Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Tribal Systems Zenario CMS 8.8.52729 admin_boxes.ajax.php cID cross site scripting

A vulnerability classified as problematic was found in Tribal Systems Zenario CMS 8.8.52729 (Content Management System). Affected by this vulnerability is an unknown functionality of the file admin_boxes.ajax.php. There is no information about...
Auteur: VulDB

Tribal Systems Zenario CMS 8.8.52729 admin_boxes.ajax.php cID sql injection

A vulnerability classified as problematic has been found in Tribal Systems Zenario CMS 8.8.52729 (Content Management System). Affected is an unknown function of the file admin_boxes.ajax.php. There is no information about possible countermeasures...
Auteur: VulDB

Adobe Bridge up to 10.1.1/11.0.1 Genuine Software Service improper authorization

A vulnerability was found in Adobe Bridge up to 10.1.1/11.0.1. It has been rated as critical. This issue affects some unknown processing of the component Genuine Software Service. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Bridge up to 10.1.1/11.0.1 out-of-bounds write [CVE-2021-21095]

A vulnerability was found in Adobe Bridge up to 10.1.1/11.0.1. It has been declared as critical. This vulnerability affects an unknown code block. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Bridge up to 10.1.1/11.0.1 out-of-bounds write [CVE-2021-21094]

A vulnerability was found in Adobe Bridge up to 10.1.1/11.0.1. It has been classified as critical. This affects an unknown code. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Bridge up to 10.1.1/11.0.1 memory corruption [CVE-2021-21093]

A vulnerability was found in Adobe Bridge up to 10.1.1/11.0.1 and classified as critical. Affected by this issue is an unknown part. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Bridge up to 10.1.1/11.0.1 buffer overflow [CVE-2021-21092]

A vulnerability has been found in Adobe Bridge up to 10.1.1/11.0.1 and classified as critical. Affected by this vulnerability is some unknown functionality. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Bridge up to 10.1.1/11.0.1 out-of-bounds read [CVE-2021-21091]

A vulnerability, which was classified as problematic, was found in Adobe Bridge up to 10.1.1/11.0.1. Affected is an unknown functionality. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe ColdFusion 2018 Update 10/up to 2016 Update 16 cross site scripting

A vulnerability, which was classified as problematic, has been found in Adobe ColdFusion up to 2016 Update 16/2018 Update 10 (Programming Language Software). This issue affects an unknown function. Applying a patch is able to eliminate this...
Auteur: VulDB

Ceph up to 14.2.19 CEPHX_GET_AUTH_SESSION_KEY Request other_keys improper authentication

A vulnerability classified as critical was found in Ceph up to 14.2.19. This vulnerability affects some unknown processing of the component CEPHX_GET_AUTH_SESSION_KEY Request Handler. Upgrading to version 14.2.20 eliminates this vulnerability.
Auteur: VulDB

Cosori Smart Air Fryer CS158-AF 1.1.0 JSON Object backdoor

A vulnerability classified as critical has been found in Cosori Smart Air Fryer CS158-AF 1.1.0. This affects an unknown code block of the component JSON Object Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Cosori Smart Air Fryer CS158-AF 1.1.0 JSON Object heap-based overflow

A vulnerability was found in Cosori Smart Air Fryer CS158-AF 1.1.0. It has been rated as critical. Affected by this issue is an unknown code of the component JSON Object Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

OpenClinic GA 5.173.3 getAssets.jsp assetStatus sql injection

A vulnerability was found in OpenClinic GA 5.173.3. It has been declared as critical. Affected by this vulnerability is an unknown part of the file getAssets.jsp. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Tilde OpenClinic GA 5.173.3 getAssets.jsp code sql injection

A vulnerability was found in Tilde OpenClinic GA 5.173.3. It has been classified as critical. Affected is some unknown functionality of the file getAssets.jsp. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

OpenClinic GA 5.173.3 getAssets.jsp code sql injection

A vulnerability was found in OpenClinic GA 5.173.3 and classified as critical. This issue affects an unknown functionality of the file getAssets.jsp. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Apache Tapestry up to 5.4.5/5.5.0/5.6.2/5.7.0 AppModule.class deserialization

A vulnerability has been found in Apache Tapestry up to 5.4.5/5.5.0/5.6.2/5.7.0 and classified as critical. This vulnerability affects an unknown function of the file /assets/something/services/AppModule.class. Upgrading to version 5.6.2 or 5.7.1...
Auteur: VulDB

PHPGurukul Beauty Parlour Management System 1.0 add-services.php sername sql injection

A vulnerability, which was classified as critical, was found in PHPGurukul Beauty Parlour Management System 1.0. This affects some unknown processing of the file add-services.php. There is no information about possible countermeasures known. It...
Auteur: VulDB

PHPGurukul Beauty Parlour Management Syste 1.0 add-services.php sername cross site scripting

A vulnerability, which was classified as problematic, has been found in PHPGurukul Beauty Parlour Management Syste 1.0. Affected by this issue is an unknown code block of the file add-services.php. There is no information about possible...
Auteur: VulDB

CASAP Automated Enrollment System 1.0 Students ROUTE cross site scripting

A vulnerability classified as problematic was found in CASAP Automated Enrollment System 1.0 (Automation Software). Affected by this vulnerability is an unknown code of the component Students Handler. There is no information about possible...
Auteur: VulDB

McAfee Data Loss Prevention prior 11.6.100 on Windows hdlphook Driver privileges management

A vulnerability classified as critical has been found in McAfee Data Loss Prevention on Windows (Data Loss Prevention Software). Affected is an unknown part of the component hdlphook Driver. Upgrading to version 11.6.100 eliminates this...
Auteur: VulDB

McAfee Data Loss Prevention prior 11.6.100 on Windows hdlphook Driver denial of service

A vulnerability was found in McAfee Data Loss Prevention on Windows (Data Loss Prevention Software). It has been rated as problematic. This issue affects some unknown functionality of the component hdlphook Driver. Upgrading to version 11.6.100...
Auteur: VulDB

McAfee Content Security Reporter up to 2.7.x ePO Extension cleartext transmission

A vulnerability was found in McAfee Content Security Reporter up to 2.7.x (Reporting Software). It has been declared as problematic. This vulnerability affects an unknown functionality of the component ePO Extension. Upgrading to version 2.8.0...
Auteur: VulDB

Google Android pb_encode.c pb_write out-of-bounds write

A vulnerability was found in Google Android (Smartphone Operating System) (the affected version unknown). It has been classified as critical. This affects the function pb_write of the file pb_encode.c. Applying a patch is able to eliminate this...
Auteur: VulDB

McAfee Endpoint Security/Global Threat Intelligence up to 10.7.0 on Windows DNS cleartext transmission

A vulnerability was found in McAfee Endpoint Security and Global Threat Intelligence up to 10.7.0 on Windows and classified as problematic. Affected by this issue is some unknown processing of the component DNS Handler. Upgrading to version...
Auteur: VulDB

McAfee Advanced Threat Defense up to 4.12.1 HTTP Request Parameter information disclosure

A vulnerability has been found in McAfee Advanced Threat Defense up to 4.12.1 and classified as problematic. Affected by this vulnerability is an unknown code block of the component HTTP Request Parameter Handler. Upgrading to version 4.12.2...
Auteur: VulDB
First234567891011Last

Événements SSI