Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Malware Remover up to 4.6.0.x command injection [CVE-2020-36198]

A vulnerability was found in Malware Remover up to 4.6.0.x (Anti-Malware Software). It has been classified as critical. Affected is some unknown functionality. Upgrading to version 4.6.1.0 eliminates this vulnerability.
Auteur: VulDB

Deskpro Cloud Platform/On-Premise 2020.2.3.48207 Custom Email Template cross site scripting

A vulnerability was found in Deskpro Cloud Platform and On-Premise 2020.2.3.48207 (Cloud Software) and classified as problematic. This issue affects an unknown functionality of the component Custom Email Template Handler. There is no information...
Auteur: VulDB

Argo CD up to 1.7.13/1.8.6 Web UI information exposure

A vulnerability has been found in Argo CD up to 1.7.13/1.8.6 and classified as problematic. This vulnerability affects an unknown function of the component Web UI. Upgrading to version 1.7.14 or 1.8.7 eliminates this vulnerability.
Auteur: VulDB

DhCms 2017-09-18 Interface information disclosure

A vulnerability, which was classified as problematic, was found in DhCms 2017-09-18. This affects some unknown processing of the component Interface Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

evm up to 0.21.0/0.23.0/0.24.0/0.25.0/0.26.0 EVM Opcode Execution copy_large allocation of resources

A vulnerability, which was classified as problematic, has been found in evm up to 0.21.0/0.23.0/0.24.0/0.25.0/0.26.0. Affected by this issue is the function evm_core::Memory::copy_large of the component EVM Opcode Execution. Upgrading to version...
Auteur: VulDB

Linux Kernel up to 5.12.1 NFC Socket use after free

A vulnerability classified as critical was found in Linux Kernel up to 5.12.1 (Operating System). Affected by this vulnerability is an unknown code of the component NFC Socket Handler. Upgrading to version 5.12.2 eliminates this vulnerability....
Auteur: VulDB

LAOBANCMS 2.0 admin/info.php Website SEO Keywords cross site scripting

A vulnerability classified as problematic has been found in LAOBANCMS 2.0. Affected is an unknown part of the file admin/info.php?shuyu. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Knowage Suite 7.3 /servlet/AdapterHTTP targetService cross site scripting

A vulnerability was found in Knowage Suite 7.3. It has been rated as problematic. This issue affects some unknown functionality of the file /servlet/AdapterHTTP. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Knowage Suite 7.3 saveNote nota cross site scripting

A vulnerability was found in Knowage Suite 7.3. It has been declared as problematic. This vulnerability affects an unknown functionality of the file /knowage/restful-services/documentnotes/saveNote. There is no information about possible...
Auteur: VulDB

Dhcms 2017-09-18 Guestbook cross site scripting

A vulnerability was found in Dhcms 2017-09-18. It has been classified as problematic. This affects an unknown function of the component Guestbook. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

eXosip2 up to 5.2.0 3xx Redirect eXcall_api.c null pointer dereference

A vulnerability was found in eXosip2 up to 5.2.0 and classified as problematic. Affected by this issue is some unknown processing of the file eXcall_api.c of the component 3xx Redirect Handler. Applying a patch is able to eliminate this problem....
Auteur: VulDB

Speco Web Viewer up to 2021-05-12 GET Request path traversal

A vulnerability has been found in Speco Web Viewer up to 2021-05-12 and classified as critical. Affected by this vulnerability is an unknown code block of the component GET Request Handler. There is no information about possible countermeasures...
Auteur: VulDB

Trend Micro HouseCall for Home Networks up to 5.3.1179 Scan access control

A vulnerability, which was classified as critical, was found in Trend Micro HouseCall for Home Networks up to 5.3.1179. Affected is an unknown code of the component Scan Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

Siemens Mendix Database Replication up to 7.0.0 Table Mapping information exposure

A vulnerability, which was classified as problematic, has been found in Siemens Mendix Database Replication up to 7.0.0. This issue affects an unknown part of the component Table Mapping Handler. Upgrading to version 7.0.1 eliminates this...
Auteur: VulDB

Siemens Mendix Excel Importer Module up to 9.0.2 XML File information exposure

A vulnerability classified as problematic was found in Siemens Mendix Excel Importer Module up to 9.0.2. This vulnerability affects some unknown functionality of the component XML File Handler. Upgrading to version 9.0.3 eliminates this...
Auteur: VulDB

Trend Micro HouseCall for Home Networks up to 5.3.1179 access control

A vulnerability classified as critical has been found in Trend Micro HouseCall for Home Networks up to 5.3.1179. This affects an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Siemens Tecnomatix Plant Simulation up to 16.0.4 SPP File Parser PlantSimCore.dll stack-based overflow

A vulnerability was found in Siemens Tecnomatix Plant Simulation up to 16.0.4. It has been rated as critical. Affected by this issue is an unknown function in the library PlantSimCore.dll of the component SPP File Parser. Upgrading to version...
Auteur: VulDB

Siemens Tecnomatix Plant Simulation up to 16.0.4 SPP File Parser PlantSimCore.dll memory corruption

A vulnerability was found in Siemens Tecnomatix Plant Simulation up to 16.0.4. It has been declared as critical. Affected by this vulnerability is some unknown processing in the library PlantSimCore.dll of the component SPP File Parser. Upgrading...
Auteur: VulDB

Siemens Tecnomatix Plant Simulation up to 16.0.4 SPP File Parser PlantSimCore.dll stack-based overflow

A vulnerability was found in Siemens Tecnomatix Plant Simulation up to 16.0.4. It has been classified as critical. Affected is an unknown code block in the library PlantSimCore.dll of the component SPP File Parser. Upgrading to version 16.0.5...
Auteur: VulDB

Siemens SIMATIC HMI Comfort Outdoor Panels up to 16 Update 3 Device Layout memory corruption

A vulnerability was found in Siemens SIMATIC HMI Comfort Outdoor Panels, SIMATIC HMI Comfort Panels, SIMATIC HMI KTP Mobile Panels and SIMATIC Wincc Runtime Advanced up to 16 Update 3 (SCADA Software) and classified as problematic. This issue...
Auteur: VulDB

Siemens SIMATIC HMI Comfort Outdoor Panels up to 16 Update 3 SmartVNC memory corruption

A vulnerability has been found in Siemens SIMATIC HMI Comfort Outdoor Panels, SIMATIC HMI Comfort Panels, SIMATIC HMI KTP Mobile Panels and SIMATIC Wincc Runtime Advanced up to 16 Update 3 (SCADA Software) and classified as problematic. This...
Auteur: VulDB

Siemens SIMATIC HMI Comfort Outdoor Panels up to 16 Update 3 exceptional condition

A vulnerability, which was classified as problematic, was found in Siemens SIMATIC HMI Comfort Outdoor Panels, SIMATIC HMI Comfort Panels, SIMATIC HMI KTP Mobile Panels and SIMATIC Wincc Runtime Advanced up to 16 Update 3 (SCADA Software). This...
Auteur: VulDB

Siemens SIMATIC HMI Comfort Outdoor Panels up to 16 Update 3 out-of-bounds write

A vulnerability, which was classified as critical, has been found in Siemens SIMATIC HMI Comfort Outdoor Panels, SIMATIC HMI Comfort Panels, SIMATIC HMI KTP Mobile Panels and SIMATIC Wincc Runtime Advanced up to 16 Update 3 (SCADA Software)....
Auteur: VulDB

Siemens SIMATIC HMI Comfort Outdoor Panels up to 16 Update 3 out-of-bounds write

A vulnerability classified as critical was found in Siemens SIMATIC HMI Comfort Outdoor Panels, SIMATIC HMI Comfort Panels, SIMATIC HMI KTP Mobile Panels and SIMATIC Wincc Runtime Advanced up to 16 Update 3 (SCADA Software). Affected by this...
Auteur: VulDB

Samba up to 4.12.14/4.13.7/4.14.3 libldb out-of-bounds write

A vulnerability classified as critical has been found in Samba up to 4.12.14/4.13.7/4.14.3 (File Transfer Software). Affected is some unknown processing of the component libldb. Upgrading to version 4.12.14, 4.13.7 or 4.14.2 eliminates this...
Auteur: VulDB
12345678910Last

Événements SSI