Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Schneider Electric SoMove up to 2.8.1 Access Control privilege escalation

A vulnerability has been found in Schneider Electric SoMove up to 2.8.1 (SCADA Software) and classified as critical. This vulnerability affects an unknown part of the component Access Control. There is no information about possible...
Auteur: VulDB

Schneider Electric PowerChute Business Edition up to 9.0.x Remote Code Execution

A vulnerability, which was classified as critical, was found in Schneider Electric PowerChute Business Edition up to 9.0.x (SCADA Software). This affects some unknown functionality. There is no information about possible countermeasures known. It...
Auteur: VulDB

Schneider Electric spaceLYnk/Wiser for KNX Brute Force weak authentication

A vulnerability, which was classified as problematic, has been found in Schneider Electric spaceLYnk and Wiser for KNX (SCADA Software) (affected version not known). Affected by this issue is an unknown functionality. There is no information...
Auteur: VulDB

Schneider Electric Modicon M218 Logic Controller up to 5.0.0.7 IPv4 Packet Out-of-Bounds denial of service

A vulnerability classified as problematic was found in Schneider Electric Modicon M218 Logic Controller up to 5.0.0.7 (SCADA Software). Affected by this vulnerability is an unknown function of the component IPv4 Packet Handler. There is no...
Auteur: VulDB

Schneider Electric Modbus Serial Driver privilege escalation

A vulnerability classified as critical has been found in Schneider Electric Modbus Serial Driver (SCADA Software) (version unknown). Affected is some unknown processing. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Schneider Electric SFAPV9601 APC Easy UPS On-Line Software up to 2.0 vulnerable Directory directory traversal

A vulnerability was found in Schneider Electric SFAPV9601 APC Easy UPS On-Line Software up to 2.0 (SCADA Software). It has been rated as critical. This issue affects the function vulnerable. There is no information about possible countermeasures...
Auteur: VulDB

Schneider Electric SFAPV9601 APC Easy UPS On-Line Software up to 2.0 FileUploadServlet File Upload directory traversal

A vulnerability was found in Schneider Electric SFAPV9601 APC Easy UPS On-Line Software up to 2.0 (SCADA Software). It has been declared as critical. This vulnerability affects the function FileUploadServlet. There is no information about...
Auteur: VulDB

RabbitMQ up to 3.8.6 Security Vulnerability Code Execution

A vulnerability was found in RabbitMQ up to 3.8.6. It has been classified as critical. This affects an unknown part of the component Security Vulnerability. Upgrading eliminates this vulnerability.
Auteur: VulDB

IBM Spectrum Scale up to 4.2.3.21/5.0.4.3 Kernel Argument Crash denial of service

A vulnerability was found in IBM Spectrum Scale up to 4.2.3.21/5.0.4.3 (Network Attached Storage Software) and classified as critical. Affected by this issue is some unknown functionality of the component Kernel. There is no information about...
Auteur: VulDB

Zoho ManageEngine Exchange Reporter Plus weak authentication

A vulnerability has been found in Zoho ManageEngine Exchange Reporter Plus, ADSelfService Plus and DataSecurity Plus (Reporting Software) (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown...
Auteur: VulDB

Chamber Dashboard Business Directory Plugin 3.2.8 on WordPress cross site scripting

A vulnerability, which was classified as problematic, was found in Chamber Dashboard Business Directory Plugin 3.2.8 on WordPress. Affected is an unknown function. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

TP-LINK TL-WA855RE V5 20200415-rel37464 Access Control POST Request denial of service

A vulnerability, which was classified as critical, has been found in TP-LINK TL-WA855RE V5 20200415-rel37464. This issue affects some unknown processing of the component Access Control. There is no information about possible countermeasures...
Auteur: VulDB

projectworlds Online Book Store 1.0 Admin Panel Default Credentials weak authentication

A vulnerability classified as critical was found in projectworlds Online Book Store 1.0. This vulnerability affects an unknown code block of the component Admin Panel. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

WP GDPR Plugin up to 2.1.1 on Wordpress controller-comments.php Stored cross site scripting

A vulnerability classified as problematic has been found in WP GDPR Plugin up to 2.1.1 on Wordpress. This affects an unknown code of the file controller/controller-comments.php. There is no information about possible countermeasures known. It may...
Auteur: VulDB

GiveWP Plugin up to 2.5.9 on WordPress Settings admin-actions.php privilege escalation

A vulnerability was found in GiveWP Plugin up to 2.5.9 on WordPress. It has been rated as critical. Affected by this issue is an unknown part of the file includes/gateways/stripe/includes/admin/admin-actions.php of the component Settings Handler....
Auteur: VulDB

Lara Google Analytics Plugin up to 2.0.4 on WordPress lara-google-analytics.php Stored cross site scripting

A vulnerability was found in Lara Google Analytics Plugin up to 2.0.4 on WordPress. It has been declared as problematic. Affected by this vulnerability is some unknown functionality of the file lara-google-analytics.php. There is no information...
Auteur: VulDB

Sliced Invoices Plugin up to 3.8.2 on WordPress core/class-sliced.php sql injection

A vulnerability was found in Sliced Invoices Plugin up to 3.8.2 on WordPress. It has been classified as critical. Affected is an unknown functionality of the file core/class-sliced.php. There is no information about possible countermeasures...
Auteur: VulDB

Forgerock Identity Manager up to 6.0.0.6/6.5.0.4 Dashboard/progressiveProfileForms Stored cross site scripting

A vulnerability was found in Forgerock Identity Manager up to 6.0.0.6/6.5.0.4 and classified as problematic. This issue affects an unknown function of the component Dashboard/progressiveProfileForms. Upgrading to version 7.0.0 eliminates this...
Auteur: VulDB

ACRN Project 1.6.1/2.0 Access Control denial of service

A vulnerability has been found in ACRN Project 1.6.1/2.0 and classified as problematic. This vulnerability affects some unknown processing of the component Access Control. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

elementor Plugin up to 2.9.13 on WordPress Stored cross site scripting

A vulnerability, which was classified as problematic, was found in elementor Plugin up to 2.9.13 on WordPress. This affects an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Dolibarr CRM 11.0.4 card.php Parameter Stored cross site scripting

A vulnerability, which was classified as problematic, has been found in Dolibarr CRM 11.0.4. Affected by this issue is an unknown code of the file ticket/card.php?action=create. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Collabtive 3.0 managefile.php id/file/target Reflected cross site scripting

A vulnerability classified as problematic was found in Collabtive 3.0. Affected by this vulnerability is an unknown part of the file managefile.php. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Espressif ESP-IDF 4.0/4.1/4.2 Bluetooth Low Energy Packet Assertion denial of service

A vulnerability classified as problematic has been found in Espressif ESP-IDF 4.0/4.1/4.2. Affected is some unknown functionality of the component Bluetooth Low Energy. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Espressif ESP-IDF up to 4.2 Bluetooth Low Energy Connection Request Crash denial of service

A vulnerability was found in Espressif ESP-IDF up to 4.2. It has been rated as problematic. This issue affects an unknown functionality of the component Bluetooth Low Energy. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Texas Instruments SIMPLELINK-CC2640R2-SDK up to 2.2.3 Bluetooth Low Energy weak encryption

A vulnerability was found in Texas Instruments SIMPLELINK-CC2640R2-SDK up to 2.2.3. It has been declared as critical. This vulnerability affects an unknown function of the component Bluetooth Low Energy. There is no information about possible...
Auteur: VulDB
First396397398399400401402403404405Last

Événements SSI