Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Devolutions Server/Server LTS delete sql injection

A vulnerability was found in Devolutions Server and Server LTS (the affected version unknown). It has been classified as critical. This affects an unknown part of the file api/security/userinfo/delete. Upgrading eliminates this vulnerability.
Auteur: VulDB

Group Office 6.4.196 URL Parameter group/api/upload.php url server-side request forgery

A vulnerability was found in Group Office 6.4.196 and classified as critical. Affected by this issue is some unknown functionality of the file group/api/upload.php of the component URL Parameter Handler. There is no information about possible...
Auteur: VulDB

Devolutions Server/Server LTS HTML Page unknown vulnerability

A vulnerability has been found in Devolutions Server and Server LTS (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown functionality of the component HTML Page Handler. Upgrading eliminates this...
Auteur: VulDB

TOTOLINK X5000R/A720R HTTP Request ip os command injection

A vulnerability, which was classified as critical, was found in TOTOLINK X5000R and A720R (version unknown). Affected is an unknown function of the component HTTP Request Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

TOTOLINK X5000R/A720R HTTP Request command os command injection

A vulnerability, which was classified as critical, has been found in TOTOLINK X5000R and A720R (unknown version). This issue affects some unknown processing of the component HTTP Request Handler. There is no information about possible...
Auteur: VulDB

Parallels Desktop 16.0.1-48919 Toolgate out-of-bounds read

A vulnerability classified as problematic was found in Parallels Desktop 16.0.1-48919. This vulnerability affects an unknown code block of the component Toolgate. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Parallels Desktop 16.0.1-48919 Toolgate integer overflow

A vulnerability classified as critical has been found in Parallels Desktop 16.0.1-48919. This affects an unknown code of the component Toolgate. Upgrading to version 16.0.1-4891 eliminates this vulnerability.
Auteur: VulDB

SolarWinds Orion Platform 2020.2 SaveUserSetting Endpoint access control

A vulnerability was found in SolarWinds Orion Platform 2020.2. It has been rated as critical. Affected by this issue is an unknown part of the component SaveUserSetting Endpoint. There is no information about possible countermeasures known. It...
Auteur: VulDB

Netgear Nighthawk R7800 apply_bind.cgi rc_service heap-based overflow

A vulnerability was found in Netgear Nighthawk R7800 (affected version unknown). It has been declared as critical. Affected by this vulnerability is some unknown functionality of the file apply_bind.cgi. Upgrading eliminates this vulnerability.
Auteur: VulDB

Netgear R7800 1.0.2.76 DHCP os command injection

A vulnerability was found in Netgear R7800 1.0.2.76 (Wireless LAN Software). It has been classified as critical. Affected is an unknown functionality of the component DHCP Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

Netgear Nighthawk R7800 Update cleartext transmission [CVE-2021-27251]

A vulnerability was found in Netgear Nighthawk R7800 (unknown version) and classified as critical. This issue affects an unknown function of the component Update Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

D-Link DAP-2020 1.01rc001 CGI Script errorpage file inclusion

A vulnerability has been found in D-Link DAP-2020 1.01rc001 and classified as problematic. This vulnerability affects some unknown processing of the component CGI Script Handler. Upgrading to version 1.01rc00 eliminates this vulnerability.
Auteur: VulDB

D-Link DAP-2020 1.01rc001 CGI Script os command injection

A vulnerability, which was classified as critical, was found in D-Link DAP-2020 1.01rc001. This affects an unknown code block of the component CGI Script Handler. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

D-Link DAP-2020 1.01rc001 CGI Script getpage stack-based overflow

A vulnerability, which was classified as critical, has been found in D-Link DAP-2020 1.01rc001. Affected by this issue is an unknown code of the component CGI Script Handler.
Auteur: VulDB

Tencent WeChat Desktop 2.9.5 out-of-bounds read [CVE-2021-27247]

A vulnerability classified as problematic was found in Tencent WeChat Desktop 2.9.5 (Chat Software). Affected by this vulnerability is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

TP-LINK Archer A7 AC1750 1.0.15 tdpServer Endpoint stack-based overflow

A vulnerability classified as critical has been found in TP-LINK Archer A7 AC1750 1.0.15. Affected is some unknown functionality of the component tdpServer Endpoint. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Alt-N MDaemon up to 20.0.3 Remote Privilege Escalation [CVE-2021-27183]

A vulnerability was found in Alt-N MDaemon up to 20.0.3 (Mail Server Software). It has been rated as critical. Upgrading to version 20.0.4 eliminates this vulnerability. The upgrade is hosted for download at altn.com.
Auteur: VulDB

Alt-N MDaemon up to 20.0.3 Worldclient injection

A vulnerability was found in Alt-N MDaemon up to 20.0.3 (Mail Server Software). It has been declared as critical. This vulnerability affects an unknown function of the component Worldclient. Upgrading to version 20.0.4 eliminates this...
Auteur: VulDB

Alt-N MDaemon up to 20.0.3 cross-site request forgery [CVE-2021-27181]

A vulnerability was found in Alt-N MDaemon up to 20.0.3 (Mail Server Software). It has been classified as problematic. This affects some unknown processing. Upgrading to version 20.0.4 eliminates this vulnerability. The upgrade is hosted for...
Auteur: VulDB

Alt-N MDaemon up to 20.0.3 Worldclient cross site scripting

A vulnerability was found in Alt-N MDaemon up to 20.0.3 (Mail Server Software) and classified as problematic. Affected by this issue is an unknown code block of the component Worldclient. Upgrading to version 20.0.4 eliminates this vulnerability....
Auteur: VulDB

Atlassian JIRA Server/Data Center up to 8.5.11/8.13.3 Cookie missing secure attribute

A vulnerability has been found in Atlassian JIRA Server and Data Center up to 8.5.11/8.13.3 (Bug Tracking Software) and classified as problematic. Affected by this vulnerability is an unknown code of the component Cookie Handler. Upgrading to...
Auteur: VulDB

Atlassian JIRA Server/Data Center up to 8.5.11/8.13.3/8.15.0 Jira Importers Plugin information disclosure

A vulnerability, which was classified as problematic, was found in Atlassian JIRA Server and Data Center up to 8.5.11/8.13.3/8.15.0 (Bug Tracking Software). Affected is an unknown part of the component Jira Importers Plugin. Upgrading to version...
Auteur: VulDB

Joomla! up to 3.9.25 Module Layout Settings unknown vulnerability

A vulnerability, which was classified as critical, has been found in Joomla! up to 3.9.25 (Content Management System). This issue affects some unknown functionality of the component Module Layout Settings. There is no information about possible...
Auteur: VulDB

Joomla! up to 3.9.25 Error Page logo cross site scripting

A vulnerability classified as problematic was found in Joomla! up to 3.9.25 (Content Management System). This vulnerability affects an unknown functionality of the component Error Page Handler. There is no information about possible...
Auteur: VulDB

Atlassian JIRA Server/Data Center up to 8.5.11/8.13.3/8.15.0 Issue Navigation/Search View cross site scripting

A vulnerability classified as problematic has been found in Atlassian JIRA Server and Data Center up to 8.5.11/8.13.3/8.15.0 (Bug Tracking Software). This affects an unknown function of the component Issue Navigation/Search View. Upgrading to...
Auteur: VulDB
12345678910Last

Événements SSI