lundi 6 avril 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Openshift apb-base up to 3.11.188/4.1.36/4.2.20/4.3.4 /etc/passwd privilege escalation

A vulnerability classified as critical has been found in Openshift apb-base up to 3.11.188/4.1.36/4.2.20/4.3.4 (Virtualization Software). This affects an unknown code block of the file /etc/passwd. Upgrading to version 3.11.188-4, 4.1.36, 4.2.20...
Auteur: VulDB

Openshift mariadb-apb up to 3.11.188/4.1.36/4.2.20/4.3.4 /etc/passwd privilege escalation

A vulnerability was found in Openshift mariadb-apb up to 3.11.188/4.1.36/4.2.20/4.3.4 (Virtualization Software). It has been rated as critical. Affected by this issue is an unknown code of the file /etc/passwd. Upgrading to version 3.11.188-4,...
Auteur: VulDB

ABB eSOMS up to 6.0.3 weak encryption [CVE-2019-19097]

A vulnerability was found in ABB eSOMS up to 6.0.3. It has been declared as critical. Affected by this vulnerability is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

ABB eSOMS 6.0.0/6.0.1/6.0.2 Password Storage information disclosure

A vulnerability was found in ABB eSOMS 6.0.0/6.0.1/6.0.2. It has been classified as problematic. Affected is some unknown functionality of the component Password Storage. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ABB eSOMS up to 6.0.2 Stored cross site scripting

A vulnerability was found in ABB eSOMS up to 6.0.2 and classified as problematic. This issue affects an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected object with...
Auteur: VulDB

ABB eSOMS up to 6.0.3 Backend Database sql injection

A vulnerability has been found in ABB eSOMS up to 6.0.3 and classified as critical. This vulnerability affects an unknown function of the component Backend Database. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ABB eSOMS up to 6.0.3 Password Complexity weak authentication

A vulnerability, which was classified as problematic, was found in ABB eSOMS up to 6.0.3. This affects some unknown processing of the component Password Complexity Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ABB eSOMS up to 6.0.3 ASP.NET Viewstate information disclosure

A vulnerability, which was classified as problematic, has been found in ABB eSOMS up to 6.0.3. Affected by this issue is an unknown code block of the component ASP.NET Viewstate. There is no information about possible countermeasures known. It...
Auteur: VulDB

ABB eSOMS up to 6.0.3 HTTPS Response information disclosure

A vulnerability classified as problematic was found in ABB eSOMS up to 6.0.3. Affected by this vulnerability is an unknown code of the component HTTPS Response Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ABB eSOMS up to 6.0.2 Secure Flag HTTP Response Header weak encryption

A vulnerability classified as problematic has been found in ABB eSOMS up to 6.0.2. Affected is an unknown part of the component Secure Flag Handler. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

ABB eSOMS up to 6.0.3 X-Content-Type-Options Header HTTP Response cross site scripting

A vulnerability was found in ABB eSOMS up to 6.0.3. It has been rated as problematic. This issue affects some unknown functionality of the component X-Content-Type-Options Header. There is no information about possible countermeasures known. It...
Auteur: VulDB

ABB eSOMS up to 6.0.2 httponly cross site scripting

A vulnerability was found in ABB eSOMS up to 6.0.2. It has been declared as problematic. This vulnerability affects an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

ABB eSOMS up to 6.0.2 Content Security Policy HTTP Response Header cross site scripting

A vulnerability was found in ABB eSOMS up to 6.0.2. It has been classified as problematic. This affects an unknown function of the component Content Security Policy Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ABB eSOMS up to 6.0.2 X-Frame-Options HTTP Response Clickjacking privilege escalation

A vulnerability was found in ABB eSOMS up to 6.0.2 and classified as critical. Affected by this issue is some unknown processing of the component X-Frame-Options. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

ABB eSOMS up to 6.0.3 HTTP Header information disclosure

A vulnerability has been found in ABB eSOMS up to 6.0.3 and classified as problematic. Affected by this vulnerability is an unknown code block of the component HTTP Header Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

ksh 20120801 Environment Variable Command privilege escalation

A vulnerability, which was classified as critical, was found in ksh 20120801. Affected is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative...
Auteur: VulDB

Fortinet FortiOS ZebOS privilege escalation [CVE-2018-13371]

A vulnerability, which was classified as critical, has been found in Fortinet FortiOS (Firewall Software) (unknown version). This issue affects an unknown part of the component ZebOS. There is no information about possible countermeasures known....
Auteur: VulDB

FBI Releases Guidance on Defending Against VTC Hijacking and Zoom-bombing

Original release date: April 2, 2020The Federal Bureau of Investigation (FBI) has released an article on defending against video-teleconferencing (VTC) hijacking (referred to as “Zoom-bombing” when attacks are to the Zoom VTC platform).  Many...
Auteur: US Cert

UniFi Video 3.10.1 on Windows DLL privilege escalation

A vulnerability was found in UniFi Video 3.10.1 on Windows. It has been classified as critical. Affected is an unknown code block of the component DLL Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

UniFi Video Server up to 3.9.3 on Windows Privilege Check privilege escalation

A vulnerability was found in UniFi Video Server up to 3.9.3 on Windows and classified as critical. This issue affects an unknown code of the component Privilege Check. Upgrading to version 3.9.6 eliminates this vulnerability.
Auteur: VulDB

UniFi Video Server up to 3.9.3 Web Interface Firmware Update version directory traversal

A vulnerability has been found in UniFi Video Server up to 3.9.3 and classified as critical. This vulnerability affects an unknown part of the component Web Interface Firmware Update. Upgrading to version 3.10.3 eliminates this vulnerability.
Auteur: VulDB

Auth0 Plugin up to 3.x on WordPress privilege escalation [CVE-2020-7948]

A vulnerability, which was classified as critical, was found in Auth0 Plugin up to 3.x on WordPress (WordPress Plugin). This affects some unknown functionality. Upgrading to version 4.0.0 eliminates this vulnerability.
Auteur: VulDB

Auth0 Plugin up to 3.x on WordPress Export CSV Injection privilege escalation

A vulnerability, which was classified as critical, has been found in Auth0 Plugin up to 3.x on WordPress. Affected by this issue is an unknown functionality of the component Export. Upgrading to version 4.0.0 eliminates this vulnerability.
Auteur: VulDB

ENS on Windows Access Control ESConfigTool.exe privilege escalation

A vulnerability classified as critical was found in ENS on Windows (affected version unknown). Affected by this vulnerability is an unknown function of the file ESConfigTool.exe of the component Access Control. There is no information about...
Auteur: VulDB

Auth0 Plugin up to 3.x on WordPress Login Stored cross site scripting

A vulnerability classified as problematic has been found in Auth0 Plugin up to 3.x on WordPress. Affected is some unknown processing of the component Login. Upgrading to version 4.0.0 eliminates this vulnerability.
Auteur: VulDB
12345678910Last

Événements SSI