lundi 25 mai 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Memcached up to 1.5.13 lru memcached.c process_lru_command Messages denial of service

A vulnerability was found in Memcached up to 1.5.13. It has been declared as problematic. Affected by this vulnerability is the function process_lru_command of the file memcached.c of the component lru Handler. The manipulation as part of a...
Auteur: VulDB

uBlock up to 0.9.5.14 Web Service Request privilege escalation

A vulnerability was found in uBlock up to 0.9.5.14. It has been classified as critical. Affected is code of the component Web Service. The manipulation as part of a Request leads to a privilege escalation vulnerability. CWE is classifying the...
Auteur: VulDB

AdBlock up to 3.44.x Web Service Request privilege escalation

A vulnerability was found in AdBlock up to 3.44.x and classified as critical. This issue affects a part of the component Web Service. The manipulation as part of a Request leads to a privilege escalation vulnerability. Using CWE to declare the...
Auteur: VulDB

Adblock Plus up to 3.5.1 Web Service privilege escalation

A vulnerability has been found in Adblock Plus up to 3.5.1 and classified as critical. This vulnerability affects a functionality of the component Web Service. The manipulation with an unknown input leads to a privilege escalation vulnerability....
Auteur: VulDB

WebID 1.2.2 admin/deletenews.php Parameter cross site scripting

A vulnerability, which was classified as problematic, was found in WebID 1.2.2. This affects a function of the file admin/deletenews.php. The manipulation as part of a Parameter leads to a cross site scripting vulnerability (Reflected). CWE is...
Auteur: VulDB

Webdorado Contact Form Plugin up to 1.13.4 on WordPress wp-admin/admin-ajax.php action cross site request forgery

A vulnerability, which was classified as problematic, has been found in Webdorado Contact Form Plugin up to 1.13.4 on WordPress (Plugin Software). Affected by this issue is some functionality of the file wp-admin/admin-ajax.php. The manipulation...
Auteur: VulDB

10Web Form Maker Plugin up to 1.13.4 on WordPress wp-admin/admin-ajax.php action cross site request forgery

A vulnerability classified as problematic was found in 10Web Form Maker Plugin up to 1.13.4 on WordPress (Plugin Software). Affected by this vulnerability is the functionality of the file wp-admin/admin-ajax.php. The manipulation of the argument...
Auteur: VulDB

IBM API Connect 2018.1/2018.4.1.2 weak encryption [CVE-2018-2007]

A vulnerability classified as critical has been found in IBM API Connect 2018.1/2018.4.1.2. Affected is an unknown function. The manipulation with an unknown input leads to a weak encryption vulnerability. CWE is classifying the issue as...
Auteur: VulDB

IBM Jazz Reporting Service up to 6.0.6 Web UI cross site scripting

A vulnerability was found in IBM Jazz Reporting Service up to 6.0.6 (Reporting Software). It has been rated as problematic. This issue affects some processing of the component Web UI. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

IBM Emptoris Contract Management 10.0.0/10.1.3.0 Error Message information disclosure

A vulnerability was found in IBM Emptoris Contract Management 10.0.0/10.1.3.0. It has been declared as problematic. This vulnerability affects a code block of the component Error Message Handler. The manipulation with an unknown input leads to a...
Auteur: VulDB

NSS up to 3.38 SSLv2 ClientHello weak encryption

A vulnerability was found in NSS up to 3.38. It has been classified as critical. This affects code of the component SSLv2 Handler. The manipulation as part of a ClientHello leads to a weak encryption vulnerability. CWE is classifying the issue...
Auteur: VulDB

cJSON cJSON.c parse_string memory corruption

A vulnerability was found in cJSON and classified as critical. Affected by this issue is the function parse_string of the file cJSON.c. The manipulation with an unknown input leads to a memory corruption vulnerability. Using CWE to declare the...
Auteur: VulDB

esoTalk 1.0.0g4 conversations/ PATH_INFO cross site scripting

A vulnerability has been found in esoTalk 1.0.0g4 and classified as problematic. Affected by this vulnerability is a functionality of the file conversations/. The manipulation of the argument PATH_INFO with an unknown input leads to a cross site...
Auteur: VulDB

CERTFR-2019-AVI-189 : Vulnérabilité dans Oracle WebLogic (29 avril 2019)

Une vulnérabilité a été découverte dans Oracle WebLogic. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Auteur: Cert FR

CERTFR-2019-AVI-188 : Multiples vulnérabilités dans le noyau Linux de SUSE (29 avril 2019)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et une atteinte à l'intégrité des...
Auteur: Cert FR

Sony Smart TV Photo Sharing Plus LJYT0010.JPG information disclosure

A vulnerability, which was classified as problematic, was found in Sony Smart TV. Affected is a function of the file /contentshare/image/data/user/0/com.sony.dtv.photosharingplus/files/_BRAVPSS.TMP/LJYT0010.JPG of the component Photo Sharing...
Auteur: VulDB

Sony Smart TV Photo Sharing Plus Credentials information disclosure

A vulnerability, which was classified as problematic, has been found in Sony Smart TV. This issue affects some functionality of the component Photo Sharing Plus. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

dhcpcd up to 7.2.0 dhcp.c DHO_OPTSOVERLOADED memory corruption

A vulnerability classified as critical was found in dhcpcd up to 7.2.0. This vulnerability affects the functionality of the file dhcp.c. The manipulation of the argument DHO_OPTSOVERLOADED with an unknown input leads to a memory corruption...
Auteur: VulDB

dhcpcd up to 7.2.0 auth.c Latency unknown vulnerability

A vulnerability classified as problematic has been found in dhcpcd up to 7.2.0. This affects an unknown function of the file auth.c. This is going to have an impact on confidentiality. The summary by CVE is:auth.c in dhcpcd before 7.2.1 allowed...
Auteur: VulDB

dhcpcd up to 7.2.0 NA-TA Address dhcp6.c dhcp6_findna memory corruption

A vulnerability was found in dhcpcd up to 7.2.0. It has been rated as critical. Affected by this issue is the function dhcp6_findna of the file dhcp6.c of the component NA-TA Address Handler. The manipulation with an unknown input leads to a...
Auteur: VulDB

Gitea up to 1.7.x 2FA weak authentication

A vulnerability was found in Gitea up to 1.7.x. It has been declared as critical. Affected by this vulnerability is a code block of the component 2FA. The manipulation with an unknown input leads to a weak authentication vulnerability. The CWE...
Auteur: VulDB

AikCms 2.0 File Upload nav.php privilege escalation

A vulnerability was found in AikCms 2.0. It has been classified as critical. Affected is code of the file admin/page/system/nav.php of the component File Upload. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

AikCms 2.0 nav.php $_GET['del'] sql injection

A vulnerability was found in AikCms 2.0 and classified as critical. This issue affects a part of the file admin/page/system/nav.php?del. The manipulation of the argument $_GET['del'] with an unknown input leads to a sql injection vulnerability....
Auteur: VulDB

Print My Blog Plugin up to 1.6.6 on WordPress site Server-Side Request Forgery

A vulnerability has been found in Print My Blog Plugin up to 1.6.6 on WordPress (Plugin Software) and classified as critical. This vulnerability affects a functionality. The manipulation of the argument site as part of a Parameter leads to a...
Auteur: VulDB

Mozilla Firefox/Firefox ESR/Thunderbird IonMonkey JIT Compiler Proto Mutation memory corruption

A vulnerability, which was classified as critical, was found in Mozilla Firefox, Firefox ESR and Thunderbird (Mail Client Software). This affects a function of the component IonMonkey JIT Compiler. The manipulation as part of a Proto Mutation...
Auteur: VulDB
First817818819820821822823824825826Last

Événements SSI