Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Atlassian JIRA Server/Data Center up to 8.5.11/8.13.3/8.15.0 Issue Navigation/Search View cross site scripting

A vulnerability classified as problematic has been found in Atlassian JIRA Server and Data Center up to 8.5.11/8.13.3/8.15.0 (Bug Tracking Software). This affects an unknown function of the component Issue Navigation/Search View. Upgrading to...
Auteur: VulDB

Monica up to 2.19.0 Journal Page cross site scripting

A vulnerability was found in Monica up to 2.19.0. It has been rated as problematic. Affected by this issue is some unknown processing of the component Journal Page. Upgrading to version 2.19.1 eliminates this vulnerability. The upgrade is hosted...
Auteur: VulDB

Group Office 6.4.196 Parameter SET_LANGUAGE cross site scripting

A vulnerability was found in Group Office 6.4.196. It has been declared as problematic. Affected by this vulnerability is an unknown code block of the component Parameter Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

Group Office 6.4.196 Contact Page cross site scripting

A vulnerability was found in Group Office 6.4.196. It has been classified as problematic. Affected is an unknown code of the component Contact Page. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

LavaLite 5.8.0 Address cross site scripting

A vulnerability was found in LavaLite 5.8.0 and classified as problematic. This issue affects an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative...
Auteur: VulDB

Backdoor.Win32.Zombam.h HTTP GET Request buffer overflow

A vulnerability has been found in Backdoor.Win32.Zombam.h (Remote Access Software) (the affected version is unknown) and classified as critical. This vulnerability affects some unknown functionality of the component HTTP GET Request Handler....
Auteur: VulDB

Multilaser AC1200 02.03.01.45_pt cross-site request forgery [CVE-2021-31152]

A vulnerability, which was classified as problematic, was found in Multilaser AC1200 02.03.01.45_pt. This affects an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Razer Synapse 3 File Name unknown vulnerability [CVE-2021-30494]

A vulnerability, which was classified as problematic, has been found in Razer Synapse 3. Affected by this issue is an unknown function of the component File Name Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Razer Synapse 3 File Name unknown vulnerability [CVE-2021-30493]

A vulnerability classified as problematic was found in Razer Synapse 3. Affected by this vulnerability is some unknown processing of the component File Name Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

OpenJPEG 2.4.0 Command Line Option ImgDir integer overflow

A vulnerability classified as problematic has been found in OpenJPEG 2.4.0 (Image Processing Software). Affected is an unknown code block of the component Command Line Option Handler. There is no information about possible countermeasures known....
Auteur: VulDB

GPAC 0.5.2 MP4 File isomedia/track.c MergeTrack null pointer dereference

A vulnerability was found in GPAC 0.5.2. It has been rated as problematic. This issue affects the function MergeTrack of the file isomedia/track.c of the component MP4 File Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

Forescout CounterACT up to 8.1.3 SecureConnector symlink

A vulnerability was found in Forescout CounterACT up to 8.1.3. It has been declared as critical. This vulnerability affects an unknown part of the file %PROGRAMDATA%\ForeScout SecureConnector\ of the component SecureConnector. Upgrading to...
Auteur: VulDB

Appspace 6.2.4 /medianet/mail.aspx improper authentication

A vulnerability was found in Appspace 6.2.4. It has been classified as critical. This affects some unknown functionality of the file /medianet/mail.aspx. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

libexif 0.6.22 JPG File actions.c denial of service

A vulnerability was found in libexif 0.6.22 and classified as problematic. Affected by this issue is an unknown functionality of the file actions.c of the component JPG File Handler. There is no information about possible countermeasures known....
Auteur: VulDB

Tenda G1/G3 15.11.0.17 formDelPortMapping portMappingIndex buffer overflow

A vulnerability has been found in Tenda G1 and G3 15.11.0.17 and classified as critical. Affected by this vulnerability is the function formDelPortMapping. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Tenda G1/G3 15.11.0.17(9502)_CN formIPMacBindDel IPMacBindIndex buffer overflow

A vulnerability, which was classified as critical, was found in Tenda G1 and G3 15.11.0.17(9502)_CN. Affected is the function formIPMacBindDel. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Tenda G1/G3 15.11.0.17(9502)_CN formQOSRuleDel qosIndex buffer overflow

A vulnerability, which was classified as critical, has been found in Tenda G1 and G3 15.11.0.17(9502)_CN. This issue affects the function formQOSRuleDel. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

SAP Setup 9.0 Installation unquoted search path

A vulnerability classified as critical was found in SAP Setup 9.0. This vulnerability affects an unknown code of the component Installation Handler. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

SAP NetWeaver ABAP Server/ABAP Platform 7.10 up to 7.50 Process Integration xml external entity reference

A vulnerability classified as problematic has been found in SAP NetWeaver ABAP Server and ABAP Platform 7.10 up to 7.50 (Solution Stack Software). This affects an unknown part of the component Process Integration Handler. There is no information...
Auteur: VulDB

SAP NetWeaver ABAP Server/ABAP Platform 7.10/7.30/7.31/7.40/7.50 Process Integration access control

A vulnerability was found in SAP NetWeaver ABAP Server and ABAP Platform 7.10/7.30/7.31/7.40/7.50 (Solution Stack Software). It has been rated as critical. Affected by this issue is some unknown functionality of the component Process Integration...
Auteur: VulDB

X2Engine X2CRM 7.1 /profile/activity Comment cross site scripting

A vulnerability was found in X2Engine X2CRM 7.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /profile/activity. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Online Reviewer System up to 1.0 sql injection [CVE-2021-27130]

A vulnerability was found in Online Reviewer System up to 1.0 (Feedback Software). It has been classified as critical. Affected is an unknown function. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

D-Link DIR-816 A2 1.10 B05 /goform/addassignment s_ip/s_mac stack-based overflow

A vulnerability was found in D-Link DIR-816 A2 1.10 B05 (Router Operating System) and classified as critical. This issue affects some unknown processing of the file /goform/addassignment. There is no information about possible countermeasures...
Auteur: VulDB

D-Link DIR-816 A2 1.10 B05 HTTP Request /goform/addRouting os command injection

A vulnerability has been found in D-Link DIR-816 A2 1.10 B05 (Router Operating System) and classified as critical. This vulnerability affects an unknown code block of the file /goform/addRouting of the component HTTP Request Handler. There is no...
Auteur: VulDB

Priority Enterprise Management System 8.00 Reset Password Page cross site scripting

A vulnerability, which was classified as problematic, was found in Priority Enterprise Management System 8.00. This affects an unknown code of the component Reset Password Page. There is no information about possible countermeasures known. It may...
Auteur: VulDB
12345678910Last

Événements SSI