lundi 1 juin 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Citrix SD-WAN/Netscaler SD-WAN command injection [CVE-2019-12988]

A vulnerability classified as very critical has been found in Citrix SD-WAN and Netscaler SD-WAN (Network Management Software) (version unknown). Affected is an unknown part. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Citrix SD-WAN/Netscaler SD-WAN command injection [CVE-2019-12987]

A vulnerability was found in Citrix SD-WAN and Netscaler SD-WAN (Network Management Software) (unknown version). It has been rated as very critical. This issue affects some unknown functionality. The manipulation with an unknown input leads to...
Auteur: VulDB

Citrix SD-WAN/Netscaler SD-WAN command injection [CVE-2019-12986]

A vulnerability was found in Citrix SD-WAN and Netscaler SD-WAN (Network Management Software) (the affected version is unknown). It has been declared as very critical. This vulnerability affects an unknown functionality. The manipulation with...
Auteur: VulDB

Citrix SD-WAN/Netscaler SD-WAN command injection [CVE-2019-12985]

A vulnerability was found in Citrix SD-WAN and Netscaler SD-WAN (Network Management Software) (the affected version unknown). It has been classified as very critical. This affects an unknown function. The manipulation with an unknown input...
Auteur: VulDB

HT2 Labs Learning Locker 3.15.1 dashboards/ PATH_INFO cross site scripting

A vulnerability was found in HT2 Labs Learning Locker 3.15.1 and classified as problematic. Affected by this issue is some unknown processing of the file dashboards/. The manipulation of the argument PATH_INFO with an unknown input leads to a...
Auteur: VulDB

Microstrategy Web up to 10.4.5 Stored cross site scripting

A vulnerability has been found in Microstrategy Web up to 10.4.5 and classified as problematic. Affected by this vulnerability is an unknown code block. The manipulation with an unknown input leads to a cross site scripting vulnerability...
Auteur: VulDB

Zeek Network Security Monitor up to 2.6.1 Kerberos Protocol Parser NULL Pointer Dereference denial of service

A vulnerability, which was classified as problematic, was found in Zeek Network Security Monitor up to 2.6.1. Affected is an unknown code of the component Kerberos Protocol Parser. The manipulation with an unknown input leads to a denial of...
Auteur: VulDB

Jenkins up to LTS 2.176.1/2.185 Stapler Web Framework information disclosure

A vulnerability, which was classified as problematic, has been found in Jenkins up to LTS 2.176.1/2.185 (Continuous Integration Software). This issue affects an unknown part of the component Stapler Web Framework. The manipulation with an...
Auteur: VulDB

Jenkins up to LTS 2.176.1/2.185 CSRF Protection Expired privilege escalation

A vulnerability classified as problematic was found in Jenkins up to LTS 2.176.1/2.185 (Continuous Integration Software). This vulnerability affects some unknown functionality of the component CSRF Protection. The manipulation with an unknown...
Auteur: VulDB

Jenkins up to LTS 2.176.1/2.185 FileParameterValue.java Parameter directory traversal

A vulnerability classified as critical has been found in Jenkins up to LTS 2.176.1/2.185 (Continuous Integration Software). This affects an unknown functionality of the file core/src/main/java/hudson/model/FileParameterValue.java. The...
Auteur: VulDB

Knot Resolver up to 4.0.x DNS Resolver Downgrade privilege escalation

A vulnerability was found in Knot Resolver up to 4.0.x. It has been rated as critical. Affected by this issue is an unknown function of the component DNS Resolver. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Knot Resolver up to 4.0.x DNS Resolver DNSSEC privilege escalation

A vulnerability was found in Knot Resolver up to 4.0.x. It has been declared as critical. Affected by this vulnerability is some unknown processing of the component DNS Resolver. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Linaro OP-TEE up to 3.3.x optee_os memory corruption

A vulnerability was found in Linaro OP-TEE up to 3.3.x. It has been classified as critical. Affected is an unknown code block of the component optee_os. The manipulation with an unknown input leads to a memory corruption vulnerability. CWE is...
Auteur: VulDB

Mikrobi Babel on MODX redirect.php newurl Open Redirect

A vulnerability was found in Mikrobi Babel on MODX (unknown version) and classified as problematic. This issue affects an unknown code of the file redirect.php. The manipulation of the argument newurl as part of a Parameter leads to a privilege...
Auteur: VulDB

TinyMCE 4.7.11 Media Element cross site scripting

A vulnerability has been found in TinyMCE 4.7.11 and classified as problematic. This vulnerability affects an unknown part of the component Media Element Handler. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

Dancer::Plugin::SimpleCRUD up to 1.14 Access Control _ensure_auth privilege escalation

A vulnerability, which was classified as critical, was found in Dancer::Plugin::SimpleCRUD up to 1.14. This affects the function _ensure_auth of the component Access Control. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Pallets Flask up to 0.x JSON Data denial of service

A vulnerability, which was classified as problematic, has been found in Pallets Flask up to 0.x. Affected by this issue is an unknown functionality. The manipulation as part of a JSON Data leads to a denial of service vulnerability. Using CWE to...
Auteur: VulDB

Quake3e prior 5ed740d Argument Code Execution memory corruption

A vulnerability classified as critical has been found in Quake3e. Affected is some unknown processing. The manipulation as part of a Argument leads to a memory corruption vulnerability (Code Execution). CWE is classifying the issue as CWE-119....
Auteur: VulDB

IBM QRadar SIEM 7.2/7.3 information disclosure [CVE-2018-2022]

A vulnerability was found in IBM QRadar SIEM 7.2/7.3 (Log Management Software). It has been rated as problematic. This issue affects an unknown code block. The manipulation with an unknown input leads to a information disclosure vulnerability....
Auteur: VulDB

IBM QRadar SIEM 7.2/7.3 Web UI cross site scripting

A vulnerability was found in IBM QRadar SIEM 7.2/7.3 (Log Management Software). It has been declared as problematic. This vulnerability affects an unknown code of the component Web UI. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

Hyland Perceptive Content Server up to 7.1.4 ImageNow Server Service TCP Connection Crash denial of service

A vulnerability was found in Hyland Perceptive Content Server up to 7.1.4. It has been classified as problematic. This affects an unknown part of the component ImageNow Server Service. The manipulation as part of a TCP Connection leads to a...
Auteur: VulDB

IBM Campaign 9.1.0/9.1.2/10.1/11.0 Web UI cross site scripting

A vulnerability was found in IBM Campaign 9.1.0/9.1.2/10.1/11.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Web UI. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

Solarwinds Network Performance Monitor 12.3 GetActiveAlerts TriggeringObjectEntityNames sql injection

A vulnerability has been found in Solarwinds Network Performance Monitor 12.3 (Network Management Software) and classified as critical. Affected by this vulnerability is an unknown functionality of the file...
Auteur: VulDB

Drupal Releases Security Update

Original release date: July 17, 2019Drupal has released a security update to address a vulnerability in Drupal Core. An attacker could exploit this vulnerability to take control of an affected website. The Cybersecurity and Infrastructure...
Auteur: US Cert

Cisco Releases Security Updates for Multiple Products

Original release date: July 17, 2019Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity...
Auteur: US Cert
First688689690691692693694695696697Last

Événements SSI