Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Joomla CMS up to 3.9.19 com_privacy cross site request forgery

A vulnerability classified as critical was found in Joomla CMS up to 3.9.19 (Content Management System). Affected by this vulnerability is some unknown functionality of the component com_privacy. There is no information about possible...
Auteur: VulDB

Trend Micro Secuity 2020 up to 16.0.0.1302 Crash denial of service

A vulnerability classified as problematic has been found in Trend Micro Secuity 2020 up to 16.0.0.1302. Affected is an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Trend Micro Security 2020 up to 16.0.0.1146 Search Path Remote Code Execution

A vulnerability was found in Trend Micro Security 2020 up to 16.0.0.1146. It has been rated as critical. This issue affects an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Tor Proxy up to 0.4.3.5 Network Security Services Out-of-Bounds denial of service

A vulnerability was found in Tor Proxy up to 0.4.3.5 (Firewall Software). It has been declared as problematic. This vulnerability affects some unknown processing of the component Network Security Services. Upgrading to version 0.4.3.6 eliminates...
Auteur: VulDB

Ajv 6.12.2 JSON Validator ajv.validate() denial of service

A vulnerability was found in Ajv 6.12.2. It has been classified as problematic. This affects the function ajv.validate() of the component JSON Validator. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Synergy up to 1.11.x Exception kMsgHelloBack Packet Crash denial of service

A vulnerability was found in Synergy up to 1.11.x and classified as problematic. Affected by this issue is an unknown code of the component Exception Handler. Upgrading to version 1.12.0 eliminates this vulnerability.
Auteur: VulDB

openenclave prior 0.10.0 Side-Channel unknown vulnerability [CVE-2020-15107]

A vulnerability has been found in openenclave and classified as problematic. Upgrading to version 0.10.0 eliminates this vulnerability.
Auteur: VulDB

Artica Proxy prior 4.30.000000 Stored cross site scripting

A vulnerability, which was classified as problematic, was found in Artica Proxy (Firewall Software). Affected is some unknown functionality. Upgrading to version 4.30.000000 eliminates this vulnerability.
Auteur: VulDB

Kronos WebTA prior 4.0 com.threeis.webta.H352premPayRequest SortBy Blind sql injection

A vulnerability, which was classified as critical, has been found in Kronos WebTA. This issue affects an unknown functionality of the component com.threeis.webta.H352premPayRequest. Upgrading to version 4.0 eliminates this vulnerability.
Auteur: VulDB

Moxa EDR-G902/EDR-G903 up to 5.3 Web Server Stack-based memory corruption

A vulnerability classified as critical was found in Moxa EDR-G902 and EDR-G903 up to 5.3. This vulnerability affects an unknown function of the component Web Server. Upgrading to version 5.4 eliminates this vulnerability.
Auteur: VulDB

Icewarp Email Server 12.3.0.1 Javascript File cross site scripting

A vulnerability classified as problematic has been found in Icewarp Email Server 12.3.0.1. This affects some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the affected object with...
Auteur: VulDB

Icewarp Email Server 12.3.0.1 File Upload denial of service

A vulnerability was found in Icewarp Email Server 12.3.0.1. It has been rated as problematic. Affected by this issue is an unknown code block of the component File Upload. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Icewarp Email Server 12.3.0.1 Access Control privilege escalation

A vulnerability was found in Icewarp Email Server 12.3.0.1. It has been declared as critical. Affected by this vulnerability is an unknown code of the component Access Control. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Apache OFBiz up to 17.12.3 eCommerce unknown vulnerability [CVE-2020-13923]

A vulnerability was found in Apache OFBiz up to 17.12.3. It has been classified as problematic. Affected is an unknown part of the component eCommerce. Upgrading to version 17.12.04 eliminates this vulnerability.
Auteur: VulDB

Harbor up to 2.0.0 Server-Side Request Forgery [CVE-2020-13788]

A vulnerability was found in Harbor up to 2.0.0 and classified as critical. This issue affects some unknown functionality. Upgrading to version 2.0.1 eliminates this vulnerability.
Auteur: VulDB

SecZetta NEProfile 3.3.11 Avatar JPEG File Code Execution

A vulnerability has been found in SecZetta NEProfile 3.3.11 and classified as critical. This vulnerability affects an unknown functionality of the component Avatar Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

i-net Clear Reports 2019 19.0.287 XML Parser XML External Entity

A vulnerability, which was classified as critical, was found in i-net Clear Reports 2019 19.0.287. This affects an unknown function of the component XML Parser. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

LibreHealth EMR 2.0.0 Local File Inclusion privilege escalation

A vulnerability, which was classified as critical, has been found in LibreHealth EMR 2.0.0. Affected by this issue is some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

LibreHealth EMR 2.0.0 cross site request forgery [CVE-2020-11438]

A vulnerability classified as problematic was found in LibreHealth EMR 2.0.0. Affected by this vulnerability is an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

LibreHealth EMR 2.0.0 sql injection [CVE-2020-11437]

A vulnerability classified as critical has been found in LibreHealth EMR 2.0.0. Affected is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative...
Auteur: VulDB

LibreHealth EMR 2.0.0 cross site scripting [CVE-2020-11436]

A vulnerability was found in LibreHealth EMR 2.0.0. It has been rated as problematic. This issue affects an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Alias Robotics RVD FTP Server weak authentication [CVE-2020-10288]

A vulnerability was found in Alias Robotics RVD (the affected version is unknown). It has been declared as critical. This vulnerability affects some unknown functionality of the component FTP Server. Proper firewalling of tcp/21 is able to...
Auteur: VulDB

Alias Robotics RVD UAS Service Default Credentials weak authentication

A vulnerability was found in Alias Robotics RVD (the affected version unknown). It has been classified as critical. This affects an unknown functionality of the component UAS Service. There is no information about possible countermeasures known....
Auteur: VulDB

Alias Robotics RVD sudo privilege escalation [CVE-2020-10286]

A vulnerability was found in Alias Robotics RVD (affected version not known) and classified as critical. Affected by this issue is an unknown function of the component sudo Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

Alias Robotics RVD xArm Controller Bruteforce information disclosure

A vulnerability has been found in Alias Robotics RVD (affected version unknown) and classified as very critical. Affected by this vulnerability is some unknown processing of the component xArm Controller. There is no information about possible...
Auteur: VulDB
First386387388389390391392393394395Last

Événements SSI