Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

jdownloads 3.2.63 on Joomla send.php f_marked_files_id sql injection

A vulnerability, which was classified as critical, has been found in jdownloads 3.2.63 on Joomla (Joomla Component). Affected by this issue is an unknown code of the file com_jdownloads/models/send.php. There is no information about possible...
Auteur: VulDB

Hotspot Shield VPN up to 10.3.0 on Windows Directory Permission privilege escalation

A vulnerability classified as critical was found in Hotspot Shield VPN up to 10.3.0 on Windows (Network Encryption Software). Affected by this vulnerability is an unknown part of the component Directory Permission. There is no information about...
Auteur: VulDB

Joplin Desktop up to 1.0.245 Emded Tag cross site scripting

A vulnerability classified as problematic has been found in Joplin Desktop up to 1.0.245. Affected is some unknown functionality of the component Emded Tag Handler. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Nakivo Backup & Replication Transporter 9.4.0.r43656 Access Control privilege escalation

A vulnerability was found in Nakivo Backup & Replication Transporter 9.4.0.r43656 (Backup Software). It has been rated as critical. This issue affects an unknown functionality of the component Access Control. There is no information about...
Auteur: VulDB

Nakivo Backup & Replication Director 9.4.0.r43656 on Linux Director Web Interface privilege escalation

A vulnerability was found in Nakivo Backup & Replication Director 9.4.0.r43656 on Linux (Backup Software). It has been declared as critical. This vulnerability affects an unknown function of the component Director Web Interface. There is no...
Auteur: VulDB

ActFax 7.10 Build 0335 Folder Permission TSClientB.exe privilege escalation

A vulnerability was found in ActFax 7.10 Build 0335. It has been classified as critical. This affects some unknown processing of the file TSClientB.exe of the component Folder Permission. There is no information about possible countermeasures...
Auteur: VulDB

ORY Fosite up to 0.33.x Storage Error privilege escalation

A vulnerability was found in ORY Fosite up to 0.33.x and classified as problematic. Affected by this issue is an unknown code block of the component Storage Error Handler. Upgrading to version 0.34.0 eliminates this vulnerability.
Auteur: VulDB

ORY Fosite up to 0.30.x weak authentication [CVE-2020-15222]

A vulnerability has been found in ORY Fosite up to 0.30.x and classified as critical. Affected by this vulnerability is an unknown code. Upgrading to version 0.31.0 eliminates this vulnerability.
Auteur: VulDB

PrestaShop up to 1.7.6.7 Attachments cross site scripting

A vulnerability, which was classified as problematic, was found in PrestaShop up to 1.7.6.7 (E-Commerce Management Software). Affected is an unknown part of the component Attachments. Upgrading to version 1.7.6.8 eliminates this vulnerability.
Auteur: VulDB

PrestaShop up to 1.7.6.7 Contact Form cross site scripting

A vulnerability, which was classified as problematic, has been found in PrestaShop up to 1.7.6.7 (E-Commerce Management Software). This issue affects some unknown functionality of the component Contact Form. Upgrading to version 1.7.6.8...
Auteur: VulDB

PrestaShop up to 1.7.6.7 Catalog Product Edition Page Parameter Blind sql injection

A vulnerability classified as critical was found in PrestaShop up to 1.7.6.7 (E-Commerce Management Software). This vulnerability affects an unknown functionality of the component Catalog Product Edition Page. Upgrading to version 1.7.6.8...
Auteur: VulDB

JerryScript 2.2.0 vm/opcodes.c privilege escalation

A vulnerability classified as critical has been found in JerryScript 2.2.0. This affects an unknown function of the file vm/opcodes.c. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

iSmartgate Pro 1.5.9 Clickjacking privilege escalation

A vulnerability was found in iSmartgate Pro 1.5.9. It has been rated as critical. Affected by this issue is some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

iSmartgate Pro 1.5.9 File Upload privilege escalation

A vulnerability was found in iSmartgate Pro 1.5.9. It has been declared as critical. Affected by this vulnerability is an unknown code block of the component File Upload. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

iSmartgate Pro 1.5.9 checkUserExpirationDate.php privilege escalation

A vulnerability was found in iSmartgate Pro 1.5.9. It has been classified as critical. Affected is an unknown code of the file /cron/checkUserExpirationDate.php. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

iSmartgate Pro 1.5.9 /index.php cross site request forgery

A vulnerability was found in iSmartgate Pro 1.5.9 and classified as problematic. This issue affects an unknown part of the file /index.php. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

iSmartgate Pro 1.5.9 /index.php cross site request forgery

A vulnerability has been found in iSmartgate Pro 1.5.9 and classified as problematic. This vulnerability affects some unknown functionality of the file /index.php. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

iSmartgate Pro 1.5.9 checkExpirationDate.php PHP Code Execution privilege escalation

A vulnerability, which was classified as critical, was found in iSmartgate Pro 1.5.9. This affects an unknown functionality of the file /cron/checkExpirationDate.php. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

iSmartgate Pro 1.5.9 /cron/mailAdmin.php PHP Code Execution privilege escalation

A vulnerability, which was classified as critical, has been found in iSmartgate Pro 1.5.9. Affected by this issue is an unknown function of the file /cron/mailAdmin.php. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

iSmartgate Pro 1.5.9 File Upload privilege escalation

A vulnerability classified as critical was found in iSmartgate Pro 1.5.9. Affected by this vulnerability is some unknown processing of the component File Upload. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Fortinet FortiTester up to 3.8.x cross site scripting [CVE-2020-12815]

A vulnerability classified as problematic has been found in Fortinet FortiTester up to 3.8.x. Affected is an unknown code block. Upgrading to version 3.9.0 eliminates this vulnerability.
Auteur: VulDB

Fortinet FortiManager/FortiAnalyzer cross site scripting [CVE-2020-12811]

A vulnerability was found in Fortinet FortiManager and FortiAnalyzer (unknown version). It has been rated as problematic. This issue affects an unknown code. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

iSmartgate Pro 1.5.9 /index.php busca cross site request forgery

A vulnerability was found in iSmartgate Pro 1.5.9. It has been declared as problematic. This vulnerability affects an unknown part of the file /index.php. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

iSmartgate Pro 1.5.9 /index.php cross site request forgery

A vulnerability was found in iSmartgate Pro 1.5.9. It has been classified as problematic. This affects some unknown functionality of the file /index.php. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

AVEVA eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053 SOAP FavoritesService.asmx HTTP Request sql injection

A vulnerability was found in AVEVA eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053 and classified as critical. Affected by this issue is an unknown functionality of the file FavoritesService.asmx of the component SOAP Handler. There is no...
Auteur: VulDB
First3456789101112Last

Événements SSI