jeudi 27 février 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

SmartClient 12.0 developerConsoleOperations.jsp _transaction information disclosure

A vulnerability classified as problematic was found in SmartClient 12.0. This vulnerability affects some unknown processing of the file /tools/developerConsoleOperations.jsp. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

SAS Visual Analytics 8.5 Graph Builder cross site scripting

A vulnerability classified as problematic has been found in SAS Visual Analytics 8.5. This affects an unknown code block of the component Graph Builder. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

F-Secure Cloud Protection For Salesforce prior 17.0.605.474 AV Parsing Engine GZIP Archive privilege escalation

A vulnerability was found in F-Secure Cloud Protection For Salesforce, Email, Server Security and Internet GateKeeper (Cloud Software). It has been rated as critical. Affected by this issue is an unknown code of the component AV Parsing Engine....
Auteur: VulDB

CandidATS 2.1.0 index.php cross site request forgery

A vulnerability was found in CandidATS 2.1.0. It has been declared as problematic. Affected by this vulnerability is an unknown part of the file index.php?m=settings&a=addUser. There is no information about possible countermeasures known. It may...
Auteur: VulDB

fauzantrif eLection 2.0 op_kandidat.php id sql injection

A vulnerability was found in fauzantrif eLection 2.0. It has been classified as critical. Affected is some unknown functionality of the file admin/ajax/op_kandidat.php. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Soplanning 1.45 status.php Name/Comment cross site scripting

A vulnerability was found in Soplanning 1.45 and classified as problematic. This issue affects an unknown functionality of the file status.php. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Soplanning 1.45 cross site scripting [CVE-2020-9338]

A vulnerability has been found in Soplanning 1.45 and classified as problematic. This vulnerability affects an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected object with...
Auteur: VulDB

fauzantrif eLection 2.0 Admin Dashboard cross site scripting

A vulnerability, which was classified as problematic, was found in fauzantrif eLection 2.0. This affects some unknown processing of the component Admin Dashboard. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Xerox WorkCentre Printer prior 073.xxx.000.02300 LDAP Default Credentials privilege escalation

A vulnerability, which was classified as critical, has been found in Xerox WorkCentre Printer (Printing Software). Affected by this issue is an unknown code block of the component LDAP Handler. Upgrading to version 073.xxx.000.02300 eliminates...
Auteur: VulDB

Gogs up to 0.11.91 internal/db/repo.go privilege escalation

A vulnerability classified as critical was found in Gogs up to 0.11.91. Affected by this vulnerability is an unknown code of the file internal/db/repo.go. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

SQLite 3.31.1 Column NULL Pointer Dereference denial of service

A vulnerability classified as problematic has been found in SQLite 3.31.1. Affected is an unknown part of the component Column Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Couchbase Server up to 5.x REST Endpoint privilege escalation

A vulnerability was found in Couchbase Server up to 5.x. It has been rated as critical. This issue affects some unknown functionality of the component REST Endpoint. Upgrading to version 6.0.0 eliminates this vulnerability.
Auteur: VulDB

D-Link DAP-2610 v2.01RC067 weak authentication [CVE-2020-8862]

A vulnerability was found in D-Link DAP-2610 v2.01RC067. It has been declared as critical. This vulnerability affects an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

D-Link DAP-1330 1.10B01 HNAP Login Request weak authentication

A vulnerability was found in D-Link DAP-1330 1.10B01. It has been classified as critical. This affects an unknown function of the component HNAP Login Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Samsung Galaxy S10 G973FXXS3ASJA/O(8.x)/P(9.0)/Q(10.0) Exynos Chipset Messages Stack-based memory corruption

A vulnerability was found in Samsung Galaxy S10 G973FXXS3ASJA/O(8.x)/P(9.0)/Q(10.0) and classified as critical. Affected by this issue is some unknown processing of the component Exynos Chipset. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cacti 1.2.8 Cooikie graph_realtime.php privilege escalation

A vulnerability has been found in Cacti 1.2.8 and classified as critical. Affected by this vulnerability is an unknown code block of the file graph_realtime.php of the component Cooikie Handler. There is no information about possible...
Auteur: VulDB

JetBrains Scala Plugin prior 2019.2.1 weak encryption [CVE-2020-7907]

A vulnerability, which was classified as critical, was found in JetBrains Scala Plugin. Affected is an unknown code. Upgrading to version 2019.2.1 eliminates this vulnerability.
Auteur: VulDB

D-Link DCH-M225 up to 1.05b01 Media Renderer Name Shell Metacharacter OS Command Injection privilege escalation

A vulnerability, which was classified as critical, has been found in D-Link DCH-M225 up to 1.05b01. This issue affects an unknown part of the component Media Renderer Name Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

D-Link DCH-M225 up to 1.05b01 spotifyConnect.php userName privilege escalation

A vulnerability classified as critical was found in D-Link DCH-M225 up to 1.05b01. This vulnerability affects some unknown functionality of the file spotifyConnect.php. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Aterm WG2600HS up to 1.3.2 OS Command Injection privilege escalation

A vulnerability classified as critical has been found in Aterm WG2600HS up to 1.3.2. This affects an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Aterm WG2600HS up to 1.3.2 cross site scripting [CVE-2020-5533]

A vulnerability was found in Aterm WG2600HS up to 1.3.2. It has been rated as problematic. Affected by this issue is an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Aterm WF1200C/WG1200CR/WG2600HS Management Screen OS Command Injection privilege escalation

A vulnerability was found in Aterm WF1200C, WG1200CR and WG2600HS (affected version unknown). It has been declared as critical. Affected by this vulnerability is some unknown processing of the component Management Screen. There is no information...
Auteur: VulDB

Aterm WF1200C/WG1200CR/WG2600HS UPnP OS Command Injection privilege escalation

A vulnerability was found in Aterm WF1200C, WG1200CR and WG2600HS (version unknown). It has been classified as critical. Affected is an unknown code block of the component UPnP. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Dell Client Platform BIOS Setup weak authentication [CVE-2020-5326]

A vulnerability was found in Dell Client Platform (unknown version) and classified as problematic. This issue affects an unknown code of the component BIOS Setup. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Dell Client Consumer and Commercial Platform Firmware Update Utility privilege escalation

A vulnerability has been found in Dell Client Consumer and Commercial Platform (the affected version is unknown) and classified as problematic. This vulnerability affects an unknown part of the component Firmware Update Utility. There is no...
Auteur: VulDB
12345678910Last

Événements SSI