samedi 6 juin 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Fortinet FortiSIEM Windows Agent AoWinAgt privilege escalation

A vulnerability has been found in Fortinet FortiSIEM Windows Agent (the affected version is unknown) and classified as critical. This vulnerability affects an unknown functionality of the file AoWinAgt. There is no information about possible...
Auteur: VulDB

Fortinet FortiAnalyzer Admin Profile Stored cross site scripting

A vulnerability, which was classified as problematic, was found in Fortinet FortiAnalyzer (the affected version unknown). This affects an unknown function of the component Admin Profile. There is no information about possible countermeasures...
Auteur: VulDB

IBM QRadar SIEM 7.3/7.4 XML Data XML External Entity

A vulnerability, which was classified as critical, has been found in IBM QRadar SIEM 7.3/7.4 (Log Management Software). Affected by this issue is some unknown processing of the component XML Data Handler. There is no information about possible...
Auteur: VulDB

IBM Security Guardium 11.1 Account Lockout Bruteforce weak authentication

A vulnerability classified as problematic was found in IBM Security Guardium 11.1 (Policy Management Software). Affected by this vulnerability is an unknown code block of the component Account Lockout. There is no information about possible...
Auteur: VulDB

IBM Security Guardium 11.1 weak encryption [CVE-2020-4191]

A vulnerability classified as problematic has been found in IBM Security Guardium 11.1 (Policy Management Software). Affected is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

IBM Security Guardium 11.1 Web UI cross site scripting

A vulnerability was found in IBM Security Guardium 11.1 (Policy Management Software). It has been rated as problematic. This issue affects an unknown part of the component Web UI. There is no information about possible countermeasures known. It...
Auteur: VulDB

PHPList up to 3.5.3 /lists/admin/user.php cross site scripting

A vulnerability was found in PHPList up to 3.5.3. It has been declared as problematic. This vulnerability affects some unknown functionality of the file /lists/admin/user.php. Upgrading to version 3.5.4 eliminates this vulnerability.
Auteur: VulDB

Elliptic Package 6.5.2 on node.js ECDSA Signature Integer Overflow memory corruption

A vulnerability was found in Elliptic Package 6.5.2 on node.js. It has been classified as critical. This affects an unknown functionality of the component ECDSA Signature Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

Zoho ManageEngine OpManager up to 125143 cachestart directory traversal

A vulnerability was found in Zoho ManageEngine OpManager up to 125143 and classified as critical. Affected by this issue is an unknown function of the component cachestart Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

ntp up to 4.2.8p13/4.3.99 ntpd Timestamp spoofing denial of service

A vulnerability has been found in ntp up to 4.2.8p13/4.3.99 and classified as problematic. Affected by this vulnerability is some unknown processing of the component ntpd. Upgrading to version 4.2.8p14 or 4.3.100 eliminates this vulnerability.
Auteur: VulDB

Foxit Reader/PhantomPDF up to 9.7.1 Signature Validation privilege escalation

A vulnerability, which was classified as critical, was found in Foxit Reader and PhantomPDF up to 9.7.1. Affected is an unknown code block of the component Signature Validation. Upgrading to version 9.7.2 eliminates this vulnerability.
Auteur: VulDB

Foxit Reader/PhantomPDF up to 9.7.1 Long String Resource Exhaustion denial of service

A vulnerability, which was classified as problematic, has been found in Foxit Reader and PhantomPDF up to 9.7.1. This issue affects an unknown code. Upgrading to version 9.7.2 eliminates this vulnerability.
Auteur: VulDB

Foxit Reader/PhantomPDF up to 9.7.1 Stream Resource Exhaustion denial of service

A vulnerability classified as problematic was found in Foxit Reader and PhantomPDF up to 9.7.1. This vulnerability affects an unknown part. Upgrading to version 9.7.2 eliminates this vulnerability.
Auteur: VulDB

Foxit Reader/PhantomPDF up to 9.7.1 Loop denial of service

A vulnerability classified as problematic has been found in Foxit Reader and PhantomPDF up to 9.7.1. This affects some unknown functionality. Upgrading to version 9.7.2 eliminates this vulnerability.
Auteur: VulDB

Foxit Reader/PhantomPDF up to 9.7.1 Javascript Use-After-Free memory corruption

A vulnerability was found in Foxit Reader and PhantomPDF up to 9.7.1 (Document Reader Software). It has been rated as critical. Affected by this issue is an unknown functionality of the component Javascript Handler. Upgrading to version 9.7.2...
Auteur: VulDB

Foxit Reader/PhantomPDF up to 9.7.1 CAS Service Bruteforce weak authentication

A vulnerability was found in Foxit Reader and PhantomPDF up to 9.7.1 (Document Reader Software). It has been declared as problematic. Affected by this vulnerability is an unknown function of the component CAS Service. Upgrading to version 9.7.2...
Auteur: VulDB

Foxit Reader/PhantomPDF up to 9.7.1 DocuSign Plugin Username information disclosure

A vulnerability was found in Foxit Reader and PhantomPDF up to 9.7.1 (Document Reader Software). It has been classified as problematic. Affected is some unknown processing of the component DocuSign Plugin. Upgrading to version 9.7.2 eliminates...
Auteur: VulDB

Foxit Reader/PhantomPDF up to 3.x on macOS Signature Validation privilege escalation

A vulnerability was found in Foxit Reader and PhantomPDF up to 3.x on macOS (Document Reader Software) and classified as critical. This issue affects an unknown code block of the component Signature Validation. Upgrading to version 4.0 eliminates...
Auteur: VulDB

GnuTLS up to 3.6.13 Session Ticket Key weak encryption

A vulnerability has been found in GnuTLS up to 3.6.13 (Network Encryption Software) and classified as problematic. This vulnerability affects an unknown code of the component Session Ticket Handler. Upgrading to version 3.6.14 eliminates this...
Auteur: VulDB

Fortinet FortiClient up to 6.3.x on Windows Configuration Backup Key weak encryption

A vulnerability, which was classified as problematic, was found in Fortinet FortiClient up to 6.3.x on Windows. This affects an unknown part of the component Configuration Backup. Upgrading to version 6.4.0 eliminates this vulnerability.
Auteur: VulDB

OctoberCMS up to 3.0.x debugbar Plugin Log information disclosure

A vulnerability classified as problematic was found in OctoberCMS up to 3.0.x. Affected by this vulnerability is an unknown functionality of the component debugbar Plugin. Upgrading to version 3.1.0 eliminates this vulnerability.
Auteur: VulDB

rConfig up to 3.9.4 snippets.inc.php sql injection

A vulnerability classified as critical has been found in rConfig up to 3.9.4. Affected is an unknown function of the file snippets.inc.php. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

rConfig up to 3.9.4 devices.inc.php sql injection

A vulnerability was found in rConfig up to 3.9.4. It has been rated as critical. This issue affects some unknown processing of the file devices.inc.php. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

rConfig 3.9.4 compliancepolicyelements.inc.php sql injection

A vulnerability was found in rConfig 3.9.4. It has been declared as critical. This vulnerability affects an unknown code block of the file compliancepolicyelements.inc.php. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

rConfig up to 3.9.4 compliancepolicies.inc.php sql injection

A vulnerability was found in rConfig up to 3.9.4. It has been classified as critical. This affects an unknown code of the file compliancepolicies.inc.php. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB
12345678910Last

Événements SSI