Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Irzip 0.621 stream.c lzo_decompress_buf null pointer dereference

A vulnerability classified as problematic has been found in Irzip 0.621. Affected is the function lzo_decompress_buf of the file stream.c. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Kiuwan Plugin up to 1.6.0 on Jenkins Query Parameter cross site scripting

A vulnerability was found in Kiuwan Plugin up to 1.6.0 on Jenkins (Jenkins Plugin). It has been rated as problematic. This issue affects an unknown function of the component Query Parameter Handler. There is no information about possible...
Auteur: VulDB

XebiaLabs XL Deploy Plugin up to 10.0.1 on Jenkins cross-site request forgery

A vulnerability was found in XebiaLabs XL Deploy Plugin up to 10.0.1 on Jenkins (Jenkins Plugin). It has been declared as problematic. This vulnerability affects some unknown processing. There is no information about possible countermeasures...
Auteur: VulDB

TP-Link TL-SG2005/TL-SG2008 1.0.0 Build 20180529 Rel.40524 cross-site request forgery

A vulnerability was found in TP-Link TL-SG2005 and TL-SG2008 1.0.0 Build 20180529 Rel.40524 (Router Operating System). It has been classified as problematic. This affects an unknown code block. There is no information about possible...
Auteur: VulDB

PRTG Network Monitor 20.1.55.1775 /editsettings cross-site request forgery

A vulnerability was found in PRTG Network Monitor 20.1.55.1775 (Network Management Software) and classified as problematic. Affected by this issue is an unknown code of the file /editsettings. There is no information about possible...
Auteur: VulDB

XebiaLabs XL Deploy Plugin up to 10.0.1 on Jenkins authorization

A vulnerability has been found in XebiaLabs XL Deploy Plugin up to 10.0.1 on Jenkins (Jenkins Plugin) and classified as critical. Affected by this vulnerability is an unknown part. There is no information about possible countermeasures known. It...
Auteur: VulDB

XebiaLabs XL Deploy Plugin up to 7.5.8 on Jenkins authorization

A vulnerability, which was classified as critical, was found in XebiaLabs XL Deploy Plugin up to 7.5.8 on Jenkins (Jenkins Plugin). Affected is some unknown functionality. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

XebiaLabs XL Deploy Plugin up to 10.0.1 on Jenkins authorization

A vulnerability, which was classified as problematic, has been found in XebiaLabs XL Deploy Plugin up to 10.0.1 on Jenkins (Jenkins Plugin). This issue affects an unknown functionality. There is no information about possible countermeasures...
Auteur: VulDB

Kubernetes CLI Plugin up to 1.10.0 on Jenkins HTTP Endpoint authorization

A vulnerability classified as critical was found in Kubernetes CLI Plugin up to 1.10.0 on Jenkins (Virtualization Software). This vulnerability affects an unknown function of the component HTTP Endpoint. There is no information about possible...
Auteur: VulDB

SmartStream Transaction Lifecycle Management Reconciliation Premium cross site scripting

A vulnerability classified as problematic has been found in SmartStream Transaction Lifecycle Management Reconciliation Premium up to 3.0.x. This affects some unknown processing. Upgrading to version 3.1.0 eliminates this vulnerability.
Auteur: VulDB

Grant Averett Cerberus FTP Server up to 10.0.18/11.0.3 Web Client cross site scripting

A vulnerability was found in Grant Averett Cerberus FTP Server up to 10.0.18/11.0.3 (File Transfer Software). It has been rated as problematic. Affected by this issue is an unknown code block of the component Web Client. Upgrading to version...
Auteur: VulDB

Annex Cloud Loyalty Experience Platform prior 2021.1.0.1 Campaign access control

A vulnerability was found in Annex Cloud Loyalty Experience Platform (Cloud Software). It has been declared as critical. Affected by this vulnerability is an unknown code of the component Campaign Handler. Upgrading to version 2021.1.0.1...
Auteur: VulDB

Annex Cloud Loyalty Experience Platform up to 2021.1.0.1 access control

A vulnerability was found in Annex Cloud Loyalty Experience Platform up to 2021.1.0.1 (Cloud Software). It has been classified as critical. Affected is an unknown part. Upgrading to version 2021.1.0.2 eliminates this vulnerability.
Auteur: VulDB

Annex Cloud Loyalty Experience Platform up to 2021.1.0.1 resource injection

A vulnerability was found in Annex Cloud Loyalty Experience Platform up to 2021.1.0.1 (Cloud Software) and classified as critical. This issue affects some unknown functionality. Upgrading to version 2021.1.0.2 eliminates this vulnerability.
Auteur: VulDB

TP-Link TL-SG2005/TL-SG2008 1.0.0 Build 20180529 Rel.40524 Device Description Interface array index

A vulnerability has been found in TP-Link TL-SG2005 and TL-SG2008 1.0.0 Build 20180529 Rel.40524 (Router Operating System) and classified as critical. This vulnerability affects an unknown functionality of the component Device Description...
Auteur: VulDB

LANCOM R&S Unified Firewall 10.5 path traversal [CVE-2021-31538]

A vulnerability, which was classified as critical, was found in LANCOM R&S Unified Firewall 10.5 (Firewall Software). This affects an unknown function. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

F5 BIG-IP APM/BIG-IP APM Clients Windows Installer cachecleaner.dll uncontrolled search path

A vulnerability, which was classified as critical, has been found in F5 BIG-IP APM and BIG-IP APM Clients (Firewall Software) (affected version not known). Affected by this issue is some unknown processing in the library cachecleaner.dll of the...
Auteur: VulDB

ZTE ZXHN HS562 1.0.0.0B2.0000/1.0.0.0B3.0000E Cloud-End App access control

A vulnerability classified as critical was found in ZTE ZXHN HS562 1.0.0.0B2.0000/1.0.0.0B3.0000E. Affected by this vulnerability is an unknown code block of the component Cloud-End App. There is no information about possible countermeasures...
Auteur: VulDB

ZTE ZXHN H168N up to 3.5.0_EG1T4_TE Wizard Page information disclosure

A vulnerability classified as problematic has been found in ZTE ZXHN H168N up to 3.5.0_EG1T4_TE. Affected is an unknown code of the component Wizard Page. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

OpenDMARC 1.4.1.0/1.4.1.1 Header Field null pointer dereference

A vulnerability was found in OpenDMARC 1.4.1.0/1.4.1.1. It has been rated as problematic. This issue affects an unknown part of the component Header Field Handler. Applying a patch is able to eliminate this problem. The bugfix is ready for...
Auteur: VulDB

Google Chrome prior 91.0.4472.101 Network Service use after free

A vulnerability was found in Google Chrome (Web Browser). It has been declared as critical. This vulnerability affects some unknown functionality of the component Network Service. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 Extension use after free

A vulnerability was found in Google Chrome (Web Browser). It has been classified as critical. This affects an unknown functionality of the component Extension. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 V8 type confusion

A vulnerability was found in Google Chrome (Web Browser) and classified as critical. Affected by this issue is an unknown function of the component V8. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 Accessibility use after free

A vulnerability has been found in Google Chrome (Web Browser) and classified as critical. Affected by this vulnerability is some unknown processing of the component Accessibility. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 Spell Check use after free

A vulnerability, which was classified as critical, was found in Google Chrome (Web Browser). Affected is an unknown code block of the component Spell Check. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB
12345678910Last

Événements SSI

FIC

Ayant pour thème cette année " Pour une cybersécurité coopérative et collaborative ", le Forum International de la Cybersécurité occupe les 6, 7 et 8 avril 2021 le Grand Palais de Lille. Organisé ...

FIC (REPORTÉ)

Ayant pour thème cette année " Pour une cybersécurité coopérative et collaborative ", le Forum International de la Cybersécurité occupe les 19, 20 et 21 janvier 2021 le Grand Palais de Lille. ...

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes, palais des festivals, du 1er au 3 décembre 2020 . Organisé par Comexposium.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes, palais des festivals, du 1er au 3 décembre 2020 . Organisé par Comexposium.

TRUSTECH (ANNULÉ)

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes, palais des festivals, du 1er au 3 décembre 2020 . Organisé par Comexposium.

TRUSTECH (ANNULÉ)

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes, palais des festivals, du 1er au 3 décembre 2020 . Organisé par Comexposium.
RSS
12345678910Last