mardi 25 février 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Grandstream GXP16xx VoIP 1.0.4.128 api-get_line_status information disclosure

A vulnerability has been found in Grandstream GXP16xx VoIP 1.0.4.128 and classified as problematic. This vulnerability affects a functionality of the file /cgi-bin/api-get_line_status. The manipulation with an unknown input leads to a...
Auteur: VulDB

EMC NetWorker nsrexecd Remote Code Execution [CVE-2017-8023]

A vulnerability, which was classified as critical, was found in EMC NetWorker. This affects a function of the component nsrexecd. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code Execution). CWE is...
Auteur: VulDB

PostgreSQL up to 11.2 Code Execution [CVE-2019-9193]

A vulnerability, which was classified as critical, has been found in PostgreSQL up to 11.2 (Database Software). Affected by this issue is some functionality. The manipulation with an unknown input leads to a privilege escalation vulnerability...
Auteur: VulDB

OX Software OX App Suite up to 7.10.1 Cookie weak authentication

A vulnerability, which was classified as problematic, has been found in OX Software OX App Suite up to 7.10.1. Affected by this issue is some functionality of the component Cookie Handler. The manipulation with an unknown input leads to a weak...
Auteur: VulDB

OX Software OX App Suite up to 7.10.1 oxsysreport information disclosure

A vulnerability classified as problematic was found in OX Software OX App Suite up to 7.10.1. Affected by this vulnerability is the functionality of the component oxsysreport. The manipulation with an unknown input leads to a information...
Auteur: VulDB

NICE Engage up to 6.5 JMX/RMI Interface privilege escalation

A vulnerability, which was classified as critical, was found in NICE Engage up to 6.5. This affects a function of the component JMX/RMI Interface. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is...
Auteur: VulDB

Domoticz prior 4.10578 WebServer.cpp GetFloorplanImage idx sql injection

A vulnerability, which was classified as critical, has been found in Domoticz. Affected by this issue is the function CWebServer::GetFloorplanImage of the file WebServer.cpp. The manipulation of the argument idx as part of a Parameter leads to a...
Auteur: VulDB

Domoticz prior 4.10579 End of Line Argument unknown vulnerability

A vulnerability was found in Domoticz and classified as problematic. This issue affects a part of the component End of Line Handler. The manipulation as part of a Argument leads to a unknown weakness. The impact remains unknown. The summary by...
Auteur: VulDB

WordPress 5.1.1 PNG File media-new.php exif_imagetype() information disclosure [Disputed]

A vulnerability has been found in WordPress 5.1.1 (Content Management System) and classified as problematic. This vulnerability affects the function exif_imagetype() of the file wp-admin/media-new.php?browser-uploader of the component PNG File...
Auteur: VulDB

libmysofa up to 0.6 Calculation hdf/btree.c treeRead unknown vulnerability

A vulnerability, which was classified as problematic, was found in libmysofa up to 0.6. This affects the function treeRead of the file hdf/btree.c of the component Calculation Handler. The impact remains unknown. The summary by CVE is:treeRead in...
Auteur: VulDB

Wolf CMS 0.8.3.1 Add SNippet /?/admin/snippet/add) cross site scripting

A vulnerability has been found in Wolf CMS 0.8.3.1 (Content Management System) and classified as problematic. This vulnerability affects a functionality of the file /?/admin/snippet/add) of the component Add SNippet. The manipulation with an...
Auteur: VulDB

HYBBS 2.2 /?admin/user.html cross site request forgery

A vulnerability, which was classified as problematic, was found in HYBBS 2.2. This affects a function of the file /?admin/user.html. The manipulation with an unknown input leads to a cross site request forgery vulnerability. CWE is classifying...
Auteur: VulDB

Grandstream UCM6204 up to 1.0.19 API /cgi listCodeblueGroup sord sql injection

A vulnerability classified as critical was found in Grandstream UCM6204 up to 1.0.19. Affected by this vulnerability is the function listCodeblueGroup of the file /cgi? of the component API. The manipulation of the argument sord as part of a...
Auteur: VulDB

Grandstream UCM6204 up to 1.0.19 /cgi backupUCMConfig Remote Code Execution

A vulnerability classified as critical has been found in Grandstream UCM6204 up to 1.0.19. Affected is an unknown function of the file /cgi?. The manipulation of the argument backupUCMConfig as part of a Shell Metacharacter leads to a privilege...
Auteur: VulDB

Grandstream GXV3611IR_HD up to 1.0.3 Empty weak authentication

A vulnerability was found in Grandstream GXV3611IR_HD up to 1.0.3. It has been rated as critical. This issue affects some processing. The manipulation with an unknown input leads to a weak authentication vulnerability (Empty). Using CWE to...
Auteur: VulDB

Grandstream GXV3611IR_HD up to 1.0.3 systemlog logserver Remote Code Execution

A vulnerability was found in Grandstream GXV3611IR_HD up to 1.0.3. It has been declared as critical. This vulnerability affects a code block of the file /goform/systemlog?cmd=set. The manipulation of the argument logserver as part of a Shell...
Auteur: VulDB

Grandstream GXV3370/WP820 prior 1.0.1.41 manager priority Remote Code Execution

A vulnerability was found in Grandstream GXV3370 and WP820. It has been classified as critical. This affects code of the file /manager?action=getlogcat. The manipulation of the argument priority as part of a Shell Metacharacter leads to a...
Auteur: VulDB

Grandstream GWN7610 up to 1.0.8 API controller.icc.update_nds_webroot_from_tmp filename Remote Code Execution

A vulnerability was found in Grandstream GWN7610 up to 1.0.8 and classified as critical. Affected by this issue is a part of the file /ubus/controller.icc.update_nds_webroot_from_tmp of the component API. The manipulation of the argument...
Auteur: VulDB

Grandstream GWN7000/GWN7610 prior 1.0.6.32 /ubus/uci.apply information disclosure

A vulnerability has been found in Grandstream GWN7000 and GWN7610 and classified as problematic. Affected by this vulnerability is a functionality of the file /ubus/uci.apply. The manipulation with an unknown input leads to a information...
Auteur: VulDB

Grandstream GWN7000 up to 1.0.6 API /ubus/uci.apply update_nds_webroot_from_tmp Shell Metacharacter Remote Code Execution

A vulnerability, which was classified as critical, was found in Grandstream GWN7000 up to 1.0.6. Affected is the function update_nds_webroot_from_tmp of the file /ubus/uci.apply of the component API. The manipulation as part of a Shell...
Auteur: VulDB

Grandstream GAC2500/GXP2200/GVC3202/GXV3275/GXV3240 up to 1.0.3 manager priority cross site request forgery

A vulnerability, which was classified as problematic, has been found in Grandstream GAC2500, GXP2200, GVC3202, GXV3275 and GXV3240 up to 1.0.3. This issue affects some functionality of the file /manager?action=getlogcat. The manipulation of the...
Auteur: VulDB

LZO 2.10 Archive liblzo2.so.2 lzo1x_decompress denial of service

A vulnerability classified as problematic was found in LZO 2.10. This vulnerability affects the function lzo1x_decompress of the file liblzo2.so.2 of the component Archive Handler. The manipulation with an unknown input leads to a denial of...
Auteur: VulDB

flatCore 1.4.7 Addons Feature acp/acp.php PHP File privilege escalation

A vulnerability classified as critical has been found in flatCore 1.4.7. This affects an unknown function of the file acp/acp.php of the component Addons Feature. The manipulation as part of a PHP File leads to a privilege escalation...
Auteur: VulDB

ImageMagick 7.0.8-36 Q16 coders/tiff.c WriteTIFFImage Image File memory corruption

A vulnerability was found in ImageMagick 7.0.8-36 Q16 (Image Processing Software). It has been rated as critical. Affected by this issue is the function WriteTIFFImage of the file coders/tiff.c. The manipulation as part of a Image File leads to...
Auteur: VulDB

ImageMagick 7.0.8-36 Q16 coders/svg.c SVGKeyValuePairs Image File denial of service

A vulnerability was found in ImageMagick 7.0.8-36 Q16 (Image Processing Software). It has been declared as problematic. Affected by this vulnerability is the function SVGKeyValuePairs of the file coders/svg.c. The manipulation as part of a Image...
Auteur: VulDB
First618619620621622623624625626627Last

Événements SSI