Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

DedeCMS 5.8 cross site scripting [CVE-2020-27533]

A vulnerability was found in DedeCMS 5.8 (Content Management System) and classified as problematic. This issue affects an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Hashicorp Nomad/Nomad Enterprise up to 0.12.5 sandbox [CVE-2020-27195]

A vulnerability has been found in Hashicorp Nomad and Nomad Enterprise up to 0.12.5 and classified as critical. This vulnerability affects some unknown functionality. Upgrading to version 0.10.6, 0.11.5 or 0.12.6 eliminates this vulnerability.
Auteur: VulDB

Octopus Deploy up to 2020.4.4 Websocket Endpoint unknown vulnerability

A vulnerability, which was classified as problematic, was found in Octopus Deploy up to 2020.4.4. This affects an unknown functionality of the component Websocket Endpoint.
Auteur: VulDB

AtomXCMS 2.0 admin/dump.php path traversal

A vulnerability, which was classified as problematic, has been found in AtomXCMS 2.0. Affected by this issue is an unknown function of the file admin/dump.php. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

AtomXCMS 2.0 admin/dump.php access control

A vulnerability classified as critical was found in AtomXCMS 2.0. Affected by this vulnerability is some unknown processing of the file admin/dump.php. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

fs.com S3900 24T4S up to 1.7.0 access control [CVE-2020-24033]

A vulnerability classified as critical has been found in fs.com S3900 24T4S up to 1.7.0. Affected is an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

CERTFR-2020-AVI-673 : Vulnérabilité dans SonicWall Capture Security Center (23 octobre 2020)

De multiples vulnérabilités ont été découvertes dans SonicWall Capture Security Center. Elles permettent à un attaquant de contourner la politique de sécurité. Aucune CVE n'a été attribuée par l'éditeur.

Auteur: Cert FR

Adobe Animate up to 20.5 FLA File out-of-bounds read

A vulnerability was found in Adobe Animate up to 20.5. It has been rated as critical. This issue affects an unknown code of the component FLA File Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Animate up to 20.5 FLA File out-of-bounds read

A vulnerability was found in Adobe Animate up to 20.5. It has been declared as problematic. This vulnerability affects an unknown part of the component FLA File Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Animate up to 20.5 FLA File stack-based buffer overflow

A vulnerability was found in Adobe Animate up to 20.5. It has been classified as critical. This affects some unknown functionality of the component FLA File Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Animate up to 20.5 FLA File double free

A vulnerability was found in Adobe Animate up to 20.5 and classified as critical. Affected by this issue is an unknown functionality of the component FLA File Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco ASA Web-based Management Interface cross site scripting

A vulnerability has been found in Cisco ASA (Firewall Software) (affected version unknown) and classified as problematic. Affected by this vulnerability is an unknown function of the component Web-based Management Interface. Upgrading eliminates...
Auteur: VulDB

Cisco ASA/Firepower Threat Defense TLS Connection information exposure

A vulnerability, which was classified as problematic, was found in Cisco ASA and Firepower Threat Defense (Firewall Software) (version unknown). Affected is some unknown processing of the component TLS Connection Handler. Upgrading eliminates...
Auteur: VulDB

Cisco ASA/Firepower Threat Defense Web Services Interface cross site scripting

A vulnerability, which was classified as problematic, has been found in Cisco ASA and Firepower Threat Defense (Firewall Software) (unknown version). This issue affects an unknown code block of the component Web Services Interface. Upgrading...
Auteur: VulDB

Cisco ASA/Firepower Threat Defense Web Services Interface cross site scripting

A vulnerability classified as problematic was found in Cisco ASA and Firepower Threat Defense (Firewall Software) (the affected version is unknown). This vulnerability affects an unknown code of the component Web Services Interface. Upgrading...
Auteur: VulDB

Cisco ASA/Firepower Threat Defense Web Services Interface cross site scripting

A vulnerability classified as problematic has been found in Cisco ASA and Firepower Threat Defense (Firewall Software) (the affected version unknown). This affects an unknown part of the component Web Services Interface. Upgrading eliminates this...
Auteur: VulDB

Cisco ASA/Firepower Threat Defense Web Services Interface cross site scripting

A vulnerability was found in Cisco ASA and Firepower Threat Defense (Firewall Software) (affected version not known). It has been rated as problematic. Affected by this issue is some unknown functionality of the component Web Services Interface....
Auteur: VulDB

Cisco ASA/Firepower Threat Defense Web Services Interface authorization

A vulnerability was found in Cisco ASA and Firepower Threat Defense (Firewall Software) (affected version unknown). It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Web Services...
Auteur: VulDB

Cisco Firepower Threat Defense denial of service [CVE-2020-3577]

A vulnerability was found in Cisco Firepower Threat Defense (Firewall Software) (version unknown). It has been classified as critical. Affected is an unknown function. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco ASA/Firepower Threat Defense TLS Connection resource consumption

A vulnerability was found in Cisco ASA and Firepower Threat Defense (Firewall Software) (unknown version) and classified as critical. This issue affects some unknown processing of the component TLS Connection Handler. Upgrading eliminates this...
Auteur: VulDB

Cisco Firepower Threat Defense ICMPv6 Packet resource consumption

A vulnerability has been found in Cisco Firepower Threat Defense (Firewall Software) (the affected version is unknown) and classified as critical. This vulnerability affects an unknown code block of the component ICMPv6 Packet Handler. Upgrading...
Auteur: VulDB

Cisco Firepower Threat Defense TCP Interception access control

A vulnerability, which was classified as critical, was found in Cisco Firepower Threat Defense (Firewall Software) (the affected version unknown). This affects an unknown code of the component TCP Interception. Upgrading eliminates this...
Auteur: VulDB

CERTFR-2020-AVI-672 : Multiples vulnérabilités dans le noyau Linux de Suse (23 octobre 2020)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Suse. Elles permettent à un attaquant de provoquer un déni de service, une élévation de privilège et une atteinte à la confidentialité des données.

Auteur: Cert FR

Cisco ASA/Firepower Threat Defense FTP Inspection Engine access control

A vulnerability, which was classified as problematic, has been found in Cisco ASA and Firepower Threat Defense (Firewall Software) (affected version not known). Affected by this issue is an unknown part of the component FTP Inspection Engine....
Auteur: VulDB

Cisco Firepower Threat Defense TCP Packet denial of service [CVE-2020-3563]

A vulnerability classified as critical was found in Cisco Firepower Threat Defense (Firewall Software) (affected version unknown). Affected by this vulnerability is some unknown functionality of the component TCP Packet Handler. Upgrading...
Auteur: VulDB
First234567891011Last

Événements SSI