vendredi 10 juillet 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Adobe Acrobat Reader up to 2019.012.20035 Type Confusion memory corruption

A vulnerability classified as critical was found in Adobe Acrobat Reader up to 2019.012.20035. This vulnerability affects an unknown code. Upgrading to version 2015.006.30499, 2017.011.30144 or 2019.012.20036 eliminates this vulnerability.
Auteur: VulDB

Adobe Acrobat Reader up to 2019.012.20035 Type Confusion memory corruption

A vulnerability classified as critical has been found in Adobe Acrobat Reader up to 2019.012.20035. This affects an unknown part. Upgrading to version 2015.006.30499, 2017.011.30144 or 2019.012.20036 eliminates this vulnerability.
Auteur: VulDB

Adobe Acrobat Reader up to 2019.012.20035 Type Confusion memory corruption

A vulnerability was found in Adobe Acrobat Reader up to 2019.012.20035. It has been rated as critical. Affected by this issue is some unknown functionality. Upgrading to version 2015.006.30499, 2017.011.30144 or 2019.012.20036 eliminates this...
Auteur: VulDB

Adobe Acrobat Reader up to 2019.012.20035 Heap-based memory corruption

A vulnerability was found in Adobe Acrobat Reader up to 2019.012.20035. It has been declared as critical. Affected by this vulnerability is an unknown functionality. Upgrading to version 2015.006.30499, 2017.011.30144 or 2019.012.20036 eliminates...
Auteur: VulDB

Hibernate ORM up to 5.3.17/5.4.17 JPA Criteria API sql injection

A vulnerability was found in Hibernate ORM up to 5.3.17/5.4.17. It has been classified as critical. Affected is an unknown function of the component JPA Criteria API. Upgrading to version 5.3.18, 5.4.18 or 5.5.0.Beta1 eliminates this...
Auteur: VulDB

Solarwinds Serv-U FTP Server up to 15.2.0 Argument Path unknown vulnerability

A vulnerability was found in Solarwinds Serv-U FTP Server up to 15.2.0 and classified as problematic. This issue affects some unknown processing of the component Argument Path Handler. Upgrading to version 15.2.1 eliminates this vulnerability.
Auteur: VulDB

Solarwinds Serv-U FTP Server up to 15.2.0 CHMOD Command unknown vulnerability

A vulnerability has been found in Solarwinds Serv-U FTP Server up to 15.2.0 and classified as problematic. This vulnerability affects an unknown code block of the component CHMOD Command Handler. Upgrading to version 15.2.1 eliminates this...
Auteur: VulDB

Solarwinds Serv-U FTP Server up to 15.2.0 Command privilege escalation

A vulnerability, which was classified as critical, was found in Solarwinds Serv-U FTP Server up to 15.2.0. This affects an unknown code. Upgrading to version 15.2.1 eliminates this vulnerability.
Auteur: VulDB

We-com OpenData CMS 2.0 Administrator Login Page username sql injection

A vulnerability, which was classified as critical, has been found in We-com OpenData CMS 2.0. Affected by this issue is an unknown part of the component Administrator Login Page. There is no information about possible countermeasures known. It...
Auteur: VulDB

We-com Municipality Portal CMS 2.1.x cerca/ keywords sql injection

A vulnerability classified as critical was found in We-com Municipality Portal CMS 2.1.x. Affected by this vulnerability is some unknown functionality of the file cerca/. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

We-com Municipality Portal CMS 2.1.x Search Bar cerca/ cross site scripting

A vulnerability classified as problematic has been found in We-com Municipality Portal CMS 2.1.x. Affected is an unknown functionality of the file cerca/ of the component Search Bar. There is no information about possible countermeasures known....
Auteur: VulDB

Vanguard Plugin 2.1 on WordPress Search Box mails/new cross site scripting

A vulnerability was found in Vanguard Plugin 2.1 on WordPress (WordPress Plugin). It has been rated as problematic. This issue affects an unknown function of the component Search Box. There is no information about possible countermeasures known....
Auteur: VulDB

Bestsoft Hotel Booking System Pro Plugin up to 1.1 on WordPress Persistent cross site scripting

A vulnerability was found in Bestsoft Hotel Booking System Pro Plugin up to 1.1 on WordPress (Hospitality Software). It has been declared as problematic. This vulnerability affects some unknown processing. There is no information about possible...
Auteur: VulDB

Bestsoft Car Rental System Plugin up to 1.3 on WordPress Persistent cross site scripting

A vulnerability was found in Bestsoft Car Rental System Plugin up to 1.3 on WordPress (WordPress Plugin). It has been classified as problematic. This affects an unknown code block. There is no information about possible countermeasures known. It...
Auteur: VulDB

Valve Steam Client 2.10.91.91 Permission privilege escalation

A vulnerability was found in Valve Steam Client 2.10.91.91 and classified as critical. Affected by this issue is an unknown code of the file %PROGRAMFILES(X86)%\Steam of the component Permission. There is no information about possible...
Auteur: VulDB

GOG Galaxy 2.0.17 File Permission privilege escalation

A vulnerability has been found in GOG Galaxy 2.0.17 and classified as critical. Affected by this vulnerability is an unknown part of the component File Permission. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

GOG Galaxy 2.0.17 File Permission privilege escalation

A vulnerability, which was classified as critical, was found in GOG Galaxy 2.0.17. Affected is some unknown functionality of the component File Permission. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Python up to 3.6.10/3.7.8/3.8.4rc1/3.9.0b4 on Windows python3.dll Search Path privilege escalation

A vulnerability, which was classified as critical, has been found in Python up to 3.6.10/3.7.8/3.8.4rc1/3.9.0b4 on Windows. This issue affects an unknown functionality in the library python3.dll. There is no information about possible...
Auteur: VulDB

Wireshark 3.2.0/3.2.1/3.2.2/3.2.3/3.2.4 GVCP Dissector packet-gvcp.c denial of service

A vulnerability classified as problematic was found in Wireshark 3.2.0/3.2.1/3.2.2/3.2.3/3.2.4. This vulnerability affects an unknown function of the file epan/dissectors/packet-gvcp.c of the component GVCP Dissector. There is no information...
Auteur: VulDB

CERTFR-2020-ALE-015 : Vulnérabilité dans F5 BIG-IP (05 juillet 2020)

Le 1er juillet 2020, F5 Networks a publié un avis de sécurité [1] concernant la vulnérabilité CVE-2020-5902. Cette vulnérabilité permet à un attaquant non authentifié (ou un utilisateur authentifié) ayant un accès réseau à l'interface...
Auteur: Cert FR

F5 Critical Vulnerability (CERT-EU Security Advisory 2020-031)

A new vulnerability has been discovered in the configuration interface of the BIG-IP application delivery controller (ADC) used by some of the world's biggest companies. Attackers can run commands as an unauthorized user and completely compromise...
Auteur: Cert EU

McAfee Network Security Management up to 10.1.7 Command Line Interface information disclosure

A vulnerability classified as problematic has been found in McAfee Network Security Management up to 10.1.7. This affects some unknown processing of the component Command Line Interface. Upgrading to version 10.1.7.7 eliminates this vulnerability.
Auteur: VulDB

McAfee Total Protection up to 16.0.R25 Symbolic Link privilege escalation

A vulnerability was found in McAfee Total Protection up to 16.0.R25. It has been rated as critical. Affected by this issue is an unknown code block of the component Symbolic Link Handler. Upgrading to version 16.0.R26 eliminates this...
Auteur: VulDB

McAfee Total Protection up to 16.0.R25 Symbolic Link privilege escalation

A vulnerability was found in McAfee Total Protection up to 16.0.R25. It has been declared as critical. Affected by this vulnerability is an unknown code of the component Symbolic Link Handler. Upgrading to version 16.0.R26 eliminates this...
Auteur: VulDB

McAfee Total Protection up to 16.0.R25 Symbolic Link privilege escalation

A vulnerability was found in McAfee Total Protection up to 16.0.R25. It has been classified as critical. Affected is an unknown part of the component Symbolic Link Handler. Upgrading to version 16.0.R26 eliminates this vulnerability.
Auteur: VulDB
First3456789101112Last

Événements SSI