Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Sylius up to 1.3.16/1.4.12/1.5.9/1.6.5 Channel _channel_code privilege escalation

A vulnerability was found in Sylius up to 1.3.16/1.4.12/1.5.9/1.6.5. It has been declared as critical. This vulnerability affects some unknown processing of the component Channel Handler. There is no information about possible countermeasures...
Auteur: VulDB

Ktor up to 1.2.x Proxy Request Smuggling privilege escalation

A vulnerability was found in Ktor up to 1.2.x. It has been classified as critical. This affects an unknown code block of the component Proxy Handler. Upgrading to version 1.3.0 eliminates this vulnerability.
Auteur: VulDB

Apache NiFi up to 1.10.0 UI cross site scripting

A vulnerability was found in Apache NiFi up to 1.10.0 and classified as problematic. Affected by this issue is an unknown code of the component UI. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Apache Superset 0.34.0/0.34.1/0.35.0/0.35.1 API Endpoint Credentials information disclosure

A vulnerability has been found in Apache Superset 0.34.0/0.34.1/0.35.0/0.35.1 and classified as problematic. Affected by this vulnerability is an unknown part of the component API Endpoint. There is no information about possible countermeasures...
Auteur: VulDB

Apache NiFi 1.10.0 Parameter Parser information disclosure

A vulnerability, which was classified as problematic, was found in Apache NiFi 1.10.0. Affected is some unknown functionality of the component Parameter Parser. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Intel CPU Data Cache information disclosure [CVE-2020-0549]

A vulnerability, which was classified as problematic, has been found in Intel CPU (unknown version). This issue affects an unknown functionality of the component Data Cache. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Intel CPU Cleanup information disclosure [CVE-2020-0548]

A vulnerability classified as problematic was found in Intel CPU (the affected version is unknown). This vulnerability affects an unknown function of the component Cleanup Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

Synacor Zimbra Collaboration up to 8.8.11P1 Reflected cross site scripting

A vulnerability classified as problematic has been found in Synacor Zimbra Collaboration up to 8.8.11P1 (Groupware Software). This affects some unknown processing. Applying the patch 8.8.11P2 is able to eliminate this problem.
Auteur: VulDB

Synacor Zimbra Collaboration up to 8.8.11P1 Persistent cross site scripting

A vulnerability was found in Synacor Zimbra Collaboration up to 8.8.11P1 (Groupware Software). It has been rated as problematic. Affected by this issue is an unknown code block. Applying the patch 8.8.11P2 is able to eliminate this problem.
Auteur: VulDB

Synacor Zimbra Collaboration up to 8.8.11P1 Persistent cross site scripting

A vulnerability was found in Synacor Zimbra Collaboration up to 8.8.11P1 (Groupware Software). It has been declared as problematic. Affected by this vulnerability is an unknown code. Applying the patch 8.8.11P2 is able to eliminate this problem.
Auteur: VulDB

GitLab Enterprise Edition up to 11.11.5/12.0.3/12.1.1 Merge Request privilege escalation

A vulnerability has been found in GitLab Enterprise Edition up to 11.11.5/12.0.3/12.1.1 (Bug Tracking Software) and classified as critical. This vulnerability affects an unknown functionality of the component Merge Request Handler. Upgrading to...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.11.5/12.0.3/12.1.1 Epic Comment denial of service

A vulnerability, which was classified as problematic, was found in GitLab Community Edition and Enterprise Edition up to 11.11.5/12.0.3/12.1.1. This affects an unknown function of the component Epic Comment Handler. Upgrading to version 11.11.6,...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.11.5/12.0.3/12.1.1 Security Dashboard information disclosure

A vulnerability, which was classified as problematic, has been found in GitLab Community Edition and Enterprise Edition up to 11.11.5/12.0.3/12.1.1. Affected by this issue is some unknown processing of the component Security Dashboard. Upgrading...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.11.5/12.0.3/12.1.1 Mattermost Command privilege escalation

A vulnerability classified as critical was found in GitLab Community Edition and Enterprise Edition up to 11.11.5/12.0.3/12.1.1. Affected by this vulnerability is an unknown code block of the component Mattermost Command Handler. Upgrading to...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition 11.5 Merge Request information disclosure

A vulnerability classified as problematic has been found in GitLab Community Edition and Enterprise Edition 11.5. Affected is an unknown code of the component Merge Request Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition 8.14 Move Issue information disclosure

A vulnerability was found in GitLab Community Edition and Enterprise Edition 8.14. It has been rated as problematic. This issue affects an unknown part of the component Move Issue Handler. There is no information about possible countermeasures...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition 10.2 url_blocker.rb Server-Side Request Forgery

A vulnerability was found in GitLab Community Edition and Enterprise Edition 10.2. It has been declared as critical. This vulnerability affects some unknown functionality of the file url_blocker.rb. There is no information about possible...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition 9.0 Token privilege escalation

A vulnerability was found in GitLab Community Edition and Enterprise Edition 9.0. It has been classified as critical. This affects an unknown functionality of the component Token Handler. There is no information about possible countermeasures...
Auteur: VulDB

WSO2 API Manager Registry UI Stored cross site scripting

A vulnerability was found in WSO2 API Manager, IS as Key Manager and Enterprise Integrator (affected version not known) and classified as problematic. Affected by this issue is an unknown function of the component Registry UI. There is no...
Auteur: VulDB

WSO2 API Manager Registry UI Stored cross site scripting

A vulnerability has been found in WSO2 API Manager, IS as Key Manager and Enterprise Integrator (Automation Software) (affected version unknown) and classified as problematic. Affected by this vulnerability is some unknown processing of the...
Auteur: VulDB

WSO2 API Manager 2.6.0 API Publisher Stored cross site scripting

A vulnerability, which was classified as problematic, was found in WSO2 API Manager 2.6.0 (Automation Software). Affected is an unknown code block of the component API Publisher. There is no information about possible countermeasures known. It...
Auteur: VulDB

WSO2 API Manager 2.6.0 API Documentation Reflected cross site scripting

A vulnerability, which was classified as problematic, has been found in WSO2 API Manager 2.6.0 (Automation Software). This issue affects an unknown code of the component API Documentation Handler. There is no information about possible...
Auteur: VulDB

WSO2 API Manager 2.6.0 API Publisher Reflected cross site scripting

A vulnerability classified as problematic was found in WSO2 API Manager 2.6.0 (Automation Software). This vulnerability affects an unknown part of the component API Publisher. There is no information about possible countermeasures known. It may...
Auteur: VulDB

WSO2 API Manager 2.6.0 API Documentation Stored cross site scripting

A vulnerability classified as problematic has been found in WSO2 API Manager 2.6.0 (Automation Software). This affects some unknown functionality of the component API Documentation Handler. There is no information about possible countermeasures...
Auteur: VulDB

WSO2 API Manager/IS as Key Manager/Identity Server Management Console cross site scripting

A vulnerability was found in WSO2 API Manager, IS as Key Manager and Identity Server (Automation Software) (affected version not known). It has been rated as problematic. Affected by this issue is an unknown functionality of the component...
Auteur: VulDB
First388389390391392393394395396397Last

Événements SSI