mardi 7 avril 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Vera VeraEdge/Veralite Log File relay.sh cross site scripting

A vulnerability was found in Vera VeraEdge and Veralite (affected version not known) and classified as problematic. Affected by this issue is some unknown functionality of the file relay.sh of the component Log File. The manipulation with an...
Auteur: VulDB

Vera VeraEdge/Veralite Script File get_file.sh filename directory traversal

A vulnerability has been found in Vera VeraEdge and Veralite (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown functionality of the file get_file.sh of the component Script File. The manipulation...
Auteur: VulDB

Vera Veralite 1.7.481 OpenWRT Interface /etc/cmh/cmh.conf weak authentication

A vulnerability, which was classified as critical, was found in Vera Veralite 1.7.481. Affected is an unknown function of the file /etc/cmh/cmh.conf of the component OpenWRT Interface. The manipulation with an unknown input leads to a weak...
Auteur: VulDB

Vera VeraEdge/Veralite Web User Interface relay.sh eval remote_host Code Execution

A vulnerability, which was classified as critical, has been found in Vera VeraEdge and Veralite (unknown version). This issue affects the function eval of the file relay.sh of the component Web User Interface. The manipulation of the argument...
Auteur: VulDB

Vera VeraEdge/Veralite UPnP Service /port_3480 URL Server-Side Request Forgery

A vulnerability classified as critical was found in Vera VeraEdge and Veralite (the affected version is unknown). This vulnerability affects an unknown code block of the file /port_3480 of the component UPnP Service. The manipulation of the...
Auteur: VulDB

Vera VeraEdge/Veralite UPnP Service /port_3480 ReadFileIntoBuffer parameters directory traversal

A vulnerability classified as problematic has been found in Vera VeraEdge and Veralite (the affected version unknown). This affects the function FileUtils::ReadFileIntoBuffer of the file /port_3480 of the component UPnP Service. The manipulation...
Auteur: VulDB

Shekar Endoscope WiFi memory corruption [CVE-2017-10724]

A vulnerability was found in Shekar Endoscope (affected version unknown). It has been declared as critical. Affected by this vulnerability is some unknown functionality of the component WiFi Handler. The manipulation with an unknown input leads...
Auteur: VulDB

Shekar Endoscope WiFi memory corruption [CVE-2017-10723]

A vulnerability was found in Shekar Endoscope (version unknown). It has been classified as critical. Affected is an unknown functionality of the component WiFi Handler. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Shekar Endoscope App avilib.dll memmove WiFi Password memory corruption

A vulnerability was found in Shekar Endoscope (unknown version) and classified as critical. This issue affects the function memmove in the library avilib.dll of the component App. The manipulation as part of a WiFi Password leads to a memory...
Auteur: VulDB

Shekar Endoscope Telnet Service privilege escalation [CVE-2017-10721]

A vulnerability has been found in Shekar Endoscope (the affected version is unknown) and classified as critical. This vulnerability affects some unknown processing of the component Telnet Service. The manipulation with an unknown input leads to...
Auteur: VulDB

Shekar Endoscope App avilib.dll memmove WiFi Name memory corruption

A vulnerability, which was classified as critical, was found in Shekar Endoscope (the affected version unknown). This affects the function memmove in the library avilib.dll of the component App. The manipulation as part of a WiFi Name leads to a...
Auteur: VulDB

Shekar Endoscope WiFi weak authentication [CVE-2017-10719]

A vulnerability, which was classified as critical, has been found in Shekar Endoscope (affected version not known). Affected by this issue is an unknown code of the component WiFi Handler. The manipulation with an unknown input leads to a weak...
Auteur: VulDB

Shekar Endoscope WiFi privilege escalation [CVE-2017-10718]

A vulnerability classified as critical was found in Shekar Endoscope (affected version unknown). Affected by this vulnerability is an unknown part of the component WiFi Handler. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Vera VeraEdge/Veralite Web Management Interface cross site request forgery

A vulnerability was found in Vera VeraEdge and Veralite (affected version not known). It has been rated as problematic. Affected by this issue is an unknown part of the component Web Management Interface. The manipulation with an unknown input...
Auteur: VulDB

Foxit Reader SDK Professsional 5.4.0.1031 Object GetDocEventHandler Office Document memory corruption

A vulnerability classified as critical was found in Foxit Reader SDK Professsional 5.4.0.1031 (Document Reader Software). This vulnerability affects the function IReader_ContentProvider::GetDocEventHandler of the component Object Handler. The...
Auteur: VulDB

Foxit Reader SDK Professsional 5.4.0.1031 URI String PDF File Stack-based memory corruption

A vulnerability classified as critical has been found in Foxit Reader SDK Professsional 5.4.0.1031 (Document Reader Software). This affects an unknown functionality of the component URI String Handler. The manipulation as part of a PDF File...
Auteur: VulDB

UNIONTRAD COMPANY : 20 000 euros d’amende pour vidéosurveillance excessive des salariés

La formation restreinte de la CNIL a prononcé une sanction de 20 000 euros à l’encontre de la société UNIONTRAD COMPANY  pour avoir mis en place un dispositif de vidéosurveillance qui plaçait ses salariés sous surveillance constante. Elle a...
Auteur: Cnil

Webmin up to 1.910 Package Updates Module update.cgi data privilege escalation

A vulnerability classified as critical has been found in Webmin up to 1.910. Affected is some unknown functionality of the file update.cgi of the component Package Updates Module. The manipulation of the argument data as part of a Parameter...
Auteur: VulDB

OrangeHRM up to 4.3.0 listMailConfiguration txtSendmailPath privilege escalation

A vulnerability was found in OrangeHRM up to 4.3.0. It has been rated as critical. This issue affects an unknown functionality of the file admin/listMailConfiguration. The manipulation of the argument txtSendmailPath as part of a Parameter leads...
Auteur: VulDB

Leanify 0.4.3 formats/xml.cpp xml_memory_writer::write memory corruption

A vulnerability was found in Leanify 0.4.3. It has been declared as critical. This vulnerability affects the function xml_memory_writer::write of the file formats/xml.cpp. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

MyBB up to 1.8.20 XML Data aaaaaaaaaaaaaaaaaaaaaaaaaa.php.css Stylesheet sql injection

A vulnerability was found in MyBB up to 1.8.20. It has been classified as critical. This affects some unknown processing of the file aaaaaaaaaaaaaaaaaaaaaaaaaa.php.css of the component XML Data Handler. The manipulation as part of a Stylesheet...
Auteur: VulDB

MyBB up to 1.8.20 Private Message BBcode Persistent cross site scripting

A vulnerability was found in MyBB up to 1.8.20 (Content Management System) and classified as problematic. Affected by this issue is an unknown code block of the component Private Message Handler. The manipulation as part of a BBcode leads to a...
Auteur: VulDB

radare2 up to 3.5.1 RParse API libr/asm/asm.c memory corruption

A vulnerability has been found in radare2 up to 3.5.1 and classified as critical. Affected by this vulnerability is an unknown code of the file libr/asm/asm.c of the component RParse API. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

ZNC up to 1.7.3 Module Name Modules.cpp privilege escalation

A vulnerability, which was classified as critical, was found in ZNC up to 1.7.3. Affected is an unknown part of the file Modules.cpp of the component Module Name Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Count Per Day Plugin up to 3.2.5 on WordPress daytoshow cross site scripting

A vulnerability, which was classified as problematic, has been found in Count Per Day Plugin up to 3.2.5 on WordPress. This issue affects some unknown functionality of the file wp-admin/?page=cpd_metaboxes. The manipulation of the argument...
Auteur: VulDB
First625626627628629630631632633634Last

Événements SSI