Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

CERTFR-2021-AVI-360 : Multiples vulnérabilités dans Adobe Acrobat et Acrobat Reader (12 mai 2021)

De multiples vulnérabilités ont été découvertes dans Adobe Acrobat et Acrobat Reader. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la confidentialité des données et une élévation de privilèges.

Auteur: Cert FR

CERTFR-2021-AVI-359 : Multiples vulnérabilités dans F5 BIG-IQ (12 mai 2021)

De multiples vulnérabilités ont été découvertes dans F5 BIG-IQ. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.

Auteur: Cert FR

S3 Publisher Plugin up to 0.11.6 on Jenkins Artifact Upload authorization

A vulnerability was found in S3 Publisher Plugin up to 0.11.6 on Jenkins (Jenkins Plugin). It has been classified as problematic. This affects some unknown functionality of the component Artifact Upload Handler. There is no information about...
Auteur: VulDB

JetBrains TeamCity up to 2020.2.1 Tests Page cross site scripting

A vulnerability was found in JetBrains TeamCity up to 2020.2.1 and classified as problematic. Affected by this issue is an unknown functionality of the component Tests Page. Upgrading to version 2020.2.2 eliminates this vulnerability.
Auteur: VulDB

JetBrains TeamCity up to 2020.2.2 cross site scripting [CVE-2021-31911]

A vulnerability has been found in JetBrains TeamCity up to 2020.2.2 and classified as problematic. Affected by this vulnerability is an unknown function. Upgrading to version 2020.2.3 eliminates this vulnerability.
Auteur: VulDB

JetBrains TeamCity up to 2020.2.2 cross site scripting [CVE-2021-31908]

A vulnerability, which was classified as problematic, was found in JetBrains TeamCity up to 2020.2.2. Affected is some unknown processing. Upgrading to version 2020.2.3 eliminates this vulnerability.
Auteur: VulDB

JetBrains TeamCity up to 2020.2.1 Plugin permission

A vulnerability, which was classified as critical, has been found in JetBrains TeamCity up to 2020.2.1. This issue affects an unknown code block of the component Plugin Handler. Upgrading to version 2020.2.2 eliminates this vulnerability.
Auteur: VulDB

JetBrains TeamCity up to 2020.2.1 Test History Page cross site scripting

A vulnerability classified as problematic was found in JetBrains TeamCity up to 2020.2.1. This vulnerability affects an unknown code of the component Test History Page. Upgrading to version 2020.2.2 eliminates this vulnerability.
Auteur: VulDB

JetBrains YouTrack prior 2021.1.9819 Pull Request title cross site scripting

A vulnerability classified as problematic has been found in JetBrains YouTrack. This affects an unknown part of the component Pull Request Handler. Upgrading to version 2021.1.9819 eliminates this vulnerability.
Auteur: VulDB

JetBrains YouTrack prior 2020.6.6441 Issue Attachment cross site scripting

A vulnerability was found in JetBrains YouTrack. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Issue Attachment Handler. Upgrading to version 2020.6.6441 eliminates this vulnerability.
Auteur: VulDB

JetBrains TeamCity Plugin prior 2020.2.2.85899 on IntelliJ denial of service

A vulnerability was found in JetBrains TeamCity Plugin on IntelliJ. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. Upgrading to version 2020.2.2.85899 eliminates this vulnerability.
Auteur: VulDB

WEP/WPA/WPA2/WPA3 Fragment injection [CVE-2020-24586]

A vulnerability was found in WEP, WPA, WPA2 and WPA3 (version unknown). It has been classified as critical. Affected is an unknown function of the component Fragment Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ForestBlog cross-site request forgery [CVE-2020-18964]

A vulnerability was found in ForestBlog (unknown version) and classified as problematic. This issue affects some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

OctoPrint up to 1.5.x Logging Subsystem access control

A vulnerability has been found in OctoPrint up to 1.5.x and classified as critical. This vulnerability affects an unknown code block of the component Logging Subsystem. Upgrading to version 1.6.0 eliminates this vulnerability. The upgrade is...
Auteur: VulDB

JetBrains TeamCity up to 2020.2.2 GitHub SSO Token redirect_uri unknown vulnerability

A vulnerability, which was classified as problematic, was found in JetBrains TeamCity up to 2020.2.2. This affects the function redirect_uri of the component GitHub SSO Token Handler. Upgrading to version 2020.2.3 eliminates this vulnerability.
Auteur: VulDB

JetBrains TeamCity up to 2020.2.2 password recovery [CVE-2021-31912]

A vulnerability, which was classified as critical, has been found in JetBrains TeamCity up to 2020.2.2. Affected by this issue is an unknown part. Upgrading to version 2020.2.3 eliminates this vulnerability.
Auteur: VulDB

JetBrains TeamCity up to 2020.2.1 File Upload unknown vulnerability

A vulnerability classified as problematic was found in JetBrains TeamCity up to 2020.2.1. Affected by this vulnerability is some unknown functionality of the component File Upload Handler. Upgrading to version 2020.2.2 eliminates this...
Auteur: VulDB

JetBrains YouTrack prior 2020.6.6600 Export access control

A vulnerability classified as critical has been found in JetBrains YouTrack. Affected is an unknown functionality of the component Export Handler. Upgrading to version 2020.6.6600 eliminates this vulnerability.
Auteur: VulDB

JetBrains Hub prior 2021.1.13079 Two-factor Authentication improper authentication

A vulnerability was found in JetBrains Hub. It has been rated as problematic. This issue affects an unknown function of the component Two-factor Authentication Handler. Upgrading to version 2021.1.13079 eliminates this vulnerability.
Auteur: VulDB

JetBrains Code With Me prior 2021.1 Browser unknown vulnerability

A vulnerability was found in JetBrains Code With Me. It has been declared as problematic. This vulnerability affects some unknown processing of the component Browser Handler. Upgrading to version 2021.1 eliminates this vulnerability.
Auteur: VulDB

JetBrains Code With Me prior 2021.1 unknown vulnerability [CVE-2021-31899]

A vulnerability was found in JetBrains Code With Me. It has been classified as problematic. Upgrading to version 2021.1 eliminates this vulnerability.
Auteur: VulDB

JetBrains WebStorm prior 2021.1 HTTPS cleartext transmission

A vulnerability was found in JetBrains WebStorm and classified as problematic. Affected by this issue is an unknown code of the component HTTPS Handler. Upgrading to version 2021.1 eliminates this vulnerability.
Auteur: VulDB

JetBrains TeamCity Plugin prior 2020.2.2.85899 on IntelliJ Temporary Files temp file

A vulnerability has been found in JetBrains TeamCity Plugin on IntelliJ and classified as problematic. Affected by this vulnerability is an unknown part of the component Temporary Files Handler. Upgrading to version 2020.2.2.85899 eliminates this...
Auteur: VulDB

OpenClinic GA 5.173.3 listImmoLabels.jsp immoComment sql injection

A vulnerability, which was classified as critical, was found in OpenClinic GA 5.173.3. Affected is some unknown functionality of the file listImmoLabels.jsp. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

OpenClinic GA 5.173.3 listImmoLabels.jsp immoBuyer sql injection

A vulnerability, which was classified as critical, has been found in OpenClinic GA 5.173.3. This issue affects an unknown functionality of the file listImmoLabels.jsp. There is no information about possible countermeasures known. It may be...
Auteur: VulDB
First234567891011Last

Événements SSI