config sandbox [CVE-2020-29056]

A vulnerability was found in CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1,...
Auteur: VulDB

CDATA FD8000 Management Interface cleartext transmission [CVE-2020-29055]

A vulnerability has been found in CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1,...
Auteur: VulDB

CDATA FD8000 missing encryption [CVE-2020-29054]

A vulnerability, which was classified as problematic, was found in CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN,...
Auteur: VulDB

Hrsale 2.0.0 projects_calendar set_date cross site scripting

A vulnerability, which was classified as problematic, has been found in Hrsale 2.0.0. Affected by this issue is some unknown processing of the file admin/project/projects_calendar. There is no information about possible countermeasures known. It...
Auteur: VulDB

Xen up to 4.14.x stack-based buffer overflow [CVE-2020-29040]

A vulnerability classified as critical was found in Xen up to 4.14.x (Virtualization Software). Affected by this vulnerability is an unknown code block. Applying a patch is able to eliminate this problem.
Auteur: VulDB

MISP up to 2.4.134 ACL GalaxyElementsController.php access control

A vulnerability classified as critical has been found in MISP up to 2.4.134. Affected is an unknown code of the file app/Controller/GalaxyElementsController.php of the component ACL Handler. Upgrading to version 2.4.135 eliminates this...
Auteur: VulDB

Karenderia Multiple Restaurant System up to 5.4.2 sql injection

A vulnerability was found in Karenderia Multiple Restaurant System up to 5.4.2 (Hospitality Software). It has been rated as critical. This issue affects an unknown part. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

musl libc up to 1.2.1 Buffer Size buffer overflow

A vulnerability was found in musl libc up to 1.2.1. It has been declared as critical. This vulnerability affects some unknown functionality of the component Buffer Size Handler. There is no information about possible countermeasures known. It may...
Auteur: VulDB

SeedDMS 6.0.13 out/out.AddDocument.php dropfolderfileform1 redirect

A vulnerability was found in SeedDMS 6.0.13. It has been classified as critical. This affects an unknown functionality of the file out/out.AddDocument.php. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

cron-utils up to 9.1.2 Template injection

A vulnerability was found in cron-utils up to 9.1.2 and classified as critical. Affected by this issue is an unknown function of the component Template Handler. Upgrading eliminates this vulnerability. The upgrade is hosted for download at...
Auteur: VulDB

Highlight.js up to 9.18.1/10.1.1 code injection [CVE-2020-26237]

A vulnerability has been found in Highlight.js up to 9.18.1/10.1.1 (JavaScript Library) and classified as problematic. Affected by this vulnerability is some unknown processing. Upgrading to version 9.18.2 or 10.1.2 eliminates this vulnerability....
Auteur: VulDB

Time Crate up to 0.2.22 on Unix Environment Variable try_now_local null pointer dereference

A vulnerability, which was classified as problematic, was found in Time Crate up to 0.2.22 on Unix (Rust Package). Affected is the function...
Auteur: VulDB

Jupyter Server up to 1.0.5 redirect [CVE-2020-26232]

A vulnerability, which was classified as critical, has been found in Jupyter Server up to 1.0.5. This issue affects an unknown code. Upgrading to version 1.0.6 eliminates this vulnerability. The upgrade is hosted for download at github.com....
Auteur: VulDB

Pacemaker up to 1.1.23/2.0.5-rc1 ACL access control

A vulnerability classified as critical was found in Pacemaker up to 1.1.23/2.0.5-rc1. This vulnerability affects an unknown part of the component ACL Handler. Upgrading to version 1.1.24-rc1 or 2.0.5-rc2 eliminates this vulnerability.
Auteur: VulDB
12345678910Last

Événements SSI