Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Responsive FileManager up to 9.14.0 ajax_calls.php name privilege escalation

A vulnerability classified as critical has been found in Responsive FileManager up to 9.14.0. Affected is an unknown functionality of the file ajax_calls.php. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

antiX/MX Linux sudo Configuration privilege escalation [CVE-2020-10587]

A vulnerability classified as critical has been found in antiX and MX Linux (the affected version unknown). This affects an unknown part of the component sudo Configuration. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

StorageGRID Webscale up to 11.2.0.7/11.3.0.3 denial of service

A vulnerability was found in StorageGRID Webscale up to 11.2.0.7/11.3.0.3. It has been rated as problematic. This issue affects an unknown function. Upgrading to version 11.2.0.8 or 11.3.0.4 eliminates this vulnerability.
Auteur: VulDB

rubygem up to 0.12.x Dashboard direction sql injection

A vulnerability was found in rubygem up to 0.12.x. It has been declared as critical. This vulnerability affects some unknown processing of the component Dashboard. Upgrading to version 0.13.0 eliminates this vulnerability.
Auteur: VulDB

wagtail-2fa up to 1.4.0 privilege escalation [CVE-2020-5240]

A vulnerability was found in wagtail-2fa up to 1.4.0. It has been classified as critical. This affects an unknown code block. Upgrading to version 1.4.1 eliminates this vulnerability.
Auteur: VulDB

Apache Commons Configuration 2.2/2.3/2.4/2.5/2.6 YAML File Parser Code Execution

A vulnerability was found in Apache Commons Configuration 2.2/2.3/2.4/2.5/2.6 and classified as critical. Affected by this issue is an unknown code of the component YAML File Parser. There is no information about possible countermeasures known....
Auteur: VulDB

grub2-bhyve grub2.cfg memory corruption

A vulnerability has been found in grub2-bhyve (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown part of the file grub2.cfg. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

grub2-bhyve grub2.cfg Code Execution

A vulnerability, which was classified as critical, was found in grub2-bhyve (version unknown). Affected is some unknown functionality of the file grub2.cfg. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

File Upload Plugin up to 4.12.x on WordPress wfu_include_lib directory traversal

A vulnerability, which was classified as critical, has been found in File Upload Plugin up to 4.12.x on WordPress (WordPress Plugin). This issue affects an unknown functionality in the library wfu_include_lib of the component File Upload....
Auteur: VulDB

DEVOME GRR up to 3.4.1 frmcontactlist.php SQL Query unknown vulnerability

A vulnerability classified as problematic was found in DEVOME GRR up to 3.4.1. This vulnerability affects an unknown function of the file frmcontactlist.php. Upgrading to version 3.4.1c eliminates this vulnerability.
Auteur: VulDB

DEVOME GRR up to 3.4.1 File Upload admin_edit_room.php unknown vulnerability

A vulnerability classified as problematic has been found in DEVOME GRR up to 3.4.1. This affects some unknown processing of the file admin_edit_room.php of the component File Upload. Upgrading to version 3.4.1c eliminates this vulnerability.
Auteur: VulDB

Primetek Primefaces 7.0.11 tooltip/tooltip.js cross site scripting

A vulnerability was found in Primetek Primefaces 7.0.11. It has been rated as problematic. Affected by this issue is an unknown code block of the file tooltip/tooltip.js. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Sapplica Sentrifugo 3.2 add addAction id sql injection

A vulnerability was found in Sapplica Sentrifugo 3.2. It has been declared as critical. Affected by this vulnerability is the function addAction of the file index.php/holidaygroups/add. There is no information about possible countermeasures...
Auteur: VulDB

popup-builder Plugin up to 3.64.0 on WordPress com/classes/Ajax.php allPopupData cross site scripting

A vulnerability was found in popup-builder Plugin up to 3.64.0 on WordPress. It has been classified as problematic. Affected is an unknown part of the file com/classes/Ajax.php. Upgrading to version 3.64.1 eliminates this vulnerability.
Auteur: VulDB

popup-builder Plugin up to 3.64.0 on WordPress com/classes/Actions.php action information disclosure

A vulnerability was found in popup-builder Plugin up to 3.64.0 on WordPress and classified as problematic. This issue affects some unknown functionality of the file com/classes/Actions.php. Upgrading to version 3.64.1 eliminates this...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.8.1 Grafana Integration cross site scripting

A vulnerability has been found in GitLab Community Edition and Enterprise Edition up to 12.8.1 and classified as problematic. This vulnerability affects an unknown functionality of the component Grafana Integration. There is no information about...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.8.1 cross site scripting

A vulnerability, which was classified as problematic, was found in GitLab Community Edition and Enterprise Edition up to 12.8.1. This affects an unknown function. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.8.1 information disclosure

A vulnerability, which was classified as problematic, has been found in GitLab Community Edition and Enterprise Edition up to 12.8.1. Affected by this issue is some unknown processing. There is no information about possible countermeasures known....
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.8.1 Request denial of service

A vulnerability classified as problematic was found in GitLab Community Edition and Enterprise Edition up to 12.8.1. Affected by this vulnerability is an unknown code block. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.8.1 Permission privilege escalation

A vulnerability classified as critical has been found in GitLab Community Edition and Enterprise Edition up to 12.8.1. Affected is an unknown code of the component Permission. There is no information about possible countermeasures known. It may...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.8.1 Badge Image information disclosure

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 12.8.1. It has been rated as problematic. This issue affects an unknown part of the component Badge Image Handler. Upgrading to version 12.8.2 eliminates this...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.8.1 Endpoint directory traversal

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 12.8.1. It has been declared as critical. This vulnerability affects some unknown functionality of the component Endpoint. There is no information about possible...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.8.1 Merge Request information disclosure

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 12.8.1. It has been classified as problematic. This affects an unknown functionality. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

GitLab Enterprise Edition up to 12.8.1 Endpoint Request information disclosure

A vulnerability was found in GitLab Enterprise Edition up to 12.8.1 and classified as problematic. Affected by this issue is an unknown function of the component Endpoint. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.8.1 Permission privilege escalation

A vulnerability has been found in GitLab Community Edition and Enterprise Edition up to 12.8.1 and classified as critical. Affected by this vulnerability is some unknown processing of the component Permission. There is no information about...
Auteur: VulDB
First397398399400401402403404405406Last

Événements SSI