vendredi 10 juillet 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Apache Zookeeper up to 3.4.13/3.5.0-alpha to 3.5.4-beta getACL() information disclosure

A vulnerability was found in Apache Zookeeper up to 3.4.13/3.5.0-alpha to 3.5.4-beta. It has been classified as problematic. Affected is the function getACL(). The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

Docker up to 18.06.1-ce-rc2 API Endpoint daemon/archive.go directory traversal

A vulnerability was found in Docker up to 18.06.1-ce-rc2 (Cloud Software) and classified as critical. This issue affects a part of the file daemon/archive.go of the component API Endpoint. The manipulation with an unknown input leads to a...
Auteur: VulDB

Open-Xchange OX App Suite up to 7.8.3 cross site scripting [CVE-2017-5213]

A vulnerability has been found in Open-Xchange OX App Suite up to 7.8.3 and classified as problematic. This vulnerability affects a functionality. The manipulation with an unknown input leads to a cross site scripting vulnerability. The CWE...
Auteur: VulDB

Open-Xchange OX App Suite 7.8.3 Access Control privilege escalation

A vulnerability, which was classified as critical, was found in Open-Xchange OX App Suite 7.8.3. This affects a function of the component Access Control. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE...
Auteur: VulDB

Open-Xchange OX App Suite up to 7.8.3 spoofing [CVE-2017-5211]

A vulnerability, which was classified as critical, has been found in Open-Xchange OX App Suite up to 7.8.3. Affected by this issue is some functionality. The manipulation with an unknown input leads to a spoofing vulnerability. Using CWE to...
Auteur: VulDB

Open-Xchange App Suite up to 7.8.3 information disclosure [CVE-2017-5210]

A vulnerability classified as problematic was found in Open-Xchange App Suite up to 7.8.3. Affected by this vulnerability is the functionality. The manipulation with an unknown input leads to a information disclosure vulnerability. The CWE...
Auteur: VulDB

OX Software OX App Suite up to 7.8.4 cross site scripting [CVE-2017-17061]

A vulnerability classified as problematic has been found in OX Software OX App Suite up to 7.8.4. Affected is an unknown function. The manipulation with an unknown input leads to a cross site scripting vulnerability. CWE is classifying the issue...
Auteur: VulDB

OX Software OX App Suite up to 7.8.4 Permission privilege escalation

A vulnerability was found in OX Software OX App Suite up to 7.8.4. It has been rated as critical. This issue affects some processing of the component Permission. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Artifex Ghostscript 9.22 PostScript File information disclosure

A vulnerability was found in Artifex Ghostscript 9.22 (Document Processing Software). It has been declared as problematic. This vulnerability affects a code block. The manipulation as part of a PostScript File leads to a information disclosure...
Auteur: VulDB

Open-Xchange OX App Suite up to 7.8.4 cross site scripting [CVE-2017-15030]

A vulnerability was found in Open-Xchange OX App Suite up to 7.8.4. It has been classified as problematic. This affects code. The manipulation with an unknown input leads to a cross site scripting vulnerability. CWE is classifying the issue as...
Auteur: VulDB

OX Software App Suite up to 7.8.4 Server-Side Request Forgery

A vulnerability was found in OX Software App Suite up to 7.8.4 and classified as critical. Affected by this issue is a part. The manipulation with an unknown input leads to a privilege escalation vulnerability (SSRF). Using CWE to declare the...
Auteur: VulDB

OX Software OX App Suite up to 7.8.4 cross site scripting [CVE-2017-13668]

A vulnerability has been found in OX Software OX App Suite up to 7.8.4 and classified as problematic. Affected by this vulnerability is a functionality. The manipulation with an unknown input leads to a cross site scripting vulnerability. The...
Auteur: VulDB

Zoho ManageEngine Application Manager 13.1 Build 13100 Alarm File Upload privilege escalation

A vulnerability, which was classified as critical, was found in Zoho ManageEngine Application Manager 13.1 Build 13100. Affected is a function of the component Alarm Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Zoho ManageEngine Application Manager 13.1 Build 13100 Widget cross site scripting

A vulnerability, which was classified as problematic, has been found in Zoho ManageEngine Application Manager 13.1 Build 13100. This issue affects some functionality of the component Widget Handler. The manipulation as part of a Application...
Auteur: VulDB

Zoho ManageEngine Application Manager 13.1 Build 13100 /auditLogAction.do haid sql injection

A vulnerability classified as critical was found in Zoho ManageEngine Application Manager 13.1 Build 13100. This vulnerability affects the functionality of the file /auditLogAction.do. The manipulation of the argument haid as part of a...
Auteur: VulDB

Zoho ManageEngine ManageEngine OpManager 12.2 Group Chat File Upload privilege escalation

A vulnerability classified as critical has been found in Zoho ManageEngine ManageEngine OpManager 12.2. This affects an unknown function of the component Group Chat. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Poppler up to 0.76.1 JPEG2000Stream.cc JPXStream::init height/width memory corruption

A vulnerability was found in Poppler up to 0.76.1 (Document Reader Software). It has been rated as critical. Affected by this issue is the function JPXStream::init of the file JPEG2000Stream.cc. The manipulation of the argument height/width with...
Auteur: VulDB

JIRA up to 7.13.3/8.0.3/8.1.0 ViewUpgrades privilege escalation

A vulnerability was found in JIRA up to 7.13.3/8.0.3/8.1.0. It has been declared as critical. Affected by this vulnerability is a code block of the component ViewUpgrades. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

JIRA up to 7.13.3/8.0.3/8.1.0 Access Check CachingResourceDownloadRewriteRule privilege escalation

A vulnerability was found in JIRA up to 7.13.3/8.0.3/8.1.0. It has been classified as critical. Affected is the function CachingResourceDownloadRewriteRule of the component Access Check. The manipulation with an unknown input leads to a...
Auteur: VulDB

Adobe Media Encoder 13.0.2 Out-of-Bounds information disclosure

A vulnerability was found in Adobe Media Encoder 13.0.2 and classified as problematic. This issue affects a part. The manipulation with an unknown input leads to a information disclosure vulnerability (Out-of-Bounds). Using CWE to declare the...
Auteur: VulDB

Adobe Media Encoder 13.0.2 Use-After-Free memory corruption

A vulnerability has been found in Adobe Media Encoder 13.0.2 and classified as critical. This vulnerability affects a functionality. The manipulation with an unknown input leads to a memory corruption vulnerability (Use-After-Free). The CWE...
Auteur: VulDB

Adobe Flash Player up to 32.0.0.171 Use-After-Free memory corruption

A vulnerability, which was classified as critical, was found in Adobe Flash Player up to 32.0.0.171 (Multimedia Player Software). This affects a function. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

Schneider Electric Modicon M580 TCP Connection TCP Sequence privilege escalation

A vulnerability, which was classified as critical, has been found in Schneider Electric Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium (affected version not known). Affected by this issue is some functionality. The manipulation ...
Auteur: VulDB

Schneider Electric PacDrive Pro2 IP Config Ethernet Frame weak authentication

A vulnerability classified as critical was found in Schneider Electric Modicon M100, Modicon M200, Modicon M221, ATV IMC Drive Controller, Modicon M241, Modicon M251, Modicon M258, Modicon LMC058, Modicon LMC078, PacDrive Eco , PacDrive Pro and...
Auteur: VulDB

Schneider Electric Modicon M580 Modbus denial of service [CVE-2019-6819]

A vulnerability classified as problematic has been found in Schneider Electric Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium (version unknown). Affected is an unknown function of the component Modbus. The manipulation with an...
Auteur: VulDB
First869870871872873874875876877878Last

Événements SSI