samedi 30 mai 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Cisco Enterprise NFV Infrastructure Software VNC Console Request weak authentication

A vulnerability, which was classified as critical, was found in Cisco Enterprise NFV Infrastructure Software (version unknown). Affected is some unknown processing of the component VNC Console. Upgrading eliminates this vulnerability.
Auteur: VulDB

Linux Kernel up to 4.16.3 gadget.c Deadlock unknown vulnerability

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 4.16.3. This issue affects an unknown code block of the file drivers/usb/dwc3/gadget.c. Upgrading to version 4.16.4 eliminates this vulnerability. The...
Auteur: VulDB

osTicket up to 1.10.6/1.12.0 setup/install.php cross site scripting

A vulnerability classified as problematic was found in osTicket up to 1.10.6/1.12.0. This vulnerability affects an unknown code of the file setup/install.php. Upgrading to version 1.10.7 or 1.12.1 eliminates this vulnerability.
Auteur: VulDB

osTicket up to 1.10.6/1.12.0 Formula Spreadsheet CSV Injection privilege escalation

A vulnerability classified as critical has been found in osTicket up to 1.10.6/1.12.0. This affects an unknown part of the component Formula Handler. Upgrading to version 1.10.7 or 1.12.1 eliminates this vulnerability.
Auteur: VulDB

osTicket up to 1.10.6/1.12.0 Ticket Creation Attachment Persistent cross site scripting

A vulnerability was found in osTicket up to 1.10.6/1.12.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Ticket Creation. Upgrading to version 1.10.7 or 1.12.1 eliminates this...
Auteur: VulDB

radare2 up to 3.6.x libr/core/cbin.c bin_symbols() command injection

A vulnerability classified as critical was found in radare2 up to 3.6.x (Programming Tool Software). Affected by this vulnerability is the function bin_symbols() of the file libr/core/cbin.c. Upgrading to version 3.7.0 eliminates this...
Auteur: VulDB

KDE Frameworks KConfig up to 5.60.x Configuration File libKF5ConfigCore.so Code Execution

A vulnerability classified as critical has been found in KDE Frameworks KConfig up to 5.60.x. Affected is an unknown functionality of the file libKF5ConfigCore.so of the component Configuration File. Upgrading to version 5.61.0 eliminates this...
Auteur: VulDB

Valve Steam Client up to 2019-08-07 on Windows Registry Permission privilege escalation

A vulnerability was found in Valve Steam Client up to 2019-08-07 on Windows. It has been rated as critical. This issue affects an unknown function of the component Registry Permission. There is no information about possible countermeasures known....
Auteur: VulDB

Loom Desktop For Mac 0.16.0 WebSocket Code Execution

A vulnerability was found in Loom Desktop For Mac 0.16.0. It has been declared as critical. This vulnerability affects some unknown processing of the component WebSocket. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Relution Enterprise Appstore Publisher Plugin up to 1.24 on Jenkins Permission Check HTTP privilege escalation

A vulnerability was found in Relution Enterprise Appstore Publisher Plugin up to 1.24 on Jenkins (Jenkins Plugin). It has been classified as critical. This affects an unknown code block of the component Permission Check. There is no information...
Auteur: VulDB

Relution Enterprise Appstore Publisher Plugin up to 1.24 on Jenkins cross site request forgery

A vulnerability was found in Relution Enterprise Appstore Publisher Plugin up to 1.24 on Jenkins (Jenkins Plugin) and classified as problematic. Affected by this issue is an unknown code. There is no information about possible countermeasures...
Auteur: VulDB

XL TestView Plugin up to 1.2.0 on Jenkins Permission Check privilege escalation

A vulnerability has been found in XL TestView Plugin up to 1.2.0 on Jenkins (Jenkins Plugin) and classified as critical. Affected by this vulnerability is an unknown part of the component Permission Check. There is no information about possible...
Auteur: VulDB

XL TestView Plugin up to 1.2.0 on Jenkins cross site request forgery

A vulnerability, which was classified as problematic, was found in XL TestView Plugin up to 1.2.0 on Jenkins (Jenkins Plugin). Affected is some unknown functionality. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

eggPlant Plugin up to 2.2 on Jenkins Job information disclosure

A vulnerability, which was classified as problematic, has been found in eggPlant Plugin up to 2.2 on Jenkins (Jenkins Plugin). This issue affects an unknown functionality of the component Job Handler. There is no information about possible...
Auteur: VulDB

VMware Lab Manager Slaves Plugin up to 0.2.8 on Jenkins Hostname Verification weak authentication

A vulnerability classified as critical was found in VMware Lab Manager Slaves Plugin up to 0.2.8 on Jenkins (Jenkins Plugin). This vulnerability affects an unknown function of the component Hostname Verification. There is no information about...
Auteur: VulDB

Codefresh Integration Plugin up to 1.8 on Jenkins Hostname Verification weak authentication

A vulnerability classified as critical has been found in Codefresh Integration Plugin up to 1.8 on Jenkins (Jenkins Plugin). This affects some unknown processing of the component Hostname Verification. There is no information about possible...
Auteur: VulDB

Simple Travis Pipeline Runner Plugin up to 1.0 on Jenkins Custom Script Security Whitelist Code Execution

A vulnerability was found in Simple Travis Pipeline Runner Plugin up to 1.0 on Jenkins (Jenkins Plugin). It has been rated as critical. Affected by this issue is an unknown code block of the component Custom Script Security Whitelist. There is no...
Auteur: VulDB

Google Cloud Messaging Notification Plugin up to 1.0 on Jenkins Global Configuration information disclosure

A vulnerability was found in Google Cloud Messaging Notification Plugin up to 1.0 on Jenkins (Cloud Software). It has been declared as problematic. Affected by this vulnerability is an unknown code of the component Global Configuration. There is...
Auteur: VulDB

Avatar Plugin up to 1.2 on Jenkins Permission Check privilege escalation

A vulnerability was found in Avatar Plugin up to 1.2 on Jenkins (Jenkins Plugin) and classified as critical. This issue affects some unknown functionality of the component Permission Check. There is no information about possible countermeasures...
Auteur: VulDB

Wall Display Plugin up to 0.6.34 on Jenkins Web Page Reflected cross site scripting

A vulnerability has been found in Wall Display Plugin up to 0.6.34 on Jenkins (Jenkins Plugin) and classified as problematic. This vulnerability affects an unknown functionality of the component Web Page Handler. There is no information about...
Auteur: VulDB

File System SCM Plugin up to 2.1 on Jenkins Job Configuration information disclosure

A vulnerability, which was classified as problematic, was found in File System SCM Plugin up to 2.1 on Jenkins (Supply Chain Management Software). This affects an unknown function of the component Job Configuration Handler. There is no...
Auteur: VulDB

PegDown Formatter Plugin up to 1.3 on Jenkins Description Stored cross site scripting

A vulnerability, which was classified as problematic, has been found in PegDown Formatter Plugin up to 1.3 on Jenkins (Jenkins Plugin). Affected by this issue is some unknown processing of the component Description Handler. There is no...
Auteur: VulDB

Build Pipeline Plugin up to 1.5.8 on Jenkins Web Page Stored cross site scripting

A vulnerability classified as problematic was found in Build Pipeline Plugin up to 1.5.8 on Jenkins (Jenkins Plugin). Affected by this vulnerability is an unknown code block of the component Web Page Handler. There is no information about...
Auteur: VulDB

Gitlab Authentication Plugin up to 1.4 on Jenkins GitLabSecurityRealm.java Open Redirect

A vulnerability classified as problematic has been found in Gitlab Authentication Plugin up to 1.4 on Jenkins (Bug Tracking Software). Affected is an unknown code of the file GitLabSecurityRealm.java. There is no information about possible...
Auteur: VulDB

Gitlab Authentication Plugin up to 1.4 on Jenkins Session Fixation weak authentication

A vulnerability was found in Gitlab Authentication Plugin up to 1.4 on Jenkins (Bug Tracking Software). It has been rated as critical. This issue affects an unknown part. There is no information about possible countermeasures known. It may be...
Auteur: VulDB
First633634635636637638639640641642Last

Événements SSI