samedi 6 juin 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Loftek Nexus 543 IP Camera set_users.cgi cross site request forgery

A vulnerability was found in Loftek Nexus 543 IP Camera (Network Camera Software) (affected version not known). It has been rated as problematic. Affected by this issue is an unknown code of the file set_users.cgi. There is no information about...
Auteur: VulDB

Loftek Nexus 543 IP Camera /proc/kcore/ HTTP GET Request directory traversal

A vulnerability was found in Loftek Nexus 543 IP Camera (Network Camera Software) (affected version unknown). It has been declared as critical. Affected by this vulnerability is an unknown part of the file /proc/kcore/. Applying a patch is able...
Auteur: VulDB

xlockmore up to 5.42 dclock privilege escalation

A vulnerability was found in xlockmore up to 5.42. It has been classified as critical. Affected is some unknown functionality of the component dclock. Upgrading to version 5.43 eliminates this vulnerability. A possible mitigation has been...
Auteur: VulDB

Mono 2.10.x ASP.NET Web Form Hash denial of service

A vulnerability was found in Mono 2.10.x and classified as problematic. This issue affects an unknown functionality of the component ASP.NET Web Form Hash Handler. Upgrading eliminates this vulnerability. A possible mitigation has been published...
Auteur: VulDB

cumin PostgreSQL Database weak authentication [CVE-2012-3460]

A vulnerability has been found in cumin (the affected version is unknown) and classified as critical. This vulnerability affects an unknown function of the component PostgreSQL Database. There is no information about possible countermeasures...
Auteur: VulDB

pam_shield up to 0.9.3 Default Configuration privilege escalation

A vulnerability, which was classified as critical, was found in pam_shield up to 0.9.3. This affects some unknown processing of the component Default Configuration. Upgrading to version 0.9.4 eliminates this vulnerability.
Auteur: VulDB

trytond 2.4 ModelView.button privilege escalation

A vulnerability, which was classified as critical, has been found in trytond 2.4. Affected by this issue is the function ModelView.button. Upgrading eliminates this vulnerability.
Auteur: VulDB

Activity Module 6.x-1.x on Drupal cross site request forgery

A vulnerability classified as problematic was found in Activity Module 6.x-1.x on Drupal. Affected by this vulnerability is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Activity Module 6.x-1.x on Drupal cross site scripting [CVE-2012-2078]

A vulnerability classified as problematic has been found in Activity Module 6.x-1.x on Drupal. Affected is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Quick Tabs Module up to 6.x-2.0/6.x-3.0/7.x-3.2 on Drupal cross site scripting

A vulnerability was found in Quick Tabs Module up to 6.x-2.0/6.x-3.0/7.x-3.2 on Drupal. It has been rated as problematic. This issue affects some unknown functionality. Upgrading to version 6.x-2.1, 6.x-3.1 or 7.x-3.3 eliminates this...
Auteur: VulDB

Chyrp up to 2.1.1/2.5 Beta 1 includes/ajax.php content/body cross site scripting

A vulnerability was found in Chyrp up to 2.1.1/2.5 Beta 1. It has been declared as problematic. This vulnerability affects an unknown functionality of the file includes/ajax.php. Upgrading to version 2.1.2 or 2.5 Beta 2 eliminates this...
Auteur: VulDB

ISC Releases Security Advisory for BIND

Original release date: November 21, 2019The Internet Systems Consortium (ISC) has released a security advisory that addresses a vulnerability affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit...
Auteur: US Cert

Microsoft Releases Outlook for Android Security Update

Original release date: November 21, 2019Microsoft has released an update to address a vulnerability in Outlook for Android. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure...
Auteur: US Cert

CERTFR-2019-AVI-586 : Vulnérabilité dans IBM QRadar (21 novembre 2019)

Une vulnérabilité a été découverte dans IBM QRadar. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Auteur: Cert FR

CERTFR-2019-AVI-585 : Vulnérabilité dans BIND (21 novembre 2019)

Une vulnérabilité a été découverte dans BIND. Elle permet à un attaquant de provoquer un déni de service à distance et un contournement de la politique de sécurité.

Auteur: Cert FR

CERTFR-2019-AVI-584 : Vulnérabilité dans Fortinet FortiOS (21 novembre 2019)

Une vulnérabilité a été découverte dans Fortinet FortiOS. Elle permet à un attaquant de provoquer une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.

Auteur: Cert FR

CERTFR-2019-AVI-583 : Vulnérabilité dans le noyau Linux de SUSE (21 novembre 2019)

Une vulnérabilité a été découverte dans le noyau Linux de SUSE. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

Auteur: Cert FR

Linux Kernel up to 5.3.12 fs/btrfs/extent-tree.c __btrfs_free_extent information disclosure

A vulnerability was found in Linux Kernel up to 5.3.12 (Operating System). It has been classified as problematic. This affects the function __btrfs_free_extent of the file fs/btrfs/extent-tree.c. There is no information about possible...
Auteur: VulDB

Linux Kernel up to 5.3.12 fs/ext4/namei.c ext4_empty_dir denial of service

A vulnerability was found in Linux Kernel up to 5.3.12 (Operating System) and classified as problematic. Affected by this issue is the function ext4_empty_dir of the file fs/ext4/namei.c. There is no information about possible countermeasures...
Auteur: VulDB

Linux Kernel up to 5.3.12 fs/btrfs/ctree.c btrfs_root_node denial of service

A vulnerability has been found in Linux Kernel up to 5.3.12 (Operating System) and classified as problematic. Affected by this vulnerability is the function btrfs_root_node of the file fs/btrfs/ctree.c. There is no information about possible...
Auteur: VulDB

Schneider Electric Andover Continuum Web Server cross site scripting

A vulnerability, which was classified as problematic, was found in Schneider Electric Andover Continuum (version unknown). Affected is an unknown code of the component Web Server. There is no information about possible countermeasures known. It...
Auteur: VulDB

Schneider Electric Modicon M340 CPU Web Server Default Credentials weak authentication

A vulnerability, which was classified as critical, has been found in Schneider Electric Modicon M340 CPU, Modicon M340 Communication Module, Modicon Premium CPU, Modicon Premium Communication Module, Modicon Quantum CPU and Modicon Quantum...
Auteur: VulDB

VMware Workstation/Fusion RPC denial of service [CVE-2019-5542]

A vulnerability classified as problematic was found in VMware Workstation and Fusion (the affected version is unknown). This vulnerability affects some unknown functionality of the component RPC Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

VMware Workstation/Fusion e1000e Virtual Network Adapter Out-of-Bounds memory corruption

A vulnerability classified as critical has been found in VMware Workstation and Fusion (the affected version unknown). This affects an unknown functionality of the component e1000e Virtual Network Adapter. Upgrading eliminates this vulnerability.
Auteur: VulDB

VMware Workstation/Fusion vmnetdhcp information disclosure [CVE-2019-5540]

A vulnerability was found in VMware Workstation and Fusion (affected version not known). It has been rated as problematic. Affected by this issue is an unknown function of the component vmnetdhcp. Upgrading eliminates this vulnerability.
Auteur: VulDB
First396397398399400401402403404405Last

Événements SSI