mardi 7 avril 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

MicroStrategy Web 10.4 Import Server-Side Request Forgery

A vulnerability was found in MicroStrategy Web 10.4. It has been rated as critical. This issue affects some unknown processing of the component Import Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

MicroStrategy Web 10.4 Admin Panel ZIP Archive Server-Side Request Forgery

A vulnerability was found in MicroStrategy Web 10.4. It has been declared as critical. This vulnerability affects an unknown code block of the component Admin Panel. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

MicroStrategy Web 10.4 happyaxis.jsp information disclosure

A vulnerability was found in MicroStrategy Web 10.4. It has been classified as problematic. This affects an unknown code of the file /MicroStrategyWS/happyaxis.jsp. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Sonatype Nexus Repository Manager up to 3.21.2 Access Control privilege escalation

A vulnerability was found in Sonatype Nexus Repository Manager up to 3.21.2 and classified as critical. Affected by this issue is an unknown part of the component Access Control. There is no information about possible countermeasures known. It...
Auteur: VulDB

XAMPP up to 7.2.28/7.3.15/7.4.3 on Windows xampp-contol.ini privilege escalation

A vulnerability has been found in XAMPP up to 7.2.28/7.3.15/7.4.3 on Windows and classified as critical. Affected by this vulnerability is some unknown functionality of the file xampp-contol.ini. Upgrading to version 7.2.29, 7.3.16 or 7.4.4...
Auteur: VulDB

HAProxy up to 2.1.3 HPACK Decoder hpack-tbl.c hpack_dht_insert Request memory corruption

A vulnerability, which was classified as critical, was found in HAProxy up to 2.1.3 (Firewall Software). Affected is the function hpack_dht_insert of the file hpack-tbl.c of the component HPACK Decoder. Upgrading to version 2.1.4 eliminates this...
Auteur: VulDB

STARFACE UCC Client up to 6.7.1 on Windows privilege escalation

A vulnerability, which was classified as critical, has been found in STARFACE UCC Client up to 6.7.1 on Windows. This issue affects an unknown function. Upgrading to version 6.7.1.204 eliminates this vulnerability.
Auteur: VulDB

codeBeamer up to 9.5.0-RC2 privilege escalation [CVE-2019-20635]

A vulnerability classified as critical was found in codeBeamer up to 9.5.0-RC2. This vulnerability affects some unknown processing. Upgrading to version 9.5.0-RC3 eliminates this vulnerability.
Auteur: VulDB

Openshift apb-base up to 3.11.188/4.1.36/4.2.20/4.3.4 /etc/passwd privilege escalation

A vulnerability classified as critical has been found in Openshift apb-base up to 3.11.188/4.1.36/4.2.20/4.3.4 (Virtualization Software). This affects an unknown code block of the file /etc/passwd. Upgrading to version 3.11.188-4, 4.1.36, 4.2.20...
Auteur: VulDB

Openshift mariadb-apb up to 3.11.188/4.1.36/4.2.20/4.3.4 /etc/passwd privilege escalation

A vulnerability was found in Openshift mariadb-apb up to 3.11.188/4.1.36/4.2.20/4.3.4 (Virtualization Software). It has been rated as critical. Affected by this issue is an unknown code of the file /etc/passwd. Upgrading to version 3.11.188-4,...
Auteur: VulDB

ABB eSOMS up to 6.0.3 weak encryption [CVE-2019-19097]

A vulnerability was found in ABB eSOMS up to 6.0.3. It has been declared as critical. Affected by this vulnerability is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

ABB eSOMS 6.0.0/6.0.1/6.0.2 Password Storage information disclosure

A vulnerability was found in ABB eSOMS 6.0.0/6.0.1/6.0.2. It has been classified as problematic. Affected is some unknown functionality of the component Password Storage. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ABB eSOMS up to 6.0.2 Stored cross site scripting

A vulnerability was found in ABB eSOMS up to 6.0.2 and classified as problematic. This issue affects an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected object with...
Auteur: VulDB

ABB eSOMS up to 6.0.3 Backend Database sql injection

A vulnerability has been found in ABB eSOMS up to 6.0.3 and classified as critical. This vulnerability affects an unknown function of the component Backend Database. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ABB eSOMS up to 6.0.3 Password Complexity weak authentication

A vulnerability, which was classified as problematic, was found in ABB eSOMS up to 6.0.3. This affects some unknown processing of the component Password Complexity Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ABB eSOMS up to 6.0.3 ASP.NET Viewstate information disclosure

A vulnerability, which was classified as problematic, has been found in ABB eSOMS up to 6.0.3. Affected by this issue is an unknown code block of the component ASP.NET Viewstate. There is no information about possible countermeasures known. It...
Auteur: VulDB

ABB eSOMS up to 6.0.3 HTTPS Response information disclosure

A vulnerability classified as problematic was found in ABB eSOMS up to 6.0.3. Affected by this vulnerability is an unknown code of the component HTTPS Response Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ABB eSOMS up to 6.0.2 Secure Flag HTTP Response Header weak encryption

A vulnerability classified as problematic has been found in ABB eSOMS up to 6.0.2. Affected is an unknown part of the component Secure Flag Handler. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

ABB eSOMS up to 6.0.3 X-Content-Type-Options Header HTTP Response cross site scripting

A vulnerability was found in ABB eSOMS up to 6.0.3. It has been rated as problematic. This issue affects some unknown functionality of the component X-Content-Type-Options Header. There is no information about possible countermeasures known. It...
Auteur: VulDB

ABB eSOMS up to 6.0.2 httponly cross site scripting

A vulnerability was found in ABB eSOMS up to 6.0.2. It has been declared as problematic. This vulnerability affects an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

ABB eSOMS up to 6.0.2 Content Security Policy HTTP Response Header cross site scripting

A vulnerability was found in ABB eSOMS up to 6.0.2. It has been classified as problematic. This affects an unknown function of the component Content Security Policy Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ABB eSOMS up to 6.0.2 X-Frame-Options HTTP Response Clickjacking privilege escalation

A vulnerability was found in ABB eSOMS up to 6.0.2 and classified as critical. Affected by this issue is some unknown processing of the component X-Frame-Options. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

ABB eSOMS up to 6.0.3 HTTP Header information disclosure

A vulnerability has been found in ABB eSOMS up to 6.0.3 and classified as problematic. Affected by this vulnerability is an unknown code block of the component HTTP Header Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

ksh 20120801 Environment Variable Command privilege escalation

A vulnerability, which was classified as critical, was found in ksh 20120801. Affected is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative...
Auteur: VulDB

Fortinet FortiOS ZebOS privilege escalation [CVE-2018-13371]

A vulnerability, which was classified as critical, has been found in Fortinet FortiOS (Firewall Software) (unknown version). This issue affects an unknown part of the component ZebOS. There is no information about possible countermeasures known....
Auteur: VulDB
12345678910Last

Événements SSI