dimanche 24 mai 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

COVIDSafe 1.0.15/1.0.16 Advertising information disclosure

A vulnerability was found in COVIDSafe 1.0.15/1.0.16 and classified as problematic. This issue affects some unknown processing of the component Advertising Handler. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

COVIDSafe 1.0.15/1.0.16 on Android GATT information disclosure

A vulnerability has been found in COVIDSafe 1.0.15/1.0.16 on Android (Android App Software) and classified as problematic. This vulnerability affects an unknown code block of the component GATT Handler. There is no information about possible...
Auteur: VulDB

LibreOffice up to 6.3.5 Encrypted Document weak encryption

A vulnerability, which was classified as problematic, was found in LibreOffice up to 6.3.5 (Office Suite Software). This affects an unknown code of the component Encrypted Document Handler. Upgrading to version 6.3.6 eliminates this vulnerability.
Auteur: VulDB

rConfig 3.9.4 configDevice.php rid cross site scripting

A vulnerability, which was classified as problematic, has been found in rConfig 3.9.4. Affected by this issue is an unknown part of the file configDevice.php. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

rConfig 3.9.4 Session Session Fixation weak authentication

A vulnerability classified as critical was found in rConfig 3.9.4. Affected by this vulnerability is some unknown functionality of the component Session Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

rConfig 3.9.4 cross site request forgery [CVE-2020-12257]

A vulnerability classified as problematic has been found in rConfig 3.9.4. Affected is an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative...
Auteur: VulDB

rConfig 3.9.4 devicemgmnt.php deviceId cross site scripting

A vulnerability was found in rConfig 3.9.4. It has been rated as problematic. This issue affects an unknown function of the file devicemgmnt.php. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

rConfig 3.9.4 File Upload vendor.crud.php Content-Type privilege escalation

A vulnerability was found in rConfig 3.9.4. It has been declared as critical. This vulnerability affects some unknown processing of the file vendor.crud.php of the component File Upload. There is no information about possible countermeasures...
Auteur: VulDB

Netgear AC3000/SRS60/SRR60/RBS50Y V2.5.1.106 Administration SOAP Interface privilege escalation

A vulnerability was found in Netgear AC3000, SRS60, SRR60 and RBS50Y V2.5.1.106 (Wireless LAN Software). It has been classified as critical. This affects an unknown code block of the component Administration SOAP Interface. There is no...
Auteur: VulDB

Netgear AC3000/SRS60/SRR60/RBS50Y V2.5.1.106 SOAP Interface Key information disclosure

A vulnerability was found in Netgear AC3000, SRS60, SRR60 and RBS50Y V2.5.1.106 and classified as problematic. Affected by this issue is an unknown code of the component SOAP Interface. There is no information about possible countermeasures...
Auteur: VulDB

Netgear AC3000/SRS60/SRR60/RBS50Y V2.5.1.106 Linux System Code Execution

A vulnerability has been found in Netgear AC3000, SRS60, SRR60 and RBS50Y V2.5.1.106 (Wireless LAN Software) and classified as critical. Affected by this vulnerability is an unknown part of the component Linux System. There is no information...
Auteur: VulDB

Dovecot up to 2.3.10.0 lmtp/submission Crash denial of service

A vulnerability, which was classified as problematic, was found in Dovecot up to 2.3.10.0 (Mail Server Software). Affected is some unknown functionality of the component lmtp/submission. Upgrading to version 2.3.10.1 eliminates this vulnerability.
Auteur: VulDB

Dovecot up to 2.3.10.0 Submission-Login Message Use-After-Free denial of service

A vulnerability, which was classified as problematic, has been found in Dovecot up to 2.3.10.0 (Mail Server Software). This issue affects an unknown functionality of the component Submission-Login. Upgrading to version 2.3.10.1 eliminates this...
Auteur: VulDB

Dovecot up to 2.3.10.0 Submission-Login Parameter NULL Pointer Dereference denial of service

A vulnerability classified as problematic was found in Dovecot up to 2.3.10.0 (Mail Server Software). This vulnerability affects an unknown function of the component Submission-Login. Upgrading to version 2.3.10.1 eliminates this vulnerability.
Auteur: VulDB

AMD OverDrive MSR AODDriver2.sys Code Execution

A vulnerability classified as critical has been found in AMD OverDrive (the affected version unknown). This affects some unknown processing in the library AODDriver2.sys of the component MSR Handler. There is no information about possible...
Auteur: VulDB

AMD 5.11.9.0 MSR atillk64.sys Code Execution

A vulnerability was found in AMD ATI Diagnostics Hardware Abstraction Sys Overclocking Utility 5.11.9.0. It has been rated as critical. Affected by this issue is an unknown code block in the library atillk64.sys of the component MSR Handler....
Auteur: VulDB

Wowza Streaming Engine up to 4.x Login Page loginfailed.html cross site scripting

A vulnerability was found in Wowza Streaming Engine up to 4.x. It has been declared as problematic. Affected by this vulnerability is an unknown code of the file enginemanager/loginfailed.html of the component Login Page. There is no information...
Auteur: VulDB

Wowza Streaming Engine up to 4.x File Download information disclosure

A vulnerability was found in Wowza Streaming Engine up to 4.x. It has been classified as problematic. Affected is an unknown part of the component File Download. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Ivanti Workspace Control up to 10.4 Registry pwrgrid.exe privilege escalation

A vulnerability was found in Ivanti Workspace Control up to 10.4 and classified as critical. This issue affects some unknown functionality of the file pwrgrid.exe of the component Registry Handler. Upgrading to version 10.4.40.0 eliminates this...
Auteur: VulDB

Manolo GwtUpload 1.0.3 UploadServlet.java delay denial of service

A vulnerability has been found in Manolo GwtUpload 1.0.3 and classified as problematic. This vulnerability affects an unknown functionality of the file server/UploadServlet.java. There is no information about possible countermeasures known. It...
Auteur: VulDB

OpenTrace up to 1.0.17 on iOS/Android Bluetooth information disclosure

A vulnerability, which was classified as problematic, was found in OpenTrace up to 1.0.17 on iOS/Android. This affects an unknown function of the component Bluetooth. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Readdle Documents App up to 6.9.6 on iOS Stored cross site scripting

A vulnerability, which was classified as problematic, has been found in Readdle Documents App up to 6.9.6 on iOS (iOS App Software). Affected by this issue is some unknown processing. Upgrading to version 6.9.7 eliminates this vulnerability.
Auteur: VulDB

Readdle Documents App up to 6.9.6 on iOS WebSocket Server Cross-Origin privilege escalation

A vulnerability classified as critical was found in Readdle Documents App up to 6.9.6 on iOS (iOS App Software). Affected by this vulnerability is an unknown code block of the component WebSocket Server. Upgrading to version 6.9.7 eliminates this...
Auteur: VulDB

Cherokee up to 1.2.104 handler_cgi.c cherokee_handler_cgi_add_env_pair Host memory corruption

A vulnerability classified as critical has been found in Cherokee up to 1.2.104. Affected is the function cherokee_handler_cgi_add_env_pair of the file handler_cgi.c. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Cherokee up to 1.2.104 memory corruption [CVE-2019-20799]

A vulnerability was found in Cherokee up to 1.2.104. It has been rated as critical. This issue affects an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB
First3456789101112Last

Événements SSI