Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

OX Software OX App Suite up to 7.10.4 Distribution List common name cross site scripting

A vulnerability, which was classified as problematic, has been found in OX Software OX App Suite up to 7.10.4. This issue affects an unknown functionality of the component Distribution List Handler. There is no information about possible...
Auteur: VulDB

OX Software OX App Suite up to 7.10.4 Contact Object position/company cross site scripting

A vulnerability classified as problematic was found in OX Software OX App Suite up to 7.10.4. This vulnerability affects an unknown function of the component Contact Object Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

SuiteCRM up to 7.11.18 Client Account Page name cross site scripting

A vulnerability classified as problematic has been found in SuiteCRM up to 7.11.18. This affects some unknown processing of the component Client Account Page. Upgrading to version 7.11.19 eliminates this vulnerability. The upgrade is hosted for...
Auteur: VulDB

Dell EMC Unity/UnityVSA/Unity XT prior 5.0.7.0.5.008 Upgrade Readiness Utility cleartext storage

A vulnerability was found in Dell EMC Unity, UnityVSA and Unity XT. It has been rated as problematic. Affected by this issue is an unknown code block of the component Upgrade Readiness Utility. Upgrading to version 5.0.7.0.5.008 eliminates this...
Auteur: VulDB

Dell Hybrid Client up to 1.4 access control [CVE-2021-21537]

A vulnerability was found in Dell Hybrid Client up to 1.4. It has been declared as critical. Affected by this vulnerability is an unknown code. Upgrading to version 1.5 eliminates this vulnerability.
Auteur: VulDB

Dell Hybrid Client up to 1.4 Register information disclosure

A vulnerability was found in Dell Hybrid Client up to 1.4. It has been classified as problematic. Affected is an unknown part of the component Register Handler. Upgrading to version 1.5 eliminates this vulnerability.
Auteur: VulDB

Dell Hybrid Client up to 1.4 Local API information disclosure

A vulnerability was found in Dell Hybrid Client up to 1.4 and classified as problematic. This issue affects some unknown functionality of the component Local API. Upgrading to version 1.5 eliminates this vulnerability.
Auteur: VulDB

Dell Unisphere for PowerMax up to 9.2.1.5 Monitor Role authorization

A vulnerability has been found in Dell Unisphere for PowerMax up to 9.2.1.5 and classified as critical. This vulnerability affects an unknown functionality of the component Monitor Role Handler. Upgrading to version 9.2.1.6 eliminates this...
Auteur: VulDB

OX Software OX App Suite up to 7.10.4 Snippet server-side request forgery

A vulnerability, which was classified as critical, was found in OX Software OX App Suite up to 7.10.4. This affects an unknown function of the component Snippet Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

yzmCMS 5.2 /member/index/login.html referer cross site scripting

A vulnerability, which was classified as problematic, has been found in yzmCMS 5.2. Affected by this issue is some unknown processing of the file /member/index/login.html. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

OX Software OX Guard up to 2.10.4 WKS Server denial of service

A vulnerability classified as problematic was found in OX Software OX Guard up to 2.10.4. Affected by this vulnerability is an unknown code block of the component WKS Server. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

gosaml2 XML Signature null pointer dereference [CVE-2020-7731]

A vulnerability classified as problematic has been found in gosaml2 (version unknown). Affected is an unknown code of the component XML Signature Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Ampache up to 4.2.1 sql injection [CVE-2020-15153]

A vulnerability was found in Ampache up to 4.2.1. It has been rated as critical. This issue affects an unknown part. Upgrading to version 4.2.2 eliminates this vulnerability. The upgrade is hosted for download at github.com. Applying a patch is...
Auteur: VulDB

CubeCoders AMP up to 2.1.1.1 Application Deployment Service permission

A vulnerability was found in CubeCoders AMP up to 2.1.1.1. It has been declared as critical. This vulnerability affects some unknown functionality of the component Application Deployment Service. Upgrading to version 2.1.1.2 eliminates this...
Auteur: VulDB

Dell EMC iDRAC9 prior 4.40.00.00 cross site scripting [CVE-2021-21541]

A vulnerability was found in Dell EMC iDRAC9. It has been classified as problematic. This affects an unknown functionality. Upgrading to version 4.40.00.00 eliminates this vulnerability.
Auteur: VulDB

Dell Hybrid Client up to 1.4 missing authentication [CVE-2021-21535]

A vulnerability was found in Dell Hybrid Client up to 1.4 and classified as critical. Affected by this issue is an unknown function. Upgrading to version 1.5 eliminates this vulnerability.
Auteur: VulDB

SUSI.AI Admin Config File path traversal [CVE-2020-4039]

A vulnerability has been found in SUSI.AI (Artificial Intelligence Software) (affected version unknown) and classified as critical. Affected by this vulnerability is some unknown processing of the component Admin Config File Handler. Applying the...
Auteur: VulDB

Exiv2 up to 0.27.3 Metadata out-of-bounds read

A vulnerability, which was classified as problematic, was found in Exiv2 up to 0.27.3 (Image Processing Software). Affected is an unknown code block of the component Metadata Handler. Upgrading to version 0.27.4 eliminates this vulnerability....
Auteur: VulDB

Dell EMC iDRAC9 prior 4.40.00.00 Comment username improper authentication

A vulnerability, which was classified as problematic, has been found in Dell EMC iDRAC9. This issue affects an unknown code of the component Comment Handler. Upgrading to version 4.40.00.00 eliminates this vulnerability.
Auteur: VulDB

Dell EMC iDRAC9 prior 4.40.00.00 Configuration stack-based overflow

A vulnerability classified as critical was found in Dell EMC iDRAC9. This vulnerability affects an unknown part of the component Configuration Handler. Upgrading to version 4.40.00.00 eliminates this vulnerability.
Auteur: VulDB

Dell EMC iDRAC9 prior 4.40.00.00 Web Interface toctou

A vulnerability classified as problematic has been found in Dell EMC iDRAC9. This affects some unknown functionality of the component Web Interface. Upgrading to version 4.40.00.00 eliminates this vulnerability.
Auteur: VulDB

Dell OpenManage Enterprise-Modular up to 1.29.x Environment os command injection

A vulnerability was found in Dell OpenManage Enterprise-Modular up to 1.29.x. It has been rated as critical. Affected by this issue is an unknown functionality of the component Environment Handler. Upgrading to version 1.30.00 eliminates this...
Auteur: VulDB

Dell EMC iDRAC9 prior 4.40.00.00 cross site scripting [CVE-2021-21543]

A vulnerability was found in Dell EMC iDRAC9. It has been declared as problematic. Affected by this vulnerability is an unknown function. Upgrading to version 4.40.00.00 eliminates this vulnerability.
Auteur: VulDB

Dell EMC iDRAC9 prior 4.40.10.00 cross site scripting [CVE-2021-21542]

A vulnerability was found in Dell EMC iDRAC9. It has been classified as problematic. Affected is some unknown processing. Upgrading to version 4.40.10.00 eliminates this vulnerability.
Auteur: VulDB

Exiv2 up to 0.27.3 Metadata heap-based overflow

A vulnerability was found in Exiv2 up to 0.27.3 (Image Processing Software) and classified as critical. This issue affects an unknown code block of the component Metadata Handler. Upgrading to version 0.27.4 eliminates this vulnerability....
Auteur: VulDB
12345678910Last

Événements SSI