Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Car Seller Auto Classifieds Script Plugin up to 2.1.0 on WordPress POST Parameter request_list_request order_id sql injection

A vulnerability was found in Car Seller Auto Classifieds Script Plugin up to 2.1.0 on WordPress (WordPress Plugin) and classified as critical. Affected by this issue is the function request_list_request of the component POST Parameter Handler....
Auteur: VulDB

Redirection for Contact Form 7 Plugin up to 2.3.3 on WordPress wpcf7r_reset_settings authorization

A vulnerability has been found in Redirection for Contact Form 7 Plugin up to 2.3.3 on WordPress (WordPress Plugin) and classified as critical. Affected by this vulnerability is the function wpcf7r_reset_settings. Upgrading to version 2.3.4...
Auteur: VulDB

Redirection for Contact Form 7 Plugin up to 2.3.3 on WordPress AJAX Action delete_action_post authorization

A vulnerability, which was classified as problematic, was found in Redirection for Contact Form 7 Plugin up to 2.3.3 on WordPress (WordPress Plugin). Affected is the function delete_action_post of the component AJAX Action Handler. Upgrading to...
Auteur: VulDB

Redirection for Contact Form 7 Plugin up to 2.3.3 on WordPress AJAX Action import_from_debug authorization

A vulnerability, which was classified as critical, has been found in Redirection for Contact Form 7 Plugin up to 2.3.3 on WordPress (WordPress Plugin). This issue affects the function import_from_debug of the component AJAX Action Handler....
Auteur: VulDB

Redirection for Contact Form 7 Plugin up to 2.3.3 on WordPress AJAX Action wpcf7r_get_nonce authorization

A vulnerability classified as problematic was found in Redirection for Contact Form 7 Plugin up to 2.3.3 on WordPress (WordPress Plugin). This vulnerability affects the function wpcf7r_get_nonce of the component AJAX Action Handler. Upgrading to...
Auteur: VulDB

Google TensorFlow up to 2.1.3/2.2.2/2.3.2/2.4.1 TFLite Operator divide by zero

A vulnerability classified as problematic has been found in Google TensorFlow up to 2.1.3/2.2.2/2.3.2/2.4.1 (Artificial Intelligence Software). This affects an unknown functionality of the component TFLite Operator Handler. Upgrading to version...
Auteur: VulDB

Google TensorFlow up to 2.1.3/2.2.2/2.3.2/2.4.1 TFLite Operator space_to_depth.cc divide by zero

A vulnerability was found in Google TensorFlow up to 2.1.3/2.2.2/2.3.2/2.4.1 (Artificial Intelligence Software). It has been rated as problematic. Affected by this issue is an unknown function of the file lite/kernels/space_to_depth.cc of the...
Auteur: VulDB

Google TensorFlow up to 2.1.3/2.2.2/2.3.2/2.4.1 fractional_avg_pool_op.cc tf.raw_ops.FractionalAvgPool output_length denial of service

A vulnerability was found in Google TensorFlow up to 2.1.3/2.2.2/2.3.2/2.4.1 (Artificial Intelligence Software). It has been declared as problematic. Affected by this vulnerability is the function tf.raw_ops.FractionalAvgPool of the file...
Auteur: VulDB

Login as User or Customer Plugin up to 1.7 on Wordpress AJAX Action cp_plugins_do_button_job_later_callback improper authorization

A vulnerability was found in Login as User or Customer Plugin up to 1.7 on Wordpress (WordPress Plugin). It has been classified as critical. Affected is the function cp_plugins_do_button_job_later_callback of the component AJAX Action Handler....
Auteur: VulDB

Visitor Traffic Real Time Statistics Plugin up to 2.11 on WordPress AJAX Action cp_plugins_do_button_job_later_callback Remote Privilege Escalation

A vulnerability was found in Visitor Traffic Real Time Statistics Plugin up to 2.11 on WordPress (WordPress Plugin) and classified as critical. This issue affects the function cp_plugins_do_button_job_later_callback of the component AJAX Action...
Auteur: VulDB

Tree Sitemap Plugin up to 2.8 on WordPress AJAX Action cp_plugins_do_button_job_later_callback improper authorization

A vulnerability has been found in Tree Sitemap Plugin up to 2.8 on WordPress (WordPress Plugin) and classified as critical. This vulnerability affects the function cp_plugins_do_button_job_later_callback of the component AJAX Action Handler....
Auteur: VulDB

IBM Cloud Pak for Security 1.4.0.0/1.5.0.0/1.5.0.1/1.6.0.0/1.6.0.1 HTTP Request injection

A vulnerability, which was classified as problematic, was found in IBM Cloud Pak for Security 1.4.0.0/1.5.0.0/1.5.0.1/1.6.0.0/1.6.0.1 (Cloud Software). This affects some unknown functionality of the component HTTP Request Handler. There is no...
Auteur: VulDB

IBM QRadar User Behavior Analytics up to 4.0.1 Web UI cross site scripting

A vulnerability, which was classified as problematic, has been found in IBM QRadar User Behavior Analytics up to 4.0.1 (Log Management Software). Affected by this issue is an unknown functionality of the component Web UI. There is no information...
Auteur: VulDB

IBM QRadar User Behavior Analytics up to 4.1.0 Cache information disclosure

A vulnerability classified as problematic was found in IBM QRadar User Behavior Analytics up to 4.1.0 (Log Management Software). Affected by this vulnerability is an unknown function of the component Cache Handler. There is no information about...
Auteur: VulDB

IBM Planning Analytics 2.0 Query information disclosure

A vulnerability classified as problematic has been found in IBM Planning Analytics 2.0. Affected is some unknown processing of the component Query Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

LAOBANCMS 2.0 admin/info.php Homepage Introduction cross site scripting

A vulnerability was found in LAOBANCMS 2.0. It has been rated as problematic. This issue affects an unknown code block of the file admin/info.php?shuyu. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Linux Kernel up to 5.12.3 Bluetooth hci_event.c use after free

A vulnerability was found in Linux Kernel up to 5.12.3 (Operating System). It has been declared as critical. This vulnerability affects an unknown code of the file net/bluetooth/hci_event.c of the component Bluetooth Handler. Upgrading to version...
Auteur: VulDB

Linux Kernel up to 5.11.13 DOI Definition net/ipv4/cipso_ipv4.c cipso_v4_genopt use after free

A vulnerability was found in Linux Kernel up to 5.11.13 (Operating System). It has been classified as critical. This affects the function cipso_v4_genopt of the file net/ipv4/cipso_ipv4.c of the component DOI Definition Handler. Upgrading to...
Auteur: VulDB

Google TensorFlow up to 2.4.x tf.raw_ops.ImmutableConst numeric conversion

A vulnerability was found in Google TensorFlow up to 2.4.x (Artificial Intelligence Software) and classified as critical. Upgrading to version 2.5.0 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is...
Auteur: VulDB

IBM Cloud Pak for Security 1.4.0.0/1.5.0.0/1.5.0.1/1.6.0.0/1.6.0.1 protection mechanism

A vulnerability has been found in IBM Cloud Pak for Security 1.4.0.0/1.5.0.0/1.5.0.1/1.6.0.0/1.6.0.1 (Cloud Software) and classified as critical. Affected by this vulnerability is an unknown functionality. There is no information about possible...
Auteur: VulDB

DeDeCMS 5.7 SP2 action_search.php keyword cross site scripting

A vulnerability, which was classified as problematic, was found in DeDeCMS 5.7 SP2 (Content Management System). Affected is an unknown function of the file /uploads/dede/action_search.php. There is no information about possible countermeasures...
Auteur: VulDB

Backdoor.Win32.Agent.cy Service Port 1111 Spoolsw.exe hard-coded credentials

A vulnerability, which was classified as critical, has been found in Backdoor.Win32.Agent.cy (Remote Access Software) (unknown version). This issue affects some unknown processing of the file Spoolsw.exe of the component Service Port 1111....
Auteur: VulDB

LAOBANCMS 2.0 unrestricted upload [CVE-2020-18166]

A vulnerability classified as critical was found in LAOBANCMS 2.0. This vulnerability affects an unknown code block of the file admin/wenjian.php?wj=../templets/pc. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Backdoor.Win32.Antilam.14.d Service Port 47891 backdoor

A vulnerability classified as critical has been found in Backdoor.Win32.Antilam.14.d (Remote Access Software) (the affected version unknown). This affects an unknown code of the component Service Port 47891. It is possible to mitigate the...
Auteur: VulDB

Google TensorFlow up to 2.1.3/2.2.2/2.3.2/2.4.1 decode_padded_raw_op.cc tf.io.decode_raw initialization

A vulnerability was found in Google TensorFlow up to 2.1.3/2.2.2/2.3.2/2.4.1 (Artificial Intelligence Software). It has been rated as critical. Affected by this issue is the function tf.io.decode_raw of the file...
Auteur: VulDB
12345678910Last

Événements SSI