Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Calendar01/Calendar02 1.0.0 cross site request forgery [CVE-2020-5615]

A vulnerability classified as problematic has been found in Calendar01 and Calendar02 1.0.0 (Calendar Software). Affected is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Kee Vault KeePassRPC up to 1.11.x SRP-6a Parameter privilege escalation

A vulnerability was found in Kee Vault KeePassRPC up to 1.11.x. It has been rated as critical. This issue affects an unknown part of the component SRP-6a Handler. Upgrading to version 1.12.0 eliminates this vulnerability.
Auteur: VulDB

Kee Vault KeePassRPC up to 1.11.x SRP-6a PRNG weak authentication

A vulnerability was found in Kee Vault KeePassRPC up to 1.11.x. It has been declared as critical. This vulnerability affects some unknown functionality of the component SRP-6a Handler. Upgrading to version 1.12.0 eliminates this vulnerability.
Auteur: VulDB

radare2 4.5.0 DWARF Information type_dwarf.c Segmentation Fault memory corruption

A vulnerability was found in radare2 4.5.0 (Programming Tool Software). It has been classified as critical. This affects an unknown functionality of the file type_dwarf.c of the component DWARF Information Handler. There is no information about...
Auteur: VulDB

Tiki up to 21.1 PreventXss.php cross site scripting

A vulnerability was found in Tiki up to 21.1 and classified as problematic. Affected by this issue is an unknown function in the library lib/core/TikiFilter/PreventXss.php. Upgrading to version 21.2 eliminates this vulnerability.
Auteur: VulDB

KDE ark prior 20.08.0 Extraction kerfuffle/jobs.cpp directory traversal

A vulnerability has been found in KDE ark and classified as critical. Affected by this vulnerability is some unknown processing of the file kerfuffle/jobs.cpp of the component Extraction Handler. Upgrading to version 20.08.0 eliminates this...
Auteur: VulDB

Openshift AMQ-Online/Enmasse prior 1.5.2 cross site request forgery

A vulnerability, which was classified as problematic, was found in Openshift AMQ-Online and Enmasse (Virtualization Software). Affected is an unknown code block. Upgrading to version 1.5.2 eliminates this vulnerability.
Auteur: VulDB

Extreme Management Center 8.4.1.24 GET Request Reflected cross site scripting

A vulnerability, which was classified as problematic, has been found in Extreme Management Center 8.4.1.24. This issue affects an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

FANUC 0i-MD/0i Mate-MD Ethernet Communication Module Malformed Packet denial of service

A vulnerability classified as problematic was found in FANUC 0i-MD and 0i Mate-MD (the affected version is unknown). This vulnerability affects an unknown part of the component Ethernet Communication Module. Proper firewalling of tcp/8193 is able...
Auteur: VulDB

Plesk Onyx 17.8.11 GET Parameter Reflected cross site scripting

A vulnerability classified as problematic has been found in Plesk Onyx 17.8.11 (Hosting Control Software). This affects some unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Plesk Obsidian 18.0.17 GET Parameter Reflected cross site scripting

A vulnerability was found in Plesk Obsidian 18.0.17. It has been rated as problematic. Affected by this issue is an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Wowza Streaming Engine up to 2019-11-28 privilege escalation

A vulnerability was found in Wowza Streaming Engine up to 2019-11-28. It has been declared as critical. Affected by this vulnerability is an unknown function. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Wowza Streaming Engine up to 2019-11-28 cross site scripting

A vulnerability was found in Wowza Streaming Engine up to 2019-11-28. It has been classified as problematic. Affected is some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

BitDefender Endpoint Security prior 4.12.80 on Mac privilege escalation

A vulnerability was found in BitDefender Endpoint Security on Mac and classified as critical. This issue affects an unknown code block. Upgrading to version 4.12.80 eliminates this vulnerability.
Auteur: VulDB

IBM Financial Transaction Manager 3.2.4 Web UI cross site scripting

A vulnerability has been found in IBM Financial Transaction Manager 3.2.4 (Financial Software) and classified as problematic. This vulnerability affects an unknown code of the component Web UI. There is no information about possible...
Auteur: VulDB

IBM i2 Analyst Notebook 9.2.1/9.2.2 memory corruption [CVE-2020-4554]

A vulnerability, which was classified as critical, was found in IBM i2 Analyst Notebook 9.2.1/9.2.2. This affects an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

IBM i2 Analyst Notebook 9.2.1/9.2.2 memory corruption [CVE-2020-4553]

A vulnerability, which was classified as critical, has been found in IBM i2 Analyst Notebook 9.2.1/9.2.2. Affected by this issue is some unknown functionality. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

IBM i2 Analyst Notebook 9.2.1 memory corruption [CVE-2020-4552]

A vulnerability classified as critical was found in IBM i2 Analyst Notebook 9.2.1. Affected by this vulnerability is an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

IBM i2 Analyst Notebook 9.2.1/9.2.2 memory corruption [CVE-2020-4551]

A vulnerability classified as critical has been found in IBM i2 Analyst Notebook 9.2.1/9.2.2. Affected is an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected object with...
Auteur: VulDB

IBM i2 Analyst Notebook 9.2.1/9.2.2 memory corruption [CVE-2020-4550]

A vulnerability was found in IBM i2 Analyst Notebook 9.2.1/9.2.2. It has been rated as critical. This issue affects some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

IBM i2 Analyst Notebook 9.2.1 memory corruption [CVE-2020-4549]

A vulnerability was found in IBM i2 Analyst Notebook 9.2.1. It has been declared as critical. This vulnerability affects an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

IBM WebSphere Application Server 7.0/8.0/8.5/9.0 UNC Path privilege escalation

A vulnerability was found in IBM WebSphere Application Server 7.0/8.0/8.5/9.0 (Application Server Software). It has been classified as critical. This affects an unknown code of the component UNC Path Handler. There is no information about...
Auteur: VulDB

IBM Cognos Anaytics 11.0/11.1 XML Data XML External Entity

A vulnerability was found in IBM Cognos Anaytics 11.0/11.1 (Business Process Management Software) and classified as critical. Affected by this issue is an unknown part of the component XML Data Handler. There is no information about possible...
Auteur: VulDB

IBM Financial Transaction Manager 3.2.4 sql injection [CVE-2020-4328]

A vulnerability has been found in IBM Financial Transaction Manager 3.2.4 (Financial Software) and classified as critical. Affected by this vulnerability is some unknown functionality. There is no information about possible countermeasures known....
Auteur: VulDB

IBM Cognos Analytics 11.0/11.1 My Schedules and Subscriptions Page privilege escalation

A vulnerability, which was classified as critical, was found in IBM Cognos Analytics 11.0/11.1 (Business Process Management Software). Affected is an unknown functionality of the component My Schedules and Subscriptions Page. There is no...
Auteur: VulDB
12345678910Last

Événements SSI