Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

IBM UrbanCode Deploy 6.2.7.3/6.2.7.4/7.0.3.0/7.0.4.0 XML Data XML External Entity

A vulnerability was found in IBM UrbanCode Deploy 6.2.7.3/6.2.7.4/7.0.3.0/7.0.4.0. It has been declared as critical. Affected by this vulnerability is an unknown code block of the component XML Data Handler. There is no information about possible...
Auteur: VulDB

IBM Security Identity Governance and Intelligence 5.2.6 information disclosure

A vulnerability was found in IBM Security Identity Governance and Intelligence 5.2.6 (Access Management Software). It has been classified as problematic. Affected is an unknown code. There is no information about possible countermeasures known....
Auteur: VulDB

User-Friendly SVN up to 1.0.8 SVN Log cross site scripting

A vulnerability was found in User-Friendly SVN up to 1.0.8 and classified as problematic. This issue affects an unknown part of the component SVN Log Handler. Upgrading to version 1.0.9 eliminates this vulnerability.
Auteur: VulDB

LilyPond up to 2.20.0/2.21.4 define-stencil-commands.scm privilege escalation

A vulnerability has been found in LilyPond up to 2.20.0/2.21.4 and classified as critical. This vulnerability affects some unknown functionality of the file scm/define-stencil-commands.scm. There is no information about possible countermeasures...
Auteur: VulDB

PgHero Gem up to 2.6.0 on Ruby cross site request forgery [CVE-2020-16253]

A vulnerability, which was classified as problematic, was found in PgHero Gem up to 2.6.0 on Ruby (Ruby Gem). This affects an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Field Test Gem up to 0.2.0 on Ruby cross site request forgery

A vulnerability, which was classified as problematic, has been found in Field Test Gem up to 0.2.0 on Ruby (Ruby Gem). Affected by this issue is an unknown function. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Xorg-server up to 1.20.8 X Client Memory information disclosure

A vulnerability classified as problematic was found in Xorg-server up to 1.20.8. Affected by this vulnerability is some unknown processing of the component X Client Handler. Upgrading to version 1.20.9 eliminates this vulnerability.
Auteur: VulDB

libX11 up to 1.6.9 XIM Client Integer Overflow memory corruption

A vulnerability classified as critical has been found in libX11 up to 1.6.9. Affected is an unknown code block of the component XIM Client. Upgrading to version 1.6.10 eliminates this vulnerability.
Auteur: VulDB

Apache SkyWalking H2/MySQL/TiDB Wildcard sql injection

A vulnerability was found in Apache SkyWalking (unknown version). It has been rated as critical. This issue affects an unknown code of the component H2/MySQL/TiDB. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Extreme EAC Appliance 8.4.1.24 GET Request Reflected cross site scripting

A vulnerability was found in Extreme EAC Appliance 8.4.1.24. It has been declared as problematic. This vulnerability affects an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Aerospike Community Edition 4.9.0.5 UDF os.execute() Code Execution

A vulnerability was found in Aerospike Community Edition 4.9.0.5. It has been classified as critical. This affects the function os.execute() of the component UDF Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

CERTFR-2020-AVI-485 : Multiples vulnérabilités dans le noyau Linux d’Ubuntu (05 août 2020)

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer une exécution de code arbitraire et un contournement de la politique de sécurité.

Auteur: Cert FR

DaviewIndy Image File Daview.exe Code Execution memory corruption

A vulnerability was found in DaviewIndy (affected version not known) and classified as critical. Affected by this issue is an unknown functionality of the file Daview.exe of the component Image File Handler. There is no information about possible...
Auteur: VulDB

DaviewIndy Image File Daview.exe Heap-based memory corruption

A vulnerability has been found in DaviewIndy (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown function of the file Daview.exe of the component Image File Handler. There is no information about...
Auteur: VulDB

ZoneAlarm Anti-Ransomware prior 1.0.713 Report race condition privilege escalation

A vulnerability, which was classified as critical, was found in ZoneAlarm Anti-Ransomware (Firewall Software). Affected is some unknown processing of the component Report Handler. Upgrading to version 1.0.713 eliminates this vulnerability.
Auteur: VulDB

IBM Spectrum Protect Plus up to 10.1.6 on Windows Agent File denial of service

A vulnerability, which was classified as problematic, has been found in IBM Spectrum Protect Plus up to 10.1.6 on Windows (Backup Software). This issue affects an unknown code block of the component Agent File Handler. There is no information...
Auteur: VulDB

IBM Jazz Foundation/Engineering Web UI cross site scripting [CVE-2020-4542]

A vulnerability classified as problematic was found in IBM Jazz Foundation and Engineering (Programming Tool Software) (the affected version is unknown). This vulnerability affects an unknown code of the component Web UI. There is no information...
Auteur: VulDB

IBM Jazz Foundation/Engineering Web UI cross site scripting [CVE-2020-4525]

A vulnerability classified as problematic has been found in IBM Jazz Foundation and Engineering (Programming Tool Software) (the affected version unknown). This affects an unknown part of the component Web UI. There is no information about...
Auteur: VulDB

IBM Security Verify Access 10.7 Default Key weak encryption

A vulnerability was found in IBM Security Verify Access 10.7. It has been rated as problematic. Affected by this issue is some unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

IBM Jazz Foundation/Engineering Attachment HTTP GET Request information disclosure

A vulnerability was found in IBM Jazz Foundation and Engineering (Programming Tool Software) (affected version unknown). It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Attachment...
Auteur: VulDB

IBM Jazz Foundation/Engineering Web UI cross site scripting [CVE-2020-4396]

A vulnerability was found in IBM Jazz Foundation and Engineering (Programming Tool Software) (version unknown). It has been classified as problematic. Affected is an unknown function of the component Web UI. There is no information about possible...
Auteur: VulDB

Extreme Networks Extreme Management Center prior 8.5.0.169 Extreme Analytics GET Request Reflected cross site scripting

A vulnerability was found in Extreme Networks Extreme Management Center and classified as problematic. This issue affects some unknown processing of the component Extreme Analytics. Upgrading to version 8.5.0.169 eliminates this vulnerability.
Auteur: VulDB

Firecracker 0.20.0/0.21.0/0.21.1 Network Stack Flooding denial of service

A vulnerability has been found in Firecracker 0.20.0/0.21.0/0.21.1 and classified as problematic. This vulnerability affects an unknown code block of the component Network Stack. Upgrading to version 0.20.1 or 0.21.2 eliminates this vulnerability.
Auteur: VulDB

Delta Industrial Automation CNCSoft ScreenEditor up to 1.01.23 Project File Uninitialized Memory memory corruption

A vulnerability, which was classified as critical, was found in Delta Industrial Automation CNCSoft ScreenEditor up to 1.01.23. This affects an unknown code of the component Project File Handler. There is no information about possible...
Auteur: VulDB

Delta Industrial Automation CNCSoft ScreenEditor up to 1.01.23 Project File Out-of-Bounds memory corruption

A vulnerability, which was classified as critical, has been found in Delta Industrial Automation CNCSoft ScreenEditor up to 1.01.23. Affected by this issue is an unknown part of the component Project File Handler. There is no information about...
Auteur: VulDB
12345678910Last

Événements SSI

Article does not exist or Permission Denied.