Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Backdoor.Win32.Small.n Service Port 1337 backdoor

A vulnerability classified as very critical has been found in Backdoor.Win32.Small.n (Remote Access Software) (version unknown). Affected is an unknown part of the component Service Port 1337. There is no information about possible...
Auteur: VulDB

Backdoor.Win32.Hupigon.das Service Port 8080 winserv.com backdoor

A vulnerability was found in Backdoor.Win32.Hupigon.das (Remote Access Software) (unknown version). It has been rated as critical. This issue affects some unknown functionality of the file winserv.com of the component Service Port 8080. There is...
Auteur: VulDB

Trojan-Downloader.Win32.Genome.omht C:\wjmd97\ permission

A vulnerability was found in Trojan-Downloader.Win32.Genome.omht (the affected version is unknown). It has been declared as critical. This vulnerability affects an unknown functionality of the file C:\wjmd97\. There is no information about...
Auteur: VulDB

Trojan-Downloader.Win32.Genome.qiw C:\tmp permission

A vulnerability was found in Trojan-Downloader.Win32.Genome.qiw (the affected version unknown). It has been classified as critical. This affects an unknown function of the file C:\tmp. There is no information about possible countermeasures known....
Auteur: VulDB

Trojan.Win32.Hotkeychick.d C:\Sniperscan permission

A vulnerability was found in Trojan.Win32.Hotkeychick.d (affected version not known) and classified as critical. Affected by this issue is some unknown processing of the file C:\Sniperscan. There is no information about possible countermeasures...
Auteur: VulDB

Trojan.Win32.Hosts2.yqf C:\mlekaocYUmaae permission

A vulnerability has been found in Trojan.Win32.Hosts2.yqf (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown code block of the file C:\mlekaocYUmaae. There is no information about possible...
Auteur: VulDB

Trojan-Downloader.Win32.FraudLoad.xevn C:\usxxxxxxxx.exe\ permission

A vulnerability, which was classified as critical, was found in Trojan-Downloader.Win32.FraudLoad.xevn (version unknown). Affected is an unknown code of the file C:\usxxxxxxxx.exe\. There is no information about possible countermeasures known. It...
Auteur: VulDB

Trojan.Win32.Sharer.h HFS HTTP File Server buffer overflow [CVE-2020-13432]

A vulnerability, which was classified as critical, has been found in Trojan.Win32.Sharer.h (unknown version). This issue affects an unknown part of the component HFS HTTP File Server. Addressing this vulnerability is possible by firewalling .
Auteur: VulDB

Trojan.Win32.Sharer.h FTP Server backdoor

A vulnerability classified as critical was found in Trojan.Win32.Sharer.h (the affected version is unknown). This vulnerability affects some unknown functionality of the component FTP Server. Proper firewalling of is able to address this issue.
Auteur: VulDB

Trojan.Win32.Sharer.h FTP Server improper authentication

A vulnerability classified as critical has been found in Trojan.Win32.Sharer.h (the affected version unknown). This affects an unknown functionality of the component FTP Server. It is possible to mitigate the weakness by firewalling .
Auteur: VulDB

CERN Indico up to 2.3.3 Host Header password recovery

A vulnerability was found in CERN Indico up to 2.3.3. It has been rated as critical. Affected by this issue is an unknown function of the component Host Header Handler. Upgrading to version 2.3.4 eliminates this vulnerability. The upgrade is...
Auteur: VulDB

FreeBSD up to 12.2/13.0 Listening Socket accf_create use after free

A vulnerability was found in FreeBSD up to 12.2/13.0 (Operating System). It has been declared as critical. Affected by this vulnerability is the function accf_create of the component Listening Socket Handler. Applying a patch is able to eliminate...
Auteur: VulDB

FreeBSD up to 11.4/12.2/13.0-RC5/12.2 Shared Memory Page use after free

A vulnerability was found in FreeBSD up to 11.4/12.2/13.0-RC5/12.2 (Operating System). It has been classified as problematic. Affected is an unknown code block of the component Shared Memory Page Handler. Applying a patch is able to eliminate...
Auteur: VulDB

libretro RetroArch 0.11 on Windows PowerShell platform_win32.c accessibility_speak_windows command injection

A vulnerability was found in libretro RetroArch 0.11 on Windows and classified as critical. This issue affects the function accessibility_speak_windows of the file platform_win32.c of the component PowerShell Handler. Applying a patch is able to...
Auteur: VulDB

Jenkins Promoted Builds Plugin up to 3.9 cross-site request forgery

A vulnerability has been found in Jenkins Promoted Builds Plugin up to 3.9 (Continuous Integration Software) and classified as problematic. This vulnerability affects an unknown part. There is no information about possible countermeasures known....
Auteur: VulDB

Jenkins up to LTS 2.277.1/2.286 View permission

A vulnerability, which was classified as critical, was found in Jenkins up to LTS 2.277.1/2.286 (Continuous Integration Software). This affects some unknown functionality of the component View Handler. There is no information about possible...
Auteur: VulDB

Jenkins up to LTS 2.277.1/2.286 REST API Endpoint config.xml permission

A vulnerability, which was classified as critical, has been found in Jenkins up to LTS 2.277.1/2.286 (Continuous Integration Software). Affected by this issue is an unknown functionality of the file config.xml of the component REST API Endpoint....
Auteur: VulDB

FreeBSD up to 11.4/12.2/13.0-RC5/12.2 jail race condition

A vulnerability classified as problematic was found in FreeBSD up to 11.4/12.2/13.0-RC5/12.2 (Operating System). Affected by this vulnerability is an unknown function of the component jail. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Wcms 0.3.2 wex/html.php pagename cross site scripting

A vulnerability classified as problematic has been found in Wcms 0.3.2. Affected is some unknown processing of the file wex/html.php. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

Wcms 0.3.2 wex/html.php pagename pathname traversal

A vulnerability was found in Wcms 0.3.2. It has been rated as problematic. This issue affects an unknown code block of the file wex/html.php. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

GNU Chess 6.2.7 PGN frontend/cmd.cc cmd_pgnload/cmd_pgnreplay buffer overflow

A vulnerability was found in GNU Chess 6.2.7. It has been declared as critical. This vulnerability affects the function cmd_pgnload/cmd_pgnreplay of the file frontend/cmd.cc of the component PGN Handler. There is no information about possible...
Auteur: VulDB

GNOME file-roller up to 3.38.0 Extraction fr-archive-libarchive.c pathname traversal

A vulnerability was found in GNOME file-roller up to 3.38.0. It has been classified as critical. This affects an unknown part of the file fr-archive-libarchive.c of the component Extraction Handler. Applying a patch is able to eliminate this...
Auteur: VulDB

PHP-Nuke 8.3.3 User Registration OrderBy sql injection

A vulnerability was found in PHP-Nuke 8.3.3 (Content Management System) and classified as critical. Affected by this issue is some unknown functionality of the component User Registration Handler. There is no information about possible...
Auteur: VulDB

D-Link DSL-320B-D1 up to EU_1.25 login.xgi user/pass buffer overflow

A vulnerability has been found in D-Link DSL-320B-D1 up to EU_1.25 and classified as critical. Affected by this vulnerability is an unknown functionality of the file login.xgi. The problem might be mitigated by replacing the product with as an...
Auteur: VulDB

EikiSoft Archive Collectively Operation Utility up to 2.10.1.0 ZIP Archive pathname traversal

A vulnerability, which was classified as critical, was found in EikiSoft Archive Collectively Operation Utility up to 2.10.1.0. Affected is an unknown function of the component ZIP Archive Handler. Upgrading to version 2.10.2.0 eliminates this...
Auteur: VulDB
12345678910Last

Événements SSI