dimanche 16 février 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Artica Pandora FMS 7.0 functions_netflow.php Shell Metacharacter privilege escalation

A vulnerability, which was classified as critical, was found in Artica Pandora FMS 7.0. This affects an unknown function of the file functions_netflow.php. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Netis WF2471 1.2.30142 sys_log_clean.cgi log_3g_type privilege escalation

A vulnerability, which was classified as critical, has been found in Netis WF2471 1.2.30142. Affected by this issue is some unknown processing of the file /cgi-bin-igd/sys_log_clean.cgi. There is no information about possible countermeasures...
Auteur: VulDB

proglottis Go Wrapper up to 0.1.0 on GPGME Use-After-Free memory corruption

A vulnerability classified as critical was found in proglottis Go Wrapper up to 0.1.0 on GPGME. Affected by this vulnerability is an unknown code block. Upgrading to version 0.1.1 eliminates this vulnerability.
Auteur: VulDB

CHIYU BF-430 232/485 TCP-IP Converter up to 1.15.x /if.cgi TF_submask cross site scripting

A vulnerability classified as problematic has been found in CHIYU BF-430 232 and 485 TCP-IP Converter up to 1.15.x. Affected is an unknown code of the file /if.cgi. Upgrading to version 1.16.00 eliminates this vulnerability.
Auteur: VulDB

IKTeam BearFTP up to 0.3.0 Connection Packet Slowloris denial of service

A vulnerability was found in IKTeam BearFTP up to 0.3.0. It has been rated as problematic. This issue affects an unknown part of the component Connection Handler. Upgrading to version 0.3.1 eliminates this vulnerability.
Auteur: VulDB

Istio up to 1.4.3 weak authentication [CVE-2020-8595]

A vulnerability was found in Istio up to 1.4.3. It has been declared as critical. This vulnerability affects some unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Dovecot 2.3.9.0/2.3.9.1/2.3.9.2 IMAP/LMTP denial of service

A vulnerability was found in Dovecot 2.3.9.0/2.3.9.1/2.3.9.2 (Mail Server Software). It has been classified as problematic. This affects an unknown functionality of the component IMAP/LMTP. Upgrading to version 2.3.9.3 eliminates this...
Auteur: VulDB

Dovecot 2.3.9.0/2.3.9.1/2.3.9.2 Submission-Login Loop denial of service

A vulnerability was found in Dovecot 2.3.9.0/2.3.9.1/2.3.9.2 (Mail Server Software) and classified as problematic. Affected by this issue is an unknown function of the component Submission-Login. Upgrading to version 2.3.9.3 eliminates this...
Auteur: VulDB

Applatix Plugin up to 1.1 on Jenkins config.xml information disclosure

A vulnerability has been found in Applatix Plugin up to 1.1 on Jenkins (Jenkins Plugin) and classified as problematic. Affected by this vulnerability is some unknown processing of the file config.xml. There is no information about possible...
Auteur: VulDB

Parasoft Environment Manager Plugin up to 2.14 on Jenkins config.xml information disclosure

A vulnerability, which was classified as problematic, was found in Parasoft Environment Manager Plugin up to 2.14 on Jenkins (Jenkins Plugin). Affected is an unknown code block of the file config.xml. There is no information about possible...
Auteur: VulDB

Harvest SCM Plugin up to 0.5.1 on Jenkins config.xml information disclosure

A vulnerability, which was classified as problematic, has been found in Harvest SCM Plugin up to 0.5.1 on Jenkins (Supply Chain Management Software). This issue affects an unknown code of the file config.xml. There is no information about...
Auteur: VulDB

Harvest SCM Plugin up to 0.5.1 on Jenkins Global Configuration Password information disclosure

A vulnerability classified as problematic was found in Harvest SCM Plugin up to 0.5.1 on Jenkins. This vulnerability affects an unknown part of the component Global Configuration. There is no information about possible countermeasures known. It...
Auteur: VulDB

Eagle Tester Plugin up to 1.0.9 on Jenkins Global Configuration Password information disclosure

A vulnerability classified as problematic has been found in Eagle Tester Plugin up to 1.0.9 on Jenkins. This affects some unknown functionality of the component Global Configuration. There is no information about possible countermeasures known....
Auteur: VulDB

ECX Copy Data Management Plugin up to 1.9 on Jenkins config.xml information disclosure

A vulnerability was found in ECX Copy Data Management Plugin up to 1.9 on Jenkins. It has been rated as problematic. Affected by this issue is an unknown functionality of the file config.xml. There is no information about possible countermeasures...
Auteur: VulDB

BMC Release Package and Deployment Plugin up to 1.1 on Jenkins Global Configuration Credentials information disclosure

A vulnerability was found in BMC Release Package and Deployment Plugin up to 1.1 on Jenkins. It has been declared as problematic. Affected by this vulnerability is an unknown function of the component Global Configuration. There is no information...
Auteur: VulDB

DigitalOcean Plugin up to 1.1 on Jenkins config.xml information disclosure

A vulnerability was found in DigitalOcean Plugin up to 1.1 on Jenkins. It has been classified as problematic. Affected is some unknown processing of the file config.xml. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Debian Package Builder Plugin up to 1.6.11 on Jenkins Global Configuration information disclosure

A vulnerability was found in Debian Package Builder Plugin up to 1.6.11 on Jenkins and classified as problematic. This issue affects an unknown code block of the component Global Configuration. There is no information about possible...
Auteur: VulDB

Dynamic Extended Choice Parameter Plugin up to 1.0.1 on Jenkins config.xml information disclosure

A vulnerability has been found in Dynamic Extended Choice Parameter Plugin up to 1.0.1 on Jenkins and classified as problematic. This vulnerability affects an unknown code of the file config.xml. There is no information about possible...
Auteur: VulDB

RadarGun Plugin up to 1.7 on Jenkins YAML Parser Remote Code Execution

A vulnerability, which was classified as critical, was found in RadarGun Plugin up to 1.7 on Jenkins. This affects an unknown part of the component YAML Parser. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Brakeman Plugin up to 0.12 on Jenkins JSON File Stored cross site scripting

A vulnerability, which was classified as problematic, has been found in Brakeman Plugin up to 0.12 on Jenkins. Affected by this issue is some unknown functionality of the component JSON File Handler. There is no information about possible...
Auteur: VulDB

Google Kubernetes Engine Plugin up to 0.8.0 on Jenkins YAML Parser Remote Code Execution

A vulnerability classified as critical was found in Google Kubernetes Engine Plugin up to 0.8.0 on Jenkins. Affected by this vulnerability is an unknown functionality of the component YAML Parser. There is no information about possible...
Auteur: VulDB

FitNesse Plugin up to 1.30 on Jenkins XML Parser XML External Entity

A vulnerability classified as critical has been found in FitNesse Plugin up to 1.30 on Jenkins. Affected is an unknown function of the component XML Parser. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Azure AD Plugin up to 1.1.2 on Jenkins Configuration Credentials weak encryption

A vulnerability was found in Azure AD Plugin up to 1.1.2 on Jenkins. It has been rated as problematic. This issue affects some unknown processing of the component Configuration Handler. There is no information about possible countermeasures...
Auteur: VulDB

Pipeline GitHub Notify Step Plugin up to 1.0.4 on Jenkins Permission Check privilege escalation

A vulnerability was found in Pipeline GitHub Notify Step Plugin up to 1.0.4 on Jenkins. It has been declared as critical. This vulnerability affects an unknown code block of the component Permission Check. There is no information about possible...
Auteur: VulDB

Pipeline GitHub Notify Step Plugin up to 1.0.4 on Jenkins Permission Check privilege escalation

A vulnerability was found in Pipeline GitHub Notify Step Plugin up to 1.0.4 on Jenkins. It has been classified as critical. This affects an unknown code of the component Permission Check. There is no information about possible countermeasures...
Auteur: VulDB
12345678910Last

Événements SSI