Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Anuko Time Tracker prior 1.19.24.5415/1.19.24.5416 Password Reset password recovery

A vulnerability was found in Anuko Time Tracker and classified as problematic. Affected by this issue is an unknown part of the component Password Reset Handler. Upgrading to version 1.19.24.5415 or 1.19.24.5416 eliminates this vulnerability....
Auteur: VulDB

GitHub Enterprise Server up to 2.20.23/2.21.14/2.22.6 Parser Configuration command injection

A vulnerability has been found in GitHub Enterprise Server up to 2.20.23/2.21.14/2.22.6 (Bug Tracking Software) and classified as critical. Affected by this vulnerability is some unknown functionality of the component Parser Configuration...
Auteur: VulDB

CERTFR-2021-ALE-004 : Multiples vulnérabilités dans Microsoft Exchange Server (03 mars 2021)

Le 2 mars 2021, Microsoft a publié des correctifs concernant des vulnérabilités critiques de type « jour zéro » (zero day) affectant les serveurs de messagerie Exchange en version 2010, 2013, 2016 et 2019. Ces vulnérabilités permettent à un...
Auteur: Cert FR

CERTFR-2021-AVI-161 : Multiples vulnérabilités dans Joomla! (03 mars 2021)

De multiples vulnérabilités ont été découvertes dans Joomla!. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur et une injection de code indirecte à distance (XSS).

Auteur: Cert FR

CERTFR-2021-AVI-160 : Vulnérabilité dans Junos OS (03 mars 2021)

Une vulnérabilité a été découverte dans Junos OS. Elle permet à un attaquant de provoquer un déni de service.

Auteur: Cert FR

CERTFR-2021-AVI-159 : Vulnérabilité dans les produits Trend Micro (03 mars 2021)

Une vulnérabilité a été découverte dans les produits Trend Micro. Elle permet à un attaquant de provoquer un déni de service.

Auteur: Cert FR

CERTFR-2021-AVI-158 : Multiples vulnérabilités dans le noyau Linux de Red Hat (03 mars 2021)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service, un contournement de la politique de sécurité et une atteinte à l'intégrité des...
Auteur: Cert FR

CERTFR-2021-AVI-157 : Multiples vulnérabilités dans Tenable.sc (03 mars 2021)

De multiples vulnérabilités ont été découvertes dans les produits Tenable. Elles permettent à un attaquant authentifié de provoquer une exécution de code arbitraire à distance et un dénis de service.

Auteur: Cert FR

CERTFR-2021-AVI-156 : Multiples vulnérabilités dans Microsoft Exchange Server (03 mars 2021)

De multiples vulnérabilités ont été découvertes dans Microsoft Exchange Server. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.

Auteur: Cert FR

Stormshield Network Security up to 2.7.7/2.16.0/3.7.16/3.11.4/4.1.5 Table Management denial of service

A vulnerability, which was classified as problematic, was found in Stormshield Network Security up to 2.7.7/2.16.0/3.7.16/3.11.4/4.1.5. Affected is an unknown functionality of the component Table Management Handler. Upgrading to version 2.7.8,...
Auteur: VulDB

e107 CMS up to 2.3.0 usersettings.php protection mechanism

A vulnerability, which was classified as critical, has been found in e107 CMS up to 2.3.0 (Content Management System). This issue affects an unknown function of the file usersettings.php. Applying a patch is able to eliminate this problem. The...
Auteur: VulDB

Microsoft Exchange Server 2013 CU23/2016 CU18/2016 CU19/2019 CU7/2019 CU8 Remote Privilege Escalation

A vulnerability classified as very critical was found in Microsoft Exchange Server 2013 CU23/2016 CU18/2016 CU19/2019 CU7/2019 CU8 (Groupware Software). Applying a patch is able to eliminate this problem. A possible mitigation has been published...
Auteur: VulDB

Microsoft Exchange Server 2013 CU23/2016 CU18/2016 CU19/2019 CU7/2019 CU8 Remote Code Execution

A vulnerability classified as critical has been found in Microsoft Exchange Server 2013 CU23/2016 CU18/2016 CU19/2019 CU7/2019 CU8 (Groupware Software). Applying a patch is able to eliminate this problem. A possible mitigation has been published...
Auteur: VulDB

Microsoft Exchange Server 2013 CU23/2016 CU18/2016 CU19/2019 CU7/2019 CU8 Remote Code Execution

A vulnerability was found in Microsoft Exchange Server 2013 CU23/2016 CU18/2016 CU19/2019 CU7/2019 CU8 (Groupware Software). It has been rated as critical. Applying a patch is able to eliminate this problem. A possible mitigation has been...
Auteur: VulDB

Microsoft Exchange Server 2013 CU23/2016 CU18/2016 CU19/2019 CU7/2019 CU8 Remote Code Execution

A vulnerability was found in Microsoft Exchange Server 2013 CU23/2016 CU18/2016 CU19/2019 CU7/2019 CU8 (Groupware Software). It has been declared as critical. Applying a patch is able to eliminate this problem. A possible mitigation has been...
Auteur: VulDB

Microsoft Exchange Server 2013 CU23/2016 CU18/2016 CU19/2019 CU7/2019 CU8 unknown vulnerability

A vulnerability was found in Microsoft Exchange Server 2013 CU23/2016 CU18/2016 CU19/2019 CU7/2019 CU8 (Groupware Software). It has been classified as very critical. Applying a patch is able to eliminate this problem. A possible mitigation has...
Auteur: VulDB

Microsoft Exchange Server 2013 CU23/2016 CU18/2016 CU19/2019 CU7/2019 CU8 Remote Privilege Escalation

A vulnerability was found in Microsoft Exchange Server 2013 CU23/2016 CU18/2016 CU19/2019 CU7/2019 CU8 (Groupware Software) and classified as critical. Applying a patch is able to eliminate this problem. A possible mitigation has been published...
Auteur: VulDB

Samsung MobileWips App prior SMR Feb-2021 Release 1 denial of service

A vulnerability, which was classified as problematic, was found in Samsung MobileWips App. This affects some unknown processing. Upgrading to version SMR Feb-2021 Release 1 eliminates this vulnerability.
Auteur: VulDB

Microsoft Exchange Server 2013 CU23/2016 CU18/2016 CU19/2019 CU7/2019 CU8 Remote Privilege Escalation

A vulnerability has been found in Microsoft Exchange Server 2013 CU23/2016 CU18/2016 CU19/2019 CU7/2019 CU8 (Groupware Software) and classified as very critical. Applying a patch is able to eliminate this problem. A possible mitigation has been...
Auteur: VulDB

HarmonyOS 2.0 Filesystem denial of service

A vulnerability, which was classified as problematic, has been found in HarmonyOS 2.0. Affected by this issue is an unknown code block of the component Filesystem Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

HarmonyOS 2.0 Component API permission

A vulnerability classified as critical was found in HarmonyOS 2.0. Affected by this vulnerability is an unknown code of the component Component API. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.6.6 Project resource consumption

A vulnerability classified as problematic has been found in GitLab Community Edition and Enterprise Edition up to 12.6.6 (Bug Tracking Software). Affected is an unknown part of the component Project Handler. Upgrading to version 12.6.7 eliminates...
Auteur: VulDB

Dell EMC OpenManage Server Administrator up to 9.5 path traversal

A vulnerability was found in Dell EMC OpenManage Server Administrator up to 9.5. It has been rated as problematic. This issue affects some unknown functionality. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Dell EMC OpenManage Server Administrator 9.5 on Windows Distributed Web Server improper authentication

A vulnerability was found in Dell EMC OpenManage Server Administrator 9.5 on Windows. It has been declared as critical. This vulnerability affects an unknown functionality of the component Distributed Web Server. There is no information about...
Auteur: VulDB

GLPI 9.5.0/9.5.1/9.5.2/9.5.3 ajax/kanban.php cross site scripting

A vulnerability was found in GLPI 9.5.0/9.5.1/9.5.2/9.5.3 (Asset Management Software). It has been classified as problematic. This affects an unknown function of the file ajax/kanban.php. Upgrading to version 9.5.4 eliminates this vulnerability....
Auteur: VulDB
12345678910Last

Événements SSI