lundi 25 mai 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Nitro Pro 13.9.1.155 XML Error PDF Document Uninitialized Memory information disclosure

A vulnerability has been found in Nitro Pro 13.9.1.155 and classified as problematic. This vulnerability affects some unknown functionality of the component XML Error Handler. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Nitro Pro 13.9.1.155 Object Parser PDF File Integer Overflow memory corruption

A vulnerability, which was classified as critical, was found in Nitro Pro 13.9.1.155. This affects an unknown functionality of the component Object Parser. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Nitro Pro 13.9.1.155 PDF Parser PDF Document Use-After-Free memory corruption

A vulnerability, which was classified as critical, has been found in Nitro Pro 13.9.1.155. Affected by this issue is an unknown function of the component PDF Parser. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Proxygen prior v2020.05.18.00 Lifetime Management Request Use-After-Free memory corruption

A vulnerability classified as critical was found in Proxygen. Affected by this vulnerability is some unknown processing of the component Lifetime Management. Upgrading to version v2020.05.18.00 eliminates this vulnerability.
Auteur: VulDB

Zoho ManageEngine Service Plus prior 11.1 Build 11112 Password information disclosure

A vulnerability classified as problematic has been found in Zoho ManageEngine Service Plus. Affected is an unknown code block. Upgrading to version 11.1 Build 11112 eliminates this vulnerability.
Auteur: VulDB

MISP prior 2.4.126 resolved_attributes.ctp cross site scripting

A vulnerability was found in MISP. It has been rated as problematic. This issue affects an unknown code of the file app/View/Events/resolved_attributes.ctp. Upgrading to version 2.4.126 eliminates this vulnerability.
Auteur: VulDB

Dragon Center 2.6.2003.2401 Privileges privilege escalation

A vulnerability was found in Dragon Center 2.6.2003.2401. It has been declared as critical. This vulnerability affects an unknown part of the component Privileges. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Open edX Ironwood 2.5 Studio CSV Injection privilege escalation

A vulnerability was found in Open edX Ironwood 2.5. It has been classified as critical. This affects some unknown functionality of the component Studio. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Open edX Ironwood 2.5 File Upload SVG File Stored cross site scripting

A vulnerability was found in Open edX Ironwood 2.5 and classified as problematic. Affected by this issue is an unknown functionality of the component File Upload. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Open edX Ironwood 2.5 Studio Code Execution

A vulnerability has been found in Open edX Ironwood 2.5 and classified as critical. Affected by this vulnerability is an unknown function of the component Studio. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Linux Kernel up to 5.6.13 configfs.c kstrdup information disclosure

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.6.13. Affected is the function kstrdup of the file drivers/usb/gadget/configfs.c. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

D-Link DSP-W215 1.26b03 Hash information disclosure

A vulnerability, which was classified as problematic, has been found in D-Link DSP-W215 1.26b03. This issue affects an unknown code block of the component Hash Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

D-Link DSP-W215 1.26b03 information disclosure [CVE-2020-13135]

A vulnerability classified as problematic was found in D-Link DSP-W215 1.26b03. This vulnerability affects an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Stashcat App up to 3.9.1 Server Log client_key/device_id information disclosure

A vulnerability classified as problematic has been found in Stashcat App up to 3.9.1. This affects an unknown part of the component Server Log. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Dolibarr up to 11.0.3 cross site scripting [CVE-2020-13094]

A vulnerability was found in Dolibarr up to 11.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality. Upgrading to version 11.0.4 eliminates this vulnerability.
Auteur: VulDB

COVIDSafe up to 1.0.17 Role information disclosure

A vulnerability was found in COVIDSafe up to 1.0.17. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Role Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

COVIDSafe up to 1.0.17 OpenTrace/BlueTrace information disclosure

A vulnerability was found in COVIDSafe up to 1.0.17. It has been classified as problematic. Affected is an unknown function of the component OpenTrace/BlueTrace. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

COVIDSafe 1.0.15/1.0.16 Advertising information disclosure

A vulnerability was found in COVIDSafe 1.0.15/1.0.16 and classified as problematic. This issue affects some unknown processing of the component Advertising Handler. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

COVIDSafe 1.0.15/1.0.16 on Android GATT information disclosure

A vulnerability has been found in COVIDSafe 1.0.15/1.0.16 on Android (Android App Software) and classified as problematic. This vulnerability affects an unknown code block of the component GATT Handler. There is no information about possible...
Auteur: VulDB

LibreOffice up to 6.3.5 Encrypted Document weak encryption

A vulnerability, which was classified as problematic, was found in LibreOffice up to 6.3.5 (Office Suite Software). This affects an unknown code of the component Encrypted Document Handler. Upgrading to version 6.3.6 eliminates this vulnerability.
Auteur: VulDB

rConfig 3.9.4 configDevice.php rid cross site scripting

A vulnerability, which was classified as problematic, has been found in rConfig 3.9.4. Affected by this issue is an unknown part of the file configDevice.php. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

rConfig 3.9.4 Session Session Fixation weak authentication

A vulnerability classified as critical was found in rConfig 3.9.4. Affected by this vulnerability is some unknown functionality of the component Session Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

rConfig 3.9.4 cross site request forgery [CVE-2020-12257]

A vulnerability classified as problematic has been found in rConfig 3.9.4. Affected is an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative...
Auteur: VulDB

rConfig 3.9.4 devicemgmnt.php deviceId cross site scripting

A vulnerability was found in rConfig 3.9.4. It has been rated as problematic. This issue affects an unknown function of the file devicemgmnt.php. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

rConfig 3.9.4 File Upload vendor.crud.php Content-Type privilege escalation

A vulnerability was found in rConfig 3.9.4. It has been declared as critical. This vulnerability affects some unknown processing of the file vendor.crud.php of the component File Upload. There is no information about possible countermeasures...
Auteur: VulDB
First3456789101112Last

Événements SSI