Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

PulseAudio up to 3.13 on Ubuntu Bluez module-bluez5-device.c double free

A vulnerability classified as critical has been found in PulseAudio up to 3.13 on Ubuntu. Affected is some unknown processing of the file src/modules/bluetooth/module-bluez5-device.c of the component Bluez. Upgrading to version 3.14 eliminates...
Auteur: VulDB

InfluxDB up to 1.7.5 JWT Token handler.go improper authentication

A vulnerability was found in InfluxDB up to 1.7.5. It has been rated as critical. This issue affects an unknown code block of the file services/httpd/handler.go of the component JWT Token Handler. Upgrading to version 1.7.6 eliminates this...
Auteur: VulDB

Cisco DNA Spaces Connector Web-based Management Interface os command injection

A vulnerability was found in Cisco DNA Spaces Connector (the affected version is unknown). It has been declared as critical. This vulnerability affects an unknown code of the component Web-based Management Interface. Upgrading eliminates this...
Auteur: VulDB

Cisco IoT Field Network Director REST API missing authentication

A vulnerability was found in Cisco IoT Field Network Director (the affected version unknown). It has been classified as critical. This affects an unknown part of the component REST API. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco Expressway Software TURN Server access control [CVE-2020-3482]

A vulnerability was found in Cisco Expressway Software (affected version not known) and classified as critical. Affected by this issue is some unknown functionality of the component TURN Server. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco Webex Meetings/WebEx Meetings Server Connection input validation

A vulnerability has been found in Cisco Webex Meetings and WebEx Meetings Server (Unified Communication Software) (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown functionality of the component...
Auteur: VulDB

Cisco Integrated Management Controller API Subsystem memory corruption

A vulnerability, which was classified as very critical, was found in Cisco Integrated Management Controller (version unknown). Affected is an unknown function of the component API Subsystem. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco Webex Meetings/WebEx Meetings Server Meeting Room Lobby information disclosure

A vulnerability, which was classified as problematic, has been found in Cisco Webex Meetings and WebEx Meetings Server (Unified Communication Software) (unknown version). This issue affects some unknown processing of the component Meeting Room...
Auteur: VulDB

Cisco Webex Meetings/WebEx Meetings Server Authentication Token dynamically-managed code resources

A vulnerability classified as critical was found in Cisco Webex Meetings and WebEx Meetings Server (Unified Communication Software) (the affected version is unknown). This vulnerability affects an unknown code block of the component...
Auteur: VulDB

Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 HTTP Message ModifyVLANItem os command injection

A vulnerability classified as critical has been found in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 (Anti-Malware Software). This affects the function ModifyVLANItem of the component HTTP Message Handler. There is no information...
Auteur: VulDB

Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 HTTP Message AddVLANItem os command injection

A vulnerability was found in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 (Anti-Malware Software). It has been rated as critical. Affected by this issue is the function AddVLANItem of the component HTTP Message Handler. There is...
Auteur: VulDB

Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 HTTP Message Remote Privilege Escalation

A vulnerability was found in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 (Anti-Malware Software). It has been declared as critical. Affected by this vulnerability is some unknown functionality of the component HTTP Message...
Auteur: VulDB

Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 HTTP Message Remote Code Execution

A vulnerability was found in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 (Anti-Malware Software). It has been classified as critical. Affected is an unknown functionality of the component HTTP Message Handler. There is no...
Auteur: VulDB

Trend Micro Worry-Free Business Security 10 SP1 Management Console path traversal

A vulnerability was found in Trend Micro Worry-Free Business Security 10 SP1 and classified as critical. This issue affects an unknown function of the component Management Console Handler. There is no information about possible countermeasures...
Auteur: VulDB

Trend Micro Apex One Product Installer access control [CVE-2020-28572]

A vulnerability has been found in Trend Micro Apex One (the affected version is unknown) and classified as critical. This vulnerability affects some unknown processing of the component Product Installer. There is no information about possible...
Auteur: VulDB

Trend Micro Security 2020 Installation symlink [CVE-2020-27697]

A vulnerability, which was classified as critical, was found in Trend Micro Security 2020 (the affected version unknown). This affects an unknown code block of the component Installation Handler. There is no information about possible...
Auteur: VulDB

Trend Micro Security 2020 Installation untrusted search path

A vulnerability, which was classified as critical, has been found in Trend Micro Security 2020 (affected version not known). Affected by this issue is an unknown code of the component Installation Handler. There is no information about possible...
Auteur: VulDB

Trend Micro Security 2020 Installation untrusted search path

A vulnerability classified as problematic was found in Trend Micro Security 2020 (affected version unknown). Affected by this vulnerability is an unknown part of the component Installation Handler. There is no information about possible...
Auteur: VulDB

semantic-release up to 17.2.2 on npm URL escape output

A vulnerability classified as critical has been found in semantic-release up to 17.2.2 on npm. Affected is some unknown functionality of the component URL Handler. Upgrading to version 17.2.3 eliminates this vulnerability. Applying a patch is...
Auteur: VulDB

Jupyter Notebook up to 6.1.4 Link redirect

A vulnerability was found in Jupyter Notebook up to 6.1.4. It has been rated as problematic. This issue affects an unknown functionality of the component Link Handler. Upgrading to version 6.1.5 eliminates this vulnerability. Applying a patch is...
Auteur: VulDB

grocy 2.7.1 Add Recipe Module cross site scripting

A vulnerability was found in grocy 2.7.1. It has been declared as problematic. This vulnerability affects an unknown function of the component Add Recipe Module. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Beijing Liangjing Zhicheng ljcmsshop 1.14 user.php cross site scripting

A vulnerability was found in Beijing Liangjing Zhicheng ljcmsshop 1.14. It has been classified as problematic. This affects some unknown processing of the file user.php. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

SuiteCRM up to 7.11.13 Accounts/Contacts/Opportunities/Leads csv injection

A vulnerability was found in SuiteCRM up to 7.11.13 and classified as critical. Affected by this issue is an unknown code block of the component Accounts/Contacts/Opportunities/Leads. There is no information about possible countermeasures known....
Auteur: VulDB

SuiteCRM up to 7.11.13 Documents Module redirect

A vulnerability has been found in SuiteCRM up to 7.11.13 and classified as critical. Affected by this vulnerability is an unknown code of the component Documents Module. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

SuiteCRM 7.11.13 Documents Preview cross site scripting

A vulnerability, which was classified as problematic, was found in SuiteCRM 7.11.13. Affected is an unknown part of the component Documents Preview. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB
First3456789101112Last

Événements SSI