Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

OpenSLP Service Port 427 heap-based overflow [CVE-2021-21974]

A vulnerability classified as critical has been found in OpenSLP (the affected version unknown). This affects some unknown processing of the component Service Port 427. Upgrading eliminates this vulnerability.
Auteur: VulDB

VMware vCenter Server/Cloud Foundation vSphere Client server-side request forgery

A vulnerability was found in VMware vCenter Server and Cloud Foundation (Server Management Software) (affected version not known). It has been rated as critical. Affected by this issue is an unknown code block of the component vSphere Client....
Auteur: VulDB

VMware vCenter Server/Cloud Foundation vSphere Client Remote Privilege Escalation

A vulnerability was found in VMware vCenter Server and Cloud Foundation (Server Management Software) (affected version unknown). It has been declared as critical. Affected by this vulnerability is an unknown code of the component vSphere Client....
Auteur: VulDB

Artifact Repository Parameter Plugin up to 1.0.0 on Jenkins cross site scripting

A vulnerability was found in Artifact Repository Parameter Plugin up to 1.0.0 on Jenkins (Jenkins Plugin). It has been classified as problematic. Affected is an unknown part. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Jenkins Support Core Plugin up to 2.72 insertion of sensitive information into sent data

A vulnerability was found in Jenkins Support Core Plugin up to 2.72 (Continuous Integration Software) and classified as problematic. This issue affects some unknown functionality. There is no information about possible countermeasures known. It...
Auteur: VulDB

Claim Plugin up to 2.18.1 on Jenkins cross-site request forgery

A vulnerability has been found in Claim Plugin up to 2.18.1 on Jenkins (Jenkins Plugin) and classified as problematic. This vulnerability affects an unknown functionality. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Claim Plugin up to 2.18.1 on Jenkins Display Name cross site scripting

A vulnerability, which was classified as problematic, was found in Claim Plugin up to 2.18.1 on Jenkins (Jenkins Plugin). This affects an unknown function of the component Display Name Handler. There is no information about possible...
Auteur: VulDB

Repository Connector Plugin up to 2.0.2 on Jenkins Permission cross site scripting

A vulnerability, which was classified as problematic, has been found in Repository Connector Plugin up to 2.0.2 on Jenkins (Jenkins Plugin). Affected by this issue is some unknown processing of the component Permission Handler. There is no...
Auteur: VulDB

Configuration Slicing Plugin up to 1.51 on Jenkins cross-site request forgery

A vulnerability classified as problematic was found in Configuration Slicing Plugin up to 1.51 on Jenkins (Jenkins Plugin). Affected by this vulnerability is an unknown code block of the component Configuration Handler. There is no information...
Auteur: VulDB

Active Choices Plugin up to 2.5.2 on Jenkins cross site scripting

A vulnerability classified as problematic has been found in Active Choices Plugin up to 2.5.2 on Jenkins (Jenkins Plugin). Affected is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Helpcom up to 9.x hard-coded key [CVE-2020-7846]

A vulnerability was found in Helpcom up to 9.x. It has been rated as problematic. This issue affects an unknown part. Upgrading to version 10.0 eliminates this vulnerability.
Auteur: VulDB

Voiceye WSActiveBridgeES prior 2.1.0.3 checking stack-based overflow

A vulnerability was found in Voiceye WSActiveBridgeES. It has been declared as critical. This vulnerability affects some unknown functionality. Upgrading to version 2.1.0.3 eliminates this vulnerability.
Auteur: VulDB

IBM MQ 9.1 CD AMQP/9.1 LTS/9.2 LTS Message denial of service

A vulnerability was found in IBM MQ 9.1 LTS/9.1 CD AMQP/9.2 LTS. It has been classified as problematic. This affects an unknown functionality of the component Message Handler. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Openscad 2020.12-RC2 STL File import_stl.cc import_stl stack-based overflow

A vulnerability was found in Openscad 2020.12-RC2 and classified as critical. Affected by this issue is the function import_stl of the file import_stl.cc of the component STL File Handler. There is no information about possible countermeasures...
Auteur: VulDB

Eclipse Theia up to 1.2.0 Markdown cross site scripting

A vulnerability has been found in Eclipse Theia up to 1.2.0 and classified as problematic. Affected by this vulnerability is some unknown processing of the component Markdown Handler. There is no information about possible countermeasures known....
Auteur: VulDB

CoolKit eWeLink on Android/iOS Quick Pairing Mode inadequate encryption

A vulnerability, which was classified as problematic, was found in CoolKit eWeLink on Android/iOS (version unknown). Affected is an unknown code block of the component Quick Pairing Mode. There is no information about possible countermeasures...
Auteur: VulDB

Apache XmlGraphics Commons 2.4 XMPParser server-side request forgery

A vulnerability, which was classified as critical, has been found in Apache XmlGraphics Commons 2.4. This issue affects an unknown code of the component XMPParser. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Apache Batik 1.13 NodePickerPanel server-side request forgery

A vulnerability classified as critical was found in Apache Batik 1.13. This vulnerability affects an unknown part of the component NodePickerPanel. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Contec SolarView Compact SV-CPT-MC310 up to 6.4 improper authentication

A vulnerability classified as critical has been found in Contec SolarView Compact SV-CPT-MC310 up to 6.4. This affects some unknown functionality. Upgrading to version 6.5 eliminates this vulnerability.
Auteur: VulDB

Contec SolarView Compact SV-CPT-MC310 up to 6.4 pathname traversal

A vulnerability was found in Contec SolarView Compact SV-CPT-MC310 up to 6.4. It has been rated as critical. Affected by this issue is an unknown functionality. Upgrading to version 6.5 eliminates this vulnerability.
Auteur: VulDB

Contec SolarView Compact SV-CPT-MC310 up to 6.4 cross site scripting

A vulnerability was found in Contec SolarView Compact SV-CPT-MC310 up to 6.4. It has been declared as problematic. Affected by this vulnerability is an unknown function. Upgrading to version 6.5 eliminates this vulnerability.
Auteur: VulDB

Contec SolarView Compact SV-CPT-MC310 up to 6.4 PHP Script unrestricted upload

A vulnerability was found in Contec SolarView Compact SV-CPT-MC310 up to 6.4. It has been classified as critical. Affected is some unknown processing of the component PHP Script Handler. Upgrading to version 6.5 eliminates this vulnerability.
Auteur: VulDB

Contec SolarView Compact SV-CPT-MC310 up to 6.4 Web Server os command injection

A vulnerability was found in Contec SolarView Compact SV-CPT-MC310 up to 6.4 and classified as critical. This issue affects an unknown code block of the component Web Server. Upgrading to version 6.5 eliminates this vulnerability.
Auteur: VulDB

Contec SolarView Compact SV-CPT-MC310 up to 6.4 access control

A vulnerability has been found in Contec SolarView Compact SV-CPT-MC310 up to 6.4 and classified as critical. This vulnerability affects an unknown code. Upgrading to version 6.5 eliminates this vulnerability.
Auteur: VulDB

Contec SolarView Compact SV-CPT-MC310 up to 6.4 information disclosure

A vulnerability, which was classified as problematic, was found in Contec SolarView Compact SV-CPT-MC310 up to 6.4. This affects an unknown part. Upgrading to version 6.5 eliminates this vulnerability.
Auteur: VulDB
First234567891011Last

Événements SSI