mercredi 26 février 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

FreeRADIUS up to 3.0.18 Dragonblood spoofing

A vulnerability classified as critical was found in FreeRADIUS up to 3.0.18 (Network Authentication Software). Affected by this vulnerability is the functionality. The manipulation with an unknown input leads to a spoofing vulnerability...
Auteur: VulDB

Eclipse Vorto up to 0.10 Maven Build Artifact Resolver weak encryption

A vulnerability classified as critical has been found in Eclipse Vorto up to 0.10. Affected is an unknown function of the component Maven Build Artifact Resolver. The manipulation with an unknown input leads to a weak encryption vulnerability....
Auteur: VulDB

Eclipse Jetty up to 7.x/8.x/9.2.27/9.3.26/9.4.16 404 Error Path information disclosure

A vulnerability was found in Eclipse Jetty up to 7.x/8.x/9.2.27/9.3.26/9.4.16. It has been rated as problematic. This issue affects some processing of the component 404 Error Handler. The manipulation with an unknown input leads to a information...
Auteur: VulDB

Eclipse Jetty up to 9.2.27/9.3.26/9.4.16 on Windows Path information disclosure

A vulnerability was found in Eclipse Jetty up to 9.2.27/9.3.26/9.4.16 on Windows. It has been declared as problematic. This vulnerability affects a code block. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

Eclipse Jetty up to 9.2.26/9.3.25/9.4.15 URL cross site scripting

A vulnerability was found in Eclipse Jetty up to 9.2.26/9.3.25/9.4.15. It has been classified as problematic. This affects code of the component URL Handler. The manipulation with an unknown input leads to a cross site scripting vulnerability....
Auteur: VulDB

Pony Mail Interface URL Reflected cross site scripting

A vulnerability was found in Pony Mail Interface and classified as problematic. Affected by this issue is a part of the component URL Handler. The manipulation with an unknown input leads to a cross site scripting vulnerability (Reflected)....
Auteur: VulDB

OpenPLC v2/v3 modbus.cpp mapUnusedIO() memory corruption

A vulnerability has been found in OpenPLC v2/v3 and classified as critical. Affected by this vulnerability is the function mapUnusedIO() of the file modbus.cpp. The manipulation with an unknown input leads to a memory corruption vulnerability....
Auteur: VulDB

Snapweb Interface up to 0.21.1 privilege escalation [CVE-2016-1587]

A vulnerability, which was classified as critical, was found in Snapweb Interface up to 0.21.1. Affected is a function. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is classifying the issue as...
Auteur: VulDB

Oxide up to 1.18.2 WebView privilege escalation

A vulnerability, which was classified as critical, has been found in Oxide up to 1.18.2. This issue affects some functionality of the component WebView. The manipulation with an unknown input leads to a privilege escalation vulnerability. Using...
Auteur: VulDB

AppArmor Mount unknown vulnerability [CVE-2016-1585]

A vulnerability classified as critical was found in AppArmor. This vulnerability affects the functionality of the component Mount Handler. The impact remains unknown. CVE summarizes:In all versions of AppArmor mount rules are accidentally widened...
Auteur: VulDB

Unity8 Keyboard Input unknown vulnerability [CVE-2016-1584]

A vulnerability classified as critical has been found in Unity8. This affects an unknown function of the component Keyboard Input Handler. The impact remains unknown. The summary by CVE is:In all versions of Unity8 a running but not active...
Auteur: VulDB

UDM 1.2+16.04.20160408-0ubuntu1 Download Code Execution

A vulnerability was found in UDM 1.2+16.04.20160408-0ubuntu1. It has been rated as critical. Affected by this issue is some processing of the component Download Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Unity8 up to 8.11+16.04 CardCreator.js Code Execution

A vulnerability was found in Unity8 up to 8.11+16.04. It has been declared as critical. Affected by this vulnerability is a code block of the file plugins/Dash/CardCreator.js. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

unity-scope-gdrive Log information disclosure [CVE-2015-1343]

A vulnerability was found in unity-scope-gdrive. It has been classified as problematic. Affected is code. The manipulation with an unknown input leads to a information disclosure vulnerability (Log). CWE is classifying the issue as CWE-200. This...
Auteur: VulDB

Appoprt up to 2.19.1 Python Module _python_module_path Argument denial of service

A vulnerability was found in Appoprt up to 2.19.1 and classified as problematic. This issue affects the function _python_module_path of the component Python Module. The manipulation as part of a Argument leads to a denial of service...
Auteur: VulDB

lxd up to 0.19-0ubuntu4 doUidshiftIntoContainer() race condition

A vulnerability has been found in lxd up to 0.19-0ubuntu4 and classified as problematic. This vulnerability affects the function doUidshiftIntoContainer(). The manipulation with an unknown input leads to a race condition vulnerability (Symlink)....
Auteur: VulDB

Content Hub prior 0.0+15.04.20150331-0ubuntu1.0 DBUS API privilege escalation

A vulnerability, which was classified as critical, was found in Content Hub. This affects a function of the component DBUS API. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is classifying the issue as...
Auteur: VulDB

python-dbusmock up to 0.15.0 PYC File Remote Code Execution

A vulnerability, which was classified as critical, has been found in python-dbusmock up to 0.15.0 (Programming Language Software). Affected by this issue is the function AddTemplate()/DBusTestCase.spawn_server_template() of the component PYC File...
Auteur: VulDB

Ubuntu maas up to 1.9.1 SeaMicro Privisioning Log information disclosure

A vulnerability classified as problematic was found in Ubuntu maas up to 1.9.1. Affected by this vulnerability is the functionality of the component SeaMicro Privisioning. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

Juju Core Joyent Provider up to 1.25.4 SSH Key Private Key information disclosure

A vulnerability classified as problematic has been found in Juju Core Joyent Provider up to 1.25.4. Affected is an unknown function of the component SSH Key. The manipulation with an unknown input leads to a information disclosure vulnerability...
Auteur: VulDB

Ubuntu maas up to 1.9.1 generate_filestorage_key Filename privilege escalation

A vulnerability was found in Ubuntu maas up to 1.9.1. It has been rated as problematic. This issue affects the function generate_filestorage_key. The manipulation as part of a Filename leads to a privilege escalation vulnerability (Bruteforce)....
Auteur: VulDB

Ubuntu maas up to 1.9.1 REST API cross site scripting

A vulnerability was found in Ubuntu maas up to 1.9.1. It has been declared as problematic. This vulnerability affects a code block of the component REST API. The manipulation with an unknown input leads to a cross site scripting vulnerability....
Auteur: VulDB

Ubuntu maas up to 1.9.1 maasserver.api.get_file_by_name information disclosure

A vulnerability was found in Ubuntu maas up to 1.9.1. It has been classified as problematic. This affects the function maasserver.api.get_file_by_name. The manipulation with an unknown input leads to a information disclosure vulnerability (File...
Auteur: VulDB

Ubuntu SELinux prior 1:0.10 initscripts Symlink privilege escalation

A vulnerability was found in Ubuntu SELinux and classified as problematic. Affected by this issue is a part of the component initscripts. The manipulation with an unknown input leads to a privilege escalation vulnerability (Symlink). Using CWE...
Auteur: VulDB

Nova up to 2012 Hypervisor Host File information disclosure

A vulnerability has been found in Nova up to 2012 and classified as problematic. Affected by this vulnerability is a functionality of the component Hypervisor Host File Handler. The manipulation with an unknown input leads to a information...
Auteur: VulDB
First627628629630631632633634635636Last

Événements SSI