lundi 24 février 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Cisco Data Center Network Manager Web-based Management Interface cross site scripting

A vulnerability, which was classified as problematic, was found in Cisco Data Center Network Manager (the affected version unknown). This affects an unknown code of the component Web-based Management Interface. Upgrading eliminates this...
Auteur: VulDB

Cisco Data Center Network Manager REST API Endpoint privilege escalation

A vulnerability, which was classified as critical, has been found in Cisco Data Center Network Manager (affected version not known). Affected by this issue is an unknown part of the component REST API Endpoint. Upgrading eliminates this...
Auteur: VulDB

Cisco UCS C-Series Rack Servers 16.11 Signature Validation privilege escalation

A vulnerability classified as problematic was found in Cisco UCS C-Series Rack Servers 16.11. Affected by this vulnerability is some unknown functionality of the component Signature Validation. Upgrading eliminates this vulnerability.
Auteur: VulDB

TIBCO EBX up to 5.9.7 Web Server Stored cross site scripting

A vulnerability classified as problematic has been found in TIBCO EBX up to 5.9.7. Affected is an unknown functionality of the component Web Server. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

SilverStripe up to 4.3.3 GraphQL cross site request forgery

A vulnerability was found in SilverStripe up to 4.3.3. It has been rated as problematic. This issue affects an unknown function of the component GraphQL. Applying a patch is able to eliminate this problem.
Auteur: VulDB

SilverStripe up to 4.3.3 URL Tools denial of service

A vulnerability was found in SilverStripe up to 4.3.3. It has been declared as problematic. This vulnerability affects some unknown processing of the component URL Tools. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

WSO2 transport-http up to 6.3.0 Netty HTTP Response Response Splitting privilege escalation

A vulnerability was found in WSO2 transport-http up to 6.3.0. It has been classified as critical. This affects an unknown code block of the component Netty. Upgrading to version 6.3.1 eliminates this vulnerability.
Auteur: VulDB

IBM DB2 11.1/11.5 Command privilege escalation

A vulnerability was found in IBM DB2 11.1/11.5 (Database Software) and classified as critical. Affected by this issue is an unknown code of the component Command Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

IBM DB2 9.7/10.1/10.5/11.1/11.5 memory corruption [CVE-2020-4204]

A vulnerability has been found in IBM DB2 9.7/10.1/10.5/11.1/11.5 (Database Software) and classified as critical. Affected by this vulnerability is an unknown part. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

IBM DB2 10.5/11.1/11.5 Command denial of service

A vulnerability, which was classified as problematic, was found in IBM DB2 10.5/11.1/11.5 (Database Software). Affected is some unknown functionality of the component Command Handler. There is no information about possible countermeasures known....
Auteur: VulDB

IBM DB2 11.5 Command denial of service

A vulnerability, which was classified as problematic, has been found in IBM DB2 11.5 (Database Software). This issue affects an unknown functionality of the component Command Handler. There is no information about possible countermeasures known....
Auteur: VulDB

IBM DB2 9.7/10.1/10.5/11.1/11.5 Crafted Packet Memory Exhaustion denial of service

A vulnerability classified as problematic was found in IBM DB2 9.7/10.1/10.5/11.1/11.5 (Database Software). This vulnerability affects an unknown function. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

IBM Security Secret Server 10.7 Update weak authentication

A vulnerability classified as critical has been found in IBM Security Secret Server 10.7. This affects some unknown processing of the component Update Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

IBM Jazz Foundation up to 6.0.6.1 information disclosure [CVE-2019-4457]

A vulnerability was found in IBM Jazz Foundation up to 6.0.6.1. It has been rated as problematic. Affected by this issue is an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

IBM Maximo Asset Management 7.6.0/7.6.1 Web UI cross site scripting

A vulnerability was found in IBM Maximo Asset Management 7.6.0/7.6.1. It has been declared as problematic. Affected by this vulnerability is an unknown code of the component Web UI. There is no information about possible countermeasures known. It...
Auteur: VulDB

VMware Releases Security Updates for vRealize Operations for Horizon Adapter

Original release date: February 19, 2020VMware has released security updates to address multiple vulnerabilities in vRealize Operations for Horizon Adapter. A remote attacker could exploit some of these vulnerabilities to take control of an...
Auteur: US Cert

Critical Vulnerability in ThemeGrill Demo Importer Wordpress Plugin (CERT-EU Security Advisory 2020-009)

A critical vulnerability affecting the ThemeGrill Demo Importer plugin has been identified. Theme Grill Demo Importer is a plugin that can be used to import ThemeGrill official themes demo content, widgets and theme settings. The plugin is...
Auteur: Cert EU

ICE Hrm 26.2.0 User Creation service.php cross site request forgery

A vulnerability was found in ICE Hrm 26.2.0. It has been classified as problematic. Affected is an unknown part of the file service.php of the component User Creation. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ICE Hrm 26.2.0 Password Reset service.php cross site request forgery

A vulnerability was found in ICE Hrm 26.2.0 and classified as critical. This issue affects some unknown functionality of the file service.php of the component Password Reset. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Soplanning 1.45 export_ical.php users sql injection

A vulnerability has been found in Soplanning 1.45 and classified as critical. This vulnerability affects an unknown functionality of the file export_ical.php. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Soplanning 1.45 projets.php by sql injection

A vulnerability, which was classified as critical, was found in Soplanning 1.45. This affects an unknown function of the file projets.php?order=nom_createur. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Soplanning 1.45 process/xajax_server.php cross site request forgery

A vulnerability, which was classified as problematic, has been found in Soplanning 1.45. Affected by this issue is some unknown processing of the file process/xajax_server.php. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Soplanning 1.45 process/xajax_server.php cross site request forgery

A vulnerability classified as problematic was found in Soplanning 1.45. Affected by this vulnerability is an unknown code block of the file process/xajax_server.php. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

phpMyChat-Plus 1.98 deluser.php pmc_username sql injection

A vulnerability classified as critical has been found in phpMyChat-Plus 1.98. Affected is an unknown code of the file deluser.php. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

ESET Smart Security Premium prior 1296 Archive Support Module ZIP Archive privilege escalation

A vulnerability was found in ESET Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro, Cyber Security, Mobile Security for Android, Smart TV Security and NOD32 Antivirus 4 for Linux Desktop. It has been rated as...
Auteur: VulDB
12345678910Last

Événements SSI