Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

VMware View Planner up to 4.6 logupload Web Application improper authorization

A vulnerability, which was classified as critical, has been found in VMware View Planner up to 4.6. This issue affects an unknown functionality of the component logupload Web Application. Applying the patch 4.6 Security Patch 1 is able to...
Auteur: VulDB

DataDog API Client Java up to 1.0.0-beta.8 Temporary Files prepareDownloadFilecreates temp file

A vulnerability classified as problematic was found in DataDog API Client Java up to 1.0.0-beta.8 (Network Management Software). This vulnerability affects the function prepareDownloadFilecreates of the component Temporary Files Handler....
Auteur: VulDB

GLPI up to 9.5.3 Ticket Update cross site scripting

A vulnerability classified as problematic has been found in GLPI up to 9.5.3 (Asset Management Software). This affects some unknown processing of the component Ticket Update Handler. Upgrading to version 9.5.4 eliminates this vulnerability. The...
Auteur: VulDB

GLPI up to 9.5.3 /ajax/common.tabs.php _target/id cross site scripting

A vulnerability was found in GLPI up to 9.5.3 (Asset Management Software). It has been rated as problematic. Affected by this issue is an unknown code block of the file /ajax/common.tabs.php. Upgrading to version 9.5.4 eliminates this...
Auteur: VulDB

GLPI up to 9.5.3 Document Upload /front/document.form.php cross site scripting

A vulnerability was found in GLPI up to 9.5.3 (Asset Management Software). It has been declared as problematic. Affected by this vulnerability is an unknown code of the file /front/document.form.php of the component Document Upload. Upgrading to...
Auteur: VulDB

IBM Security Verify Bridge external hard-coded credentials [CVE-2021-20442]

A vulnerability was found in IBM Security Verify Bridge (version unknown). It has been classified as problematic. Affected is an unknown part of the component external. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

IBM Security Verify Bridge inadequate encryption [CVE-2021-20441]

A vulnerability was found in IBM Security Verify Bridge (unknown version) and classified as problematic. This issue affects some unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

grub2 up to 2.05 Calculation Setparam_prefix out-of-bounds write

A vulnerability has been found in grub2 up to 2.05 and classified as critical. This vulnerability affects the function Setparam_prefix of the component Calculation Handler. Upgrading to version 2.06 eliminates this vulnerability.
Auteur: VulDB

grub2 up to 2.05 Options out-of-bounds write

A vulnerability, which was classified as critical, was found in grub2 up to 2.05. This affects an unknown function of the component Options Handler. Upgrading to version 2.06 eliminates this vulnerability.
Auteur: VulDB

Tenable Tenable.sc/Tenable.sc Core up to 5.17.0 Hypertext Preprocessor Remote Privilege Escalation

A vulnerability, which was classified as critical, has been found in Tenable Tenable.sc and Tenable.sc Core up to 5.17.0. Affected by this issue is some unknown processing of the component Hypertext Preprocessor. There is no information about...
Auteur: VulDB

Nextcloud Server up to 19.x credentials storage [CVE-2020-8296]

A vulnerability classified as problematic was found in Nextcloud Server up to 19.x (Cloud Software). Affected by this vulnerability is an unknown code block. Upgrading to version 20.0.0 eliminates this vulnerability. Applying a patch is able to...
Auteur: VulDB

zoujingli ThinkAdmin 6 Dashboard hard-coded credentials

A vulnerability classified as critical has been found in zoujingli ThinkAdmin 6. Affected is an unknown code of the component Dashboard. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

wp-hotel-booking Plugin up to 1.10.2 on WordPress Cookie class-wphb-sessions.php thimpress_hotel_booking_1 deserialization

A vulnerability was found in wp-hotel-booking Plugin up to 1.10.2 on WordPress (Hospitality Software). It has been rated as critical. This issue affects an unknown part of the file includes/class-wphb-sessions.php of the component Cookie Handler....
Auteur: VulDB

Epignosis EfrontPro 5.2.21 password recovery [CVE-2020-28597]

A vulnerability was found in Epignosis EfrontPro 5.2.21. It has been declared as problematic. This vulnerability affects some unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Slic3r libslic3r 1.3.0 AMF File endElement out-of-bounds read

A vulnerability was found in Slic3r libslic3r 1.3.0. It has been classified as problematic. This affects the function AMFParserContext::endElement of the component AMF File Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

grub2 up to 2.05 cutmem Command memory corruption

A vulnerability was found in grub2 up to 2.05 and classified as critical. Affected by this issue is an unknown function of the component cutmem Command. Upgrading to version 2.06 eliminates this vulnerability.
Auteur: VulDB

grub2 up to 2.05 Command Line stack-based overflow

A vulnerability has been found in grub2 up to 2.05 and classified as critical. Affected by this vulnerability is some unknown processing of the component Command Line Handler. Upgrading to version 2.06 eliminates this vulnerability.
Auteur: VulDB

grub2 up to 2.05 USB Device Initialization memory corruption

A vulnerability, which was classified as critical, was found in grub2 up to 2.05. Affected is an unknown code block of the component USB Device Initialization. Upgrading to version 2.06 eliminates this vulnerability.
Auteur: VulDB

grub2 up to 2.05 rmmod use after free

A vulnerability, which was classified as critical, has been found in grub2 up to 2.05. This issue affects an unknown code of the component rmmod. Upgrading to version 2.06 eliminates this vulnerability.
Auteur: VulDB

Fortinet FortiGate up to 6.2.4/6.4.0 Log Dashboard cross site scripting

A vulnerability classified as problematic was found in Fortinet FortiGate up to 6.2.4/6.4.0 (Firewall Software). This vulnerability affects an unknown part of the component Log Dashboard. Upgrading to version 6.2.5 or 6.4.1 eliminates this...
Auteur: VulDB

grub2 up to 2.05 ACPI Command memory corruption

A vulnerability classified as critical has been found in grub2 up to 2.05. This affects some unknown functionality of the component ACPI Command Handler. Upgrading to version 2.06 eliminates this vulnerability.
Auteur: VulDB

WebKit WebKitGTK 2.30.1 Web Page AudioSourceProviderGStreamer use after free

A vulnerability was found in WebKit WebKitGTK 2.30.1 (Web Browser). It has been rated as critical. Affected by this issue is the function AudioSourceProviderGStreamer of the component Web Page Handler. There is no information about possible...
Auteur: VulDB

Advantech WebAccess/SCADA 9.0.1 access control [CVE-2020-13554]

A vulnerability was found in Advantech WebAccess and SCADA 9.0.1 (SCADA Software). It has been declared as critical. Affected by this vulnerability is an unknown function. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Pillow up to 8.1.0 ICO Container memory allocation

A vulnerability was found in Pillow up to 8.1.0. It has been classified as problematic. Affected is some unknown processing of the component ICO Container Handler. Upgrading to version 8.1.1 eliminates this vulnerability. The upgrade is hosted...
Auteur: VulDB

Pillow up to 8.1.0 Image memory allocation

A vulnerability was found in Pillow up to 8.1.0 and classified as problematic. This issue affects an unknown code block of the component Image Handler. Upgrading to version 8.1.1 eliminates this vulnerability. The upgrade is hosted for download...
Auteur: VulDB
First45678910111213Last

Événements SSI