Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Deark up to 1.5.7 src/deark-dbuf.c dbuf_write null pointer dereference

A vulnerability classified as problematic was found in Deark up to 1.5.7. Affected by this vulnerability is the function dbuf_write of the file src/deark-dbuf.c. Upgrading to version 1.5.8 eliminates this vulnerability. Applying a patch is able...
Auteur: VulDB

TIBCO Messaging Eclipse Mosquitto Distribution up to 1.3.0 on Windows Installation access control

A vulnerability classified as critical has been found in TIBCO Messaging Eclipse Mosquitto Distribution up to 1.3.0 on Windows. Affected is some unknown processing of the component Installation. Upgrading eliminates this vulnerability.
Auteur: VulDB

TIBCO Messaging Eclipse Mosquitto Distribution up to 1.3.0 on Windows Installation access control

A vulnerability was found in TIBCO Messaging Eclipse Mosquitto Distribution up to 1.3.0 on Windows. It has been rated as critical. This issue affects an unknown code block of the component Installation. Upgrading eliminates this vulnerability.
Auteur: VulDB

YubiHSM yubihsm-connector up to 3.0.0 Endpoint /api/connector infinite loop

A vulnerability was found in YubiHSM yubihsm-connector up to 3.0.0. It has been declared as problematic. This vulnerability affects an unknown code of the file /api/connector of the component Endpoint. Upgrading to version 3.0.1 eliminates this...
Auteur: VulDB

Devolutions Server/Server LTS delete sql injection

A vulnerability was found in Devolutions Server and Server LTS (the affected version unknown). It has been classified as critical. This affects an unknown part of the file api/security/userinfo/delete. Upgrading eliminates this vulnerability.
Auteur: VulDB

Group Office 6.4.196 URL Parameter group/api/upload.php url server-side request forgery

A vulnerability was found in Group Office 6.4.196 and classified as critical. Affected by this issue is some unknown functionality of the file group/api/upload.php of the component URL Parameter Handler. There is no information about possible...
Auteur: VulDB

Devolutions Server/Server LTS HTML Page unknown vulnerability

A vulnerability has been found in Devolutions Server and Server LTS (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown functionality of the component HTML Page Handler. Upgrading eliminates this...
Auteur: VulDB

TOTOLINK X5000R/A720R HTTP Request ip os command injection

A vulnerability, which was classified as critical, was found in TOTOLINK X5000R and A720R (version unknown). Affected is an unknown function of the component HTTP Request Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

TOTOLINK X5000R/A720R HTTP Request command os command injection

A vulnerability, which was classified as critical, has been found in TOTOLINK X5000R and A720R (unknown version). This issue affects some unknown processing of the component HTTP Request Handler. There is no information about possible...
Auteur: VulDB

Parallels Desktop 16.0.1-48919 Toolgate out-of-bounds read

A vulnerability classified as problematic was found in Parallels Desktop 16.0.1-48919. This vulnerability affects an unknown code block of the component Toolgate. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Parallels Desktop 16.0.1-48919 Toolgate integer overflow

A vulnerability classified as critical has been found in Parallels Desktop 16.0.1-48919. This affects an unknown code of the component Toolgate. Upgrading to version 16.0.1-4891 eliminates this vulnerability.
Auteur: VulDB

SolarWinds Orion Platform 2020.2 SaveUserSetting Endpoint access control

A vulnerability was found in SolarWinds Orion Platform 2020.2. It has been rated as critical. Affected by this issue is an unknown part of the component SaveUserSetting Endpoint. There is no information about possible countermeasures known. It...
Auteur: VulDB

Netgear Nighthawk R7800 apply_bind.cgi rc_service heap-based overflow

A vulnerability was found in Netgear Nighthawk R7800 (affected version unknown). It has been declared as critical. Affected by this vulnerability is some unknown functionality of the file apply_bind.cgi. Upgrading eliminates this vulnerability.
Auteur: VulDB

Netgear R7800 1.0.2.76 DHCP os command injection

A vulnerability was found in Netgear R7800 1.0.2.76 (Wireless LAN Software). It has been classified as critical. Affected is an unknown functionality of the component DHCP Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

Netgear Nighthawk R7800 Update cleartext transmission [CVE-2021-27251]

A vulnerability was found in Netgear Nighthawk R7800 (unknown version) and classified as critical. This issue affects an unknown function of the component Update Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

D-Link DAP-2020 1.01rc001 CGI Script errorpage file inclusion

A vulnerability has been found in D-Link DAP-2020 1.01rc001 and classified as problematic. This vulnerability affects some unknown processing of the component CGI Script Handler. Upgrading to version 1.01rc00 eliminates this vulnerability.
Auteur: VulDB

D-Link DAP-2020 1.01rc001 CGI Script os command injection

A vulnerability, which was classified as critical, was found in D-Link DAP-2020 1.01rc001. This affects an unknown code block of the component CGI Script Handler. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

D-Link DAP-2020 1.01rc001 CGI Script getpage stack-based overflow

A vulnerability, which was classified as critical, has been found in D-Link DAP-2020 1.01rc001. Affected by this issue is an unknown code of the component CGI Script Handler.
Auteur: VulDB

Tencent WeChat Desktop 2.9.5 out-of-bounds read [CVE-2021-27247]

A vulnerability classified as problematic was found in Tencent WeChat Desktop 2.9.5 (Chat Software). Affected by this vulnerability is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

TP-LINK Archer A7 AC1750 1.0.15 tdpServer Endpoint stack-based overflow

A vulnerability classified as critical has been found in TP-LINK Archer A7 AC1750 1.0.15. Affected is some unknown functionality of the component tdpServer Endpoint. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Alt-N MDaemon up to 20.0.3 Remote Privilege Escalation [CVE-2021-27183]

A vulnerability was found in Alt-N MDaemon up to 20.0.3 (Mail Server Software). It has been rated as critical. Upgrading to version 20.0.4 eliminates this vulnerability. The upgrade is hosted for download at altn.com.
Auteur: VulDB

Alt-N MDaemon up to 20.0.3 Worldclient injection

A vulnerability was found in Alt-N MDaemon up to 20.0.3 (Mail Server Software). It has been declared as critical. This vulnerability affects an unknown function of the component Worldclient. Upgrading to version 20.0.4 eliminates this...
Auteur: VulDB

Alt-N MDaemon up to 20.0.3 cross-site request forgery [CVE-2021-27181]

A vulnerability was found in Alt-N MDaemon up to 20.0.3 (Mail Server Software). It has been classified as problematic. This affects some unknown processing. Upgrading to version 20.0.4 eliminates this vulnerability. The upgrade is hosted for...
Auteur: VulDB

Alt-N MDaemon up to 20.0.3 Worldclient cross site scripting

A vulnerability was found in Alt-N MDaemon up to 20.0.3 (Mail Server Software) and classified as problematic. Affected by this issue is an unknown code block of the component Worldclient. Upgrading to version 20.0.4 eliminates this vulnerability....
Auteur: VulDB

Atlassian JIRA Server/Data Center up to 8.5.11/8.13.3 Cookie missing secure attribute

A vulnerability has been found in Atlassian JIRA Server and Data Center up to 8.5.11/8.13.3 (Bug Tracking Software) and classified as problematic. Affected by this vulnerability is an unknown code of the component Cookie Handler. Upgrading to...
Auteur: VulDB
First3456789101112Last

Événements SSI