vendredi 15 février 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Dundas BI Server up to 5.0.1 Dashboard Export viewUrl Server-Side Request Forgery

A vulnerability, which was classified as critical, has been found in Dundas BI Server up to 5.0.1. Affected by this issue is some functionality of the component Dashboard Export. The manipulation of the argument viewUrl as part of a Parameter...
Auteur: VulDB

ABBYY FlexiCapture 12 Release 1 HTTP API mask/sortOrder/filter/Order sql injection

A vulnerability, which was classified as critical, was found in ABBYY FlexiCapture 12 Release 1. Affected is a function of the component HTTP API. The manipulation of the argument mask/sortOrder/filter/Order as part of a Parameter leads to a sql...
Auteur: VulDB

Mobotix S14 MX-V4.2.1.61 Default Admin Password weak authentication

A vulnerability, which was classified as critical, has been found in Mobotix S14 MX-V4.2.1.61. This issue affects some functionality. The manipulation with an unknown input leads to a weak authentication vulnerability (Default Admin Password)....
Auteur: VulDB

CIM 0.9.3 install/install.php privilege escalation

A vulnerability was found in CIM 0.9.3. It has been declared as critical. Affected by this vulnerability is a code block of the file install/install.php. The manipulation with an unknown input leads to a privilege escalation vulnerability (PHP...
Auteur: VulDB

Binaryen 1.38.22 wasm-binary.cpp readUserSection denial of service

A vulnerability, which was classified as problematic, was found in Binaryen 1.38.22. Affected is the function wasm::WasmBinaryBuilder::readUserSection of the file wasm-binary.cpp. The manipulation with an unknown input leads to a denial of...
Auteur: VulDB

Binaryen 1.38.22 wasm-binary.cpp visitCall denial of service

A vulnerability, which was classified as problematic, has been found in Binaryen 1.38.22. This issue affects the function wasm::WasmBinaryBuilder::visitCall of the file wasm-binary.cpp. The manipulation with an unknown input leads to a denial of...
Auteur: VulDB

Binaryen 1.38.22 wasm-s-parser.cpp parseExpression denial of service

A vulnerability classified as problematic was found in Binaryen 1.38.22. This vulnerability affects the function wasm::SExpressionWasmBuilder::parseExpression of the file wasm-s-parser.cpp. The manipulation with an unknown input leads to a...
Auteur: VulDB

Binaryen 1.38.22 wasm-s-parser.cpp skipWhitespace() memory corruption

A vulnerability classified as critical has been found in Binaryen 1.38.22. This affects the function wasm::SExpressionParser::skipWhitespace() of the file wasm-s-parser.cpp. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Binaryen 1.38.22 wasm-binary.cpp visitCall memory corruption

A vulnerability was found in Binaryen 1.38.22. It has been rated as critical. Affected by this issue is the function wasm::WasmBinaryBuilder::visitCall of the file wasm-binary.cpp. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

Bento4 1.5.1-627 Codecs/Ap4BitStream.cpp WriteBytes memory corruption

A vulnerability was found in Bento4 1.5.1-627 (Multimedia Player Software). It has been declared as critical. Affected by this vulnerability is the function AP4_BitStream::WriteBytes of the file Codecs/Ap4BitStream.cpp. The manipulation with an...
Auteur: VulDB

Bento4 1.5.1-627 Core/Ap4Array.h EnsureCapacity denial of service

A vulnerability was found in Bento4 1.5.1-627 (Multimedia Player Software). It has been classified as problematic. Affected is the function AP4_Array::EnsureCapacity of the file Core/Ap4Array.h. The manipulation with an unknown input leads to a...
Auteur: VulDB

Bento4 1.5.1-627 Core/Ap4Atom.cpp Action denial of service

A vulnerability was found in Bento4 1.5.1-627 (Multimedia Player Software) and classified as problematic. This issue affects the function AP4_AtomListWriter::Action of the file Core/Ap4Atom.cpp. The manipulation with an unknown input leads to a...
Auteur: VulDB

Axios Italia Axios RE 1.7.0/7.0.0 RELogOff.aspx Error_Parameters cross site scripting

A vulnerability has been found in Axios Italia Axios RE 1.7.0/7.0.0 and classified as problematic. This vulnerability affects a functionality of the file RELogOff.aspx. The manipulation of the argument Error_Parameters as part of a Parameter...
Auteur: VulDB

XEROX WorkCentre prior R18-05 073.xxx.0487.15000 Remote Code Execution

A vulnerability, which was classified as critical, was found in XEROX WorkCentre (Printing Software). Affected is a function. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code Execution). CWE is...
Auteur: VulDB

XEROX WorkCentre prior R18-05 073.xxx.0487.15000 Blind sql injection

A vulnerability, which was classified as critical, has been found in XEROX WorkCentre (Printing Software). This issue affects some functionality. The manipulation with an unknown input leads to a sql injection vulnerability (Blind). Using CWE to...
Auteur: VulDB

XEROX WorkCentre prior R18-05 073.xxx.0487.15000 Local File Inclusion

A vulnerability classified as problematic was found in XEROX WorkCentre (Printing Software). This vulnerability affects the functionality. The manipulation with an unknown input leads to a information disclosure vulnerability (Local File...
Auteur: VulDB

XEROX WorkCentre prior R18-05 073.xxx.0487.15000 PHP Code Execution privilege escalation

A vulnerability classified as critical has been found in XEROX WorkCentre (Printing Software). This affects an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability (PHP Code Execution). CWE is...
Auteur: VulDB

XEROX WorkCentre prior R18-05 073.xxx.0487.15000 Command privilege escalation

A vulnerability was found in XEROX WorkCentre (Printing Software). It has been rated as critical. Affected by this issue is some processing. The manipulation with an unknown input leads to a privilege escalation vulnerability (Command). Using...
Auteur: VulDB

Debian python-rdflib-tools 4.2.2-1 CLI Tool Code Injection privilege escalation

A vulnerability was found in Debian python-rdflib-tools 4.2.2-1 (Programming Language Software). It has been classified as critical. Affected is code of the component CLI Tool. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

inxedu up to 2018-12-24 JSP File VideoUploadController.java fileType privilege escalation

A vulnerability was found in inxedu up to 2018-12-24. It has been classified as critical. Affected is code of the file com/inxedu/os/common/controller/VideoUploadController.java of the component JSP File Handler. The manipulation of the argument...
Auteur: VulDB

Enphase Envoy R3.*. Service Port 8888 images/ directory traversal

A vulnerability was found in Enphase Envoy R3.*. and classified as critical. This issue affects a part of the file images/ of the component Service Port 8888. The manipulation with an unknown input leads to a directory traversal vulnerability....
Auteur: VulDB

Enphase Envoy R3.*. Service Port 8888 /home profileName cross site scripting

A vulnerability has been found in Enphase Envoy R3.*. and classified as problematic. This vulnerability affects a functionality of the file /home of the component Service Port 8888. The manipulation of the argument profileName as part of a...
Auteur: VulDB

Enphase Envoy R3.*.* Service Port 8888 weak authentication

A vulnerability, which was classified as critical, was found in Enphase Envoy R3.*.*. This affects a function of the component Service Port 8888. The manipulation with an unknown input leads to a weak authentication vulnerability. CWE is...
Auteur: VulDB

Mobotix S14 MX-V4.2.1.61 Management Application /admin/index.html weak encryption

A vulnerability, which was classified as critical, has been found in Mobotix S14 MX-V4.2.1.61. Affected by this issue is some functionality of the file /admin/index.html of the component Management Application. The manipulation with an unknown...
Auteur: VulDB

Mobotix S14 MX-V4.2.1.61 /admin/access unknown vulnerability

A vulnerability classified as critical was found in Mobotix S14 MX-V4.2.1.61. Affected by this vulnerability is the functionality of the file /admin/access. The impact remains unknown. The summary by CVE is:An issue was discovered on MOBOTIX S14...
Auteur: VulDB
First45678910111213Last

Événements SSI

ACCESSECURITY

AccesSecurity, salon euro-méditerranéen de la sécurité globale, se tient à Marseille (Chanot) les 6 et 7 mars 2019. Organisé par Safim.

IT & IT SECURITY MEETINGS

IT & IT Security Meetings, «salon des réseaux, du cloud, de la mobilité et de la sécurité informatique», se tient à Cannes, Palais des Festivals et des Congrès du 19 au 21 mars 2019. Organisé par Weyou Group.

RSS