samedi 6 juin 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

rConfig up to 3.9.4 snippets.inc.php sql injection

A vulnerability classified as critical has been found in rConfig up to 3.9.4. Affected is an unknown function of the file snippets.inc.php. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

rConfig up to 3.9.4 devices.inc.php sql injection

A vulnerability was found in rConfig up to 3.9.4. It has been rated as critical. This issue affects some unknown processing of the file devices.inc.php. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

rConfig 3.9.4 compliancepolicyelements.inc.php sql injection

A vulnerability was found in rConfig 3.9.4. It has been declared as critical. This vulnerability affects an unknown code block of the file compliancepolicyelements.inc.php. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

rConfig up to 3.9.4 compliancepolicies.inc.php sql injection

A vulnerability was found in rConfig up to 3.9.4. It has been classified as critical. This affects an unknown code of the file compliancepolicies.inc.php. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

ClearPass Policy Manager up to 6.7.13/6.8.5/6.9.0 Web UI Administrative Interface Command privilege escalation

A vulnerability was found in ClearPass Policy Manager up to 6.7.13/6.8.5/6.9.0 and classified as critical. Affected by this issue is an unknown part of the component Web UI Administrative Interface. Upgrading to version 6.7.13-HF, 6.8.5-HF, 6.8.6...
Auteur: VulDB

ClearPass Policy Manager up to 6.7.13/6.8.5/6.9.0 Web UI Administrative Interface Command privilege escalation

A vulnerability has been found in ClearPass Policy Manager up to 6.7.13/6.8.5/6.9.0 and classified as critical. Affected by this vulnerability is some unknown functionality of the component Web UI Administrative Interface. Upgrading to version...
Auteur: VulDB

ClearPass Policy Manager up to 6.7.13/6.8.5/6.9.0 Web Interface weak authentication

A vulnerability, which was classified as critical, was found in ClearPass Policy Manager up to 6.7.13/6.8.5/6.9.0. Affected is an unknown functionality of the component Web Interface. Upgrading to version 6.7.13-HF, 6.8.5-HF, 6.8.6 or 6.9.1...
Auteur: VulDB

Kibana up to 6.8.8/7.6.x TSVB Visualization Stored cross site scripting

A vulnerability, which was classified as problematic, has been found in Kibana up to 6.8.8/7.6.x. This issue affects an unknown function of the component TSVB Visualization. Upgrading to version 6.8.9 or 7.7.0 eliminates this vulnerability.
Auteur: VulDB

Elasticsearch up to 6.8.7/7.6.1 Incomplete Fix CVE-2020-7009 privilege escalation

A vulnerability classified as critical was found in Elasticsearch up to 6.8.7/7.6.1. This vulnerability affects some unknown processing of the component Incomplete Fix CVE-2020-7009. There is no information about possible countermeasures known....
Auteur: VulDB

Kibana up to 6.8.8/7.6.x TSVB Prototype privilege escalation

A vulnerability classified as critical has been found in Kibana up to 6.8.8/7.6.x. This affects an unknown code block of the component TSVB. Upgrading to version 6.8.9 or 7.7.0 eliminates this vulnerability.
Auteur: VulDB

Kibana up to 6.8.8/7.6.2 Upgrade Assistant Code privilege escalation

A vulnerability was found in Kibana up to 6.8.8/7.6.2. It has been rated as critical. Affected by this issue is an unknown code of the component Upgrade Assistant. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Elastic App Search up to 7.6.x Reference UI cross site scripting

A vulnerability was found in Elastic App Search up to 7.6.x. It has been declared as problematic. Affected by this vulnerability is an unknown part of the component Reference UI. Upgrading to version 7.7.0 eliminates this vulnerability.
Auteur: VulDB

Elastic Cloud on Kubernetes up to 1.0x Random Number Generator weak authentication

A vulnerability was found in Elastic Cloud on Kubernetes up to 1.0x. It has been classified as problematic. Affected is some unknown functionality of the component Random Number Generator. Upgrading to version 1.1.0 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 74.0.3729.108 Notification privilege escalation

A vulnerability was found in Google Chrome (Web Browser) and classified as critical. This issue affects an unknown functionality of the component Notification Handler. Upgrading to version 74.0.3729.108 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 74.0.3729.108 HTML Page information disclosure

A vulnerability has been found in Google Chrome (Web Browser) and classified as problematic. This vulnerability affects an unknown function. Upgrading to version 74.0.3729.108 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 80.0.3987.87 Security UI HTML Page spoofing

A vulnerability, which was classified as critical, was found in Google Chrome (Web Browser). This affects some unknown processing of the component Security UI. Upgrading to version 80.0.3987.87 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 80.0.3987.87 Content Security Policy HTML Page privilege escalation

A vulnerability, which was classified as critical, has been found in Google Chrome. Affected by this issue is an unknown code block of the component Content Security Policy. Upgrading to version 80.0.3987.87 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 80.0.3987.87 interstitials HTML Page Address spoofing

A vulnerability classified as critical was found in Google Chrome. Affected by this vulnerability is an unknown code of the component interstitials. Upgrading to version 80.0.3987.87 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 80.0.3987.87 AppCache HTML Page privilege escalation

A vulnerability classified as critical has been found in Google Chrome (Web Browser). Affected is an unknown part of the component AppCache. Upgrading to version 80.0.3987.87 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 83.0.4103.88 on iOS User Interface HTML Page Domain spoofing

A vulnerability was found in Google Chrome on iOS (Web Browser). It has been rated as critical. This issue affects some unknown functionality of the component User Interface. Upgrading to version 83.0.4103.88 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 83.0.4103.88 on iOS Omnibox Domain spoofing

A vulnerability was found in Google Chrome on iOS (Web Browser). It has been declared as critical. This vulnerability affects an unknown functionality of the component Omnibox. Upgrading to version 83.0.4103.88 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 83.0.4103.97 on macOS Payments HTML Page Use-After-Free memory corruption

A vulnerability was found in Google Chrome on macOS (Web Browser). It has been classified as critical. This affects an unknown function of the component Payments. Upgrading to version 83.0.4103.97 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 83.0.4103.97 Developer Tools Sandbox privilege escalation

A vulnerability was found in Google Chrome (Web Browser) and classified as critical. Affected by this issue is some unknown processing of the component Developer Tools. Upgrading to version 83.0.4103.97 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 83.0.4103.97 on Android Security UI HTML Page Address spoofing

A vulnerability has been found in Google Chrome on Android and classified as critical. Affected by this vulnerability is an unknown code block of the component Security UI. Upgrading to version 83.0.4103.97 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 83.0.4103.97 HTML Page Use-After-Free memory corruption

A vulnerability, which was classified as critical, was found in Google Chrome. Affected is an unknown code. Upgrading to version 83.0.4103.97 eliminates this vulnerability.
Auteur: VulDB
12345678910Last

Événements SSI