Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Synacor Zimbra Collaboration up to 8.8.12 Persistent cross site scripting

A vulnerability was found in Synacor Zimbra Collaboration up to 8.8.12 (Groupware Software). It has been classified as problematic. Affected is some unknown functionality. Applying the patch 8.8.12 Patch 1 is able to eliminate this problem.
Auteur: VulDB

Pivotal tc Server/tc Runtimes JMX Socket Listener Man-in-the-Middle privilege escalation

A vulnerability was found in Pivotal tc Server and tc Runtimes (unknown version) and classified as critical. This issue affects an unknown functionality of the component JMX Socket Listener. Upgrading eliminates this vulnerability.
Auteur: VulDB

stroom-app up to 5.5.11/6.0.24 cross site scripting [CVE-2019-10779]

A vulnerability has been found in stroom-app up to 5.5.11/6.0.24 and classified as problematic. This vulnerability affects an unknown function. Upgrading to version 5.5.12 or 6.0.25 eliminates this vulnerability.
Auteur: VulDB

io.ratpack ratpack-core up to 0.9.10/1.7.5 Development Mode cross site scripting

A vulnerability, which was classified as problematic, was found in io.ratpack ratpack-core up to 0.9.10/1.7.5. This affects some unknown processing of the component Development Mode. Upgrading to version 1.7.6 eliminates this vulnerability.
Auteur: VulDB

Neato Botvac Connected 2.2.0 NeatoCrypto Library authorization GenerateRobotPassword weak authentication

A vulnerability, which was classified as critical, has been found in Neato Botvac Connected 2.2.0. Affected by this issue is the function GenerateRobotPassword of the file authentication/authorization of the component NeatoCrypto Library. There...
Auteur: VulDB

Valve Dota up to 7.23 Map rendersystemdx9.dll Remote Code Execution

A vulnerability classified as critical was found in Valve Dota up to 7.23. Affected by this vulnerability is an unknown code in the library rendersystemdx9.dll of the component Map Handler. Upgrading to version 7.23f eliminates this vulnerability.
Auteur: VulDB

Valve Dota up to 7.23 Map meshsystem.dll memory corruption

A vulnerability classified as critical has been found in Valve Dota up to 7.23. Affected is an unknown part in the library meshsystem.dll of the component Map Handler. Upgrading to version 7.23e eliminates this vulnerability.
Auteur: VulDB

Valve Dota up to 7.23 Map meshsystem.dll Remote Code Execution

A vulnerability was found in Valve Dota up to 7.23. It has been rated as critical. This issue affects some unknown functionality in the library meshsystem.dll of the component Map Handler. Upgrading to version 7.23f eliminates this vulnerability.
Auteur: VulDB

Valve Dota up to 7.23 Map schemasystem.dll GetValue Remote Code Execution

A vulnerability was found in Valve Dota up to 7.23. It has been declared as critical. This vulnerability affects the function GetValue in the library schemasystem.dll of the component Map Handler. Upgrading to version 7.23f eliminates this...
Auteur: VulDB

Netty 4.1.43.Final Incomplete Fix CVE-2019-16869 HTTP Smuggling privilege escalation

A vulnerability was found in Netty 4.1.43.Final. It has been classified as critical. This affects an unknown function of the component Incomplete Fix CVE-2019-16869. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

TOTOLINK Realtek SDK Captcha boafrm/formLogin HTTP Requests information disclosure

A vulnerability was found in TOTOLINK Realtek SDK (affected version not known) and classified as problematic. Affected by this issue is some unknown processing of the file boafrm/formLogin of the component Captcha. There is no information about...
Auteur: VulDB

TOTOLINK Realtek SDK boafrm/formSysCmd sysCmd privilege escalation

A vulnerability has been found in TOTOLINK Realtek SDK (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown code block of the file boafrm/formSysCmd. There is no information about possible...
Auteur: VulDB

TOTOLINK/CIK TELECOM/KCTVJEJU/Hi-Wifi/HCN/T-broad Router Administration Interface Cleartext weak encryption

A vulnerability, which was classified as problematic, was found in TOTOLINK/CIK TELECOM/KCTVJEJU/Hi-Wifi/HCN/T-broad Router (version unknown). Affected is an unknown code of the component Administration Interface. There is no information about...
Auteur: VulDB

TOTOLINK/CIK TELECOM/KCTVJEJU/Hi-Wifi/HCN/T-broad Router Administration Interface Config information disclosure

A vulnerability, which was classified as problematic, has been found in TOTOLINK/CIK TELECOM/KCTVJEJU/Hi-Wifi/HCN/T-broad Router (unknown version). This issue affects an unknown part of the component Administration Interface. There is no...
Auteur: VulDB

BitDefender Endpoint Security Tools prior 6.6.11.163 EPSecurityService.exe Search Path privilege escalation

A vulnerability classified as problematic was found in BitDefender Endpoint Security Tools. This vulnerability affects some unknown functionality of the file EPSecurityService.exe. Upgrading to version 6.6.11.163 eliminates this vulnerability.
Auteur: VulDB

BitDefender BOX 2 Bootstrap get_image_url() command injection

A vulnerability classified as critical has been found in BitDefender BOX 2 (the affected version unknown). This affects the function get_image_url() of the component Bootstrap Handler. There is no information about possible countermeasures known....
Auteur: VulDB

BitDefender BOX 2 2.1.47.42 API /api/download_image command injection

A vulnerability was found in BitDefender BOX 2 2.1.47.42. It has been rated as critical. Affected by this issue is an unknown function of the file /api/download_image of the component API. There is no information about possible countermeasures...
Auteur: VulDB

Belkin WeMo Insight Switch up to 2.00.11396 libbelkin_api.so memory corruption

A vulnerability was found in Belkin WeMo Insight Switch up to 2.00.11396. It has been declared as problematic. Affected by this vulnerability is some unknown processing of the file libbelkin_api.so. There is no information about possible...
Auteur: VulDB

La CNIL publie un guide RGPD pour les développeurs

Afin d’accompagner les acteurs du développement web ou applicatif dans la mise en conformité de leurs travaux, la CNIL a élaboré un nouveau guide de bonnes pratiques sous licence libre, qui a vocation à être enrichi par les professionnels.
Auteur: Cnil

AVB MOTU directory traversal [CVE-2020-8009]

A vulnerability was found in AVB MOTU (version unknown). It has been classified as critical. Affected is an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the affected object with...
Auteur: VulDB

GNU Aspell up to 0.60.7 libaspell.a ASPELL_CONF memory corruption

A vulnerability was found in GNU Aspell up to 0.60.7 and classified as critical. This issue affects an unknown code of the file libaspell.a. Upgrading to version 0.60.8 eliminates this vulnerability.
Auteur: VulDB

Avast Secure Browser 76.0.1659.101 Update Check AvastBrowserUpdate.exe privilege escalation

A vulnerability has been found in Avast Secure Browser 76.0.1659.101 and classified as critical. This vulnerability affects an unknown part of the file AvastBrowserUpdate.exe of the component Update Check. There is no information about possible...
Auteur: VulDB

BitDefender AV up to 7.x on Mac BDLDaemon privilege escalation

A vulnerability, which was classified as critical, was found in BitDefender AV up to 7.x on Mac. This affects some unknown functionality of the component BDLDaemon. Upgrading to version 8.0.0 eliminates this vulnerability.
Auteur: VulDB

BitDefender BOX 2 up to 2.0.1.90 API /api/update_setup System Command privilege escalation

A vulnerability, which was classified as critical, has been found in BitDefender BOX 2 up to 2.0.1.90. Affected by this issue is an unknown functionality of the file /api/update_setup of the component API. Upgrading to version 2.0.1.91 eliminates...
Auteur: VulDB

BitDefender Total Security 2020 prior 24.0.12.69 bdserviceshost.exe Search Path privilege escalation

A vulnerability classified as critical was found in BitDefender Total Security 2020. Affected by this vulnerability is an unknown function of the file bdserviceshost.exe. Upgrading to version 24.0.12.69 eliminates this vulnerability.
Auteur: VulDB
First390391392393394395396397398399Last

Événements SSI