lundi 6 juillet 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

nDPI up to 3.2 Oracle Protocol Dissector lib/protocols/oracle.c ndpi_search_oracle memory corruption

A vulnerability, which was classified as critical, has been found in nDPI up to 3.2. This issue affects the function ndpi_search_oracle in the library lib/protocols/oracle.c of the component Oracle Protocol Dissector. There is no information...
Auteur: VulDB

nDPI up to 3.2 lib/ndpi_main.c ndpi_reset_packet_line_info Packet memory corruption

A vulnerability classified as critical was found in nDPI up to 3.2. This vulnerability affects the function ndpi_reset_packet_line_info in the library lib/ndpi_main.c. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

nDPI up to 3.2 lib/protocols/tls.c extractRDNSequence memory corruption

A vulnerability classified as critical has been found in nDPI up to 3.2. This affects the function extractRDNSequence in the library lib/protocols/tls.c. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

nDPI up to 3.2 OpenVPN Dissector lib/protocols/openvpn.c ndpi_search_openvpn memory corruption

A vulnerability was found in nDPI up to 3.2. It has been rated as critical. Affected by this issue is the function ndpi_search_openvpn in the library lib/protocols/openvpn.c of the component OpenVPN Dissector. There is no information about...
Auteur: VulDB

nDPI up to 3.2 H.323 Dissector lib/protocols/h323.c ndpi_search_h323 Packet memory corruption

A vulnerability was found in nDPI up to 3.2. It has been declared as critical. Affected by this vulnerability is the function ndpi_search_h323 in the library lib/protocols/h323.c of the component H.323 Dissector. There is no information about...
Auteur: VulDB

nDPI up to 3.2 lib/ndpi_main.c ndpi_parse_packet_line_info Packet memory corruption

A vulnerability was found in nDPI up to 3.2. It has been classified as critical. Affected is the function ndpi_parse_packet_line_info in the library lib/ndpi_main.c. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ffjpeg up to 2020-02-24 jfif.c jfif_decode memory corruption

A vulnerability was found in ffjpeg up to 2020-02-24 and classified as critical. This issue affects the function jfif_decode of the file jfif.c. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Persian VIP Download Script 1.0 cart_edit.php active sql injection

A vulnerability has been found in Persian VIP Download Script 1.0 and classified as critical. This vulnerability affects an unknown code block of the file cart_edit.php. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

OCS Inventory NG 2.7 CommandLine.php mib_file command injection

A vulnerability, which was classified as critical, was found in OCS Inventory NG 2.7. This affects an unknown code of the file require/commandLine/CommandLine.php. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

PowerDNS Recursor up to 4.1.16/4.2.2/4.3.1 Web Server privilege escalation

A vulnerability, which was classified as critical, has been found in PowerDNS Recursor up to 4.1.16/4.2.2/4.3.1. Affected by this issue is an unknown part of the component Web Server. There is no information about possible countermeasures known....
Auteur: VulDB

Atlassian JIRA Server/Data Center up to 8.9.0 Quick Search cross site scripting

A vulnerability classified as problematic was found in Atlassian JIRA Server and Data Center up to 8.9.0. Affected by this vulnerability is some unknown functionality of the component Quick Search. Upgrading to version 8.9.1 eliminates this...
Auteur: VulDB

Atlassian JIRA Server/Data Center up to 7.13.15/8.5.6/8.8.1/8.9.0 Email Client Man-in-the-Middle privilege escalation

A vulnerability classified as critical has been found in Atlassian JIRA Server and Data Center up to 7.13.15/8.5.6/8.8.1/8.9.0. Affected is an unknown functionality of the component Email Client. Upgrading to version 7.13.16, 8.5.7, 8.8.2 or...
Auteur: VulDB

Atlassian JIRA Server/Data Center up to 7.13.3/8.5.4/8.8.1/8.9.0 denial of service

A vulnerability was found in Atlassian JIRA Server and Data Center up to 7.13.3/8.5.4/8.8.1/8.9.0 (Bug Tracking Software). It has been rated as problematic. This issue affects an unknown function. Upgrading to version 7.13.4, 8.5.5, 8.8.2 or...
Auteur: VulDB

Atlassian Jira Service Desk Server/Data Center up to 4.9.x portals HTML File cross site scripting

A vulnerability was found in Atlassian Jira Service Desk Server and Data Center up to 4.9.x (Bug Tracking Software). It has been declared as problematic. This vulnerability affects some unknown processing of the file...
Auteur: VulDB

Atlassian JIRA Server/Data Center up to 8.8.x UniversalAvatarResource.getAvatars information disclosure

A vulnerability was found in Atlassian JIRA Server and Data Center up to 8.8.x (Bug Tracking Software). It has been classified as problematic. This affects an unknown code block of the file UniversalAvatarResource.getAvatars. Upgrading to version...
Auteur: VulDB

Atlassian JIRA Server/Data Center up to 8.8.1 WYSIWYG Editor cross site scripting

A vulnerability was found in Atlassian JIRA Server and Data Center up to 8.8.1 (Bug Tracking Software) and classified as problematic. Affected by this issue is an unknown code of the component WYSIWYG Editor. Upgrading to version 8.8.2 eliminates...
Auteur: VulDB

Monsta FTP up to 2.10.1 Code Execution [CVE-2020-14057]

A vulnerability has been found in Monsta FTP up to 2.10.1 and classified as critical. Affected by this vulnerability is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Monsta FTP up to 2.10.1 Server-Side Request Forgery [CVE-2020-14056]

A vulnerability, which was classified as critical, was found in Monsta FTP up to 2.10.1. Affected is some unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected object with...
Auteur: VulDB

Monsta FTP up to 2.10.1 Language Setting Stored cross site scripting

A vulnerability, which was classified as problematic, has been found in Monsta FTP up to 2.10.1. This issue affects an unknown functionality of the component Language Setting Handler. There is no information about possible countermeasures known....
Auteur: VulDB

Locutus PHP up to 2.0.11 php/exec/escapeshellarg Code Execution

A vulnerability classified as critical was found in Locutus PHP up to 2.0.11 (Programming Language Software). This vulnerability affects an unknown function of the file php/exec/escapeshellarg. There is no information about possible...
Auteur: VulDB

openSIS up to 7.4 Directory directory traversal

A vulnerability classified as critical has been found in openSIS up to 7.4. This affects some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative...
Auteur: VulDB

openSIS up to 7.4 Access Control privilege escalation

A vulnerability was found in openSIS up to 7.4. It has been rated as critical. Affected by this issue is an unknown code block of the component Access Control. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

openSIS up to 7.4 sql injection [CVE-2020-13381]

A vulnerability was found in openSIS up to 7.4. It has been declared as critical. Affected by this vulnerability is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

openSIS up to 7.3 sql injection [CVE-2020-13380]

A vulnerability was found in openSIS up to 7.3. It has been classified as critical. Affected is an unknown part. Upgrading to version 7.4 eliminates this vulnerability.
Auteur: VulDB

Envoy 1.12.4/1.13.2/1.14.2 HTTP 1.1 Long URL Memory Exhaustion denial of service

A vulnerability was found in Envoy 1.12.4/1.13.2/1.14.2 and classified as problematic. This issue affects some unknown functionality of the component HTTP 1.1 Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB
12345678910Last

Événements SSI