Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Cisco ASA/Firepower Threat Defense IP Fragment Reassembly resource consumption

A vulnerability was found in Cisco ASA and Firepower Threat Defense (Firewall Software) (affected version not known) and classified as problematic. Affected by this issue is an unknown function of the component IP Fragment Reassembly. Upgrading...
Auteur: VulDB

Cisco Firepower Threat Defense CLI backdoor [CVE-2020-3352]

A vulnerability has been found in Cisco Firepower Threat Defense (Firewall Software) (affected version unknown) and classified as critical. Affected by this vulnerability is some unknown processing of the component CLI. Upgrading eliminates this...
Auteur: VulDB

Cisco ASA/Firepower Threat Defense SSL Inspection denial of service

A vulnerability, which was classified as problematic, was found in Cisco ASA and Firepower Threat Defense (Firewall Software) (version unknown). Affected is an unknown code block of the component SSL Inspection. Upgrading eliminates this...
Auteur: VulDB

Cisco ASA/Firepower Threat Defense HTTP Request resource consumption

A vulnerability, which was classified as problematic, has been found in Cisco ASA and Firepower Threat Defense (Firewall Software) (unknown version). This issue affects an unknown code of the component HTTP Request Handler. Upgrading eliminates...
Auteur: VulDB

Cisco Integrated Services Router Snort Detection Engine protection mechanism failure

A vulnerability classified as critical was found in Cisco Integrated Services Router, Industrial Security Appliance, Services Router 1000V, Firepower Threat Defense, Integrated Services Virtual Router and Meraki MX Security Appliance (Firewall...
Auteur: VulDB

BigBlueButton Greenlight 2.7.6 Merge Account admins.js cross site scripting

A vulnerability classified as problematic has been found in BigBlueButton Greenlight 2.7.6. This affects some unknown functionality of the file admins.js of the component Merge Account Handler. There is no information about possible...
Auteur: VulDB

fastd v20 receive.c denial of service

A vulnerability was found in fastd v20. It has been rated as problematic. Affected by this issue is an unknown functionality of the file receive.c. Upgrading to version v21 eliminates this vulnerability.
Auteur: VulDB

FileImporter Extension up to 1.35.0 on MediaWiki unknown vulnerability

A vulnerability was found in FileImporter Extension up to 1.35.0 on MediaWiki. It has been declared as problematic.
Auteur: VulDB

Cosmos Skin up to 1.35.0 on MediaWiki rawElement cross site scripting

A vulnerability was found in Cosmos Skin up to 1.35.0 on MediaWiki. It has been classified as problematic. Affected is the function wfMessage/Html::rawElement. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Python up to 3.9.0 HTTP multibytecodec_support.py eval unknown vulnerability

A vulnerability was found in Python up to 3.9.0 (Programming Language Software) and classified as problematic. This issue affects the function eval in the library Lib/test/multibytecodec_support.py of the component HTTP Handler.
Auteur: VulDB

Loginizer up to 1.6.3 on WordPress SQL Injection loginizer_login_failed/lz_valid_ip sql injection

A vulnerability has been found in Loginizer up to 1.6.3 on WordPress (WordPress Plugin) and classified as problematic. This vulnerability affects the function loginizer_login_failed/lz_valid_ip of the component SQL Injection Handler. Upgrading to...
Auteur: VulDB

cm-download-manager up to 2.7.x on WordPress cross site scripting

A vulnerability, which was classified as problematic, was found in cm-download-manager up to 2.7.x on WordPress (WordPress Plugin). This affects an unknown part. Upgrading to version 2.8.0 eliminates this vulnerability.
Auteur: VulDB

Adobe Dreamweaver up to 20.2 uncontrolled search path [CVE-2020-24425]

A vulnerability, which was classified as very critical, has been found in Adobe Dreamweaver up to 20.2. Affected by this issue is some unknown functionality. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Premiere Pro up to 14.4 uncontrolled search path [CVE-2020-24424]

A vulnerability classified as critical was found in Adobe Premiere Pro up to 14.4. Affected by this vulnerability is an unknown functionality. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Media Encoder up to 14.4 on Windows uncontrolled search path

A vulnerability classified as critical has been found in Adobe Media Encoder up to 14.4 on Windows. Affected is an unknown function. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Creative Cloud Desktop Application up to 2.1/5.2 on Windows uncontrolled search path

A vulnerability was found in Adobe Creative Cloud Desktop Application up to 2.1/5.2 on Windows (Cloud Software). It has been rated as critical. This issue affects some unknown processing. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe InDesign up to 15.1.2 indd File memory corruption

A vulnerability was found in Adobe InDesign up to 15.1.2 (Image Processing Software). It has been declared as critical. This vulnerability affects an unknown code block of the component indd File Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Photoshop up to 21.2.1 on Windows uncontrolled search path

A vulnerability was found in Adobe Photoshop up to 21.2.1 on Windows (Image Processing Software). It has been classified as critical. This affects an unknown code. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe After Effects up to 17.1.1 on Windows uncontrolled search path

A vulnerability was found in Adobe After Effects up to 17.1.1 on Windows and classified as critical. Affected by this issue is an unknown part. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe After Effects up to 17.1.1 aepx File out-of-bounds read

A vulnerability has been found in Adobe After Effects up to 17.1.1 and classified as problematic. Affected by this vulnerability is some unknown functionality of the file aepx of the component aepx File Handler. Upgrading eliminates this...
Auteur: VulDB

WSO2 API Manager up to 3.1.0 publisher cross site scripting

A vulnerability, which was classified as problematic, was found in WSO2 API Manager up to 3.1.0 (Automation Software). Affected is an unknown functionality of the component publisher.
Auteur: VulDB

Ghisler Total Commander 9.51 Access Restriction TOTALCMD64.EXE access control

A vulnerability, which was classified as critical, has been found in Ghisler Total Commander 9.51. This issue affects an unknown function of the file %SYSTEMDRIVE%\totalcmd\TOTALCMD64.EXE of the component Access Restriction Handler. There is no...
Auteur: VulDB

Arista EOS prior 4.21.12M/4.22.7M/4.23.5M/4.24.2F DHCP Packet denial of service

A vulnerability classified as problematic was found in Arista EOS. This vulnerability affects some unknown processing of the component DHCP Packet Handler. Upgrading to version 4.21.12M, 4.22.7M, 4.23.5M or 4.24.2F eliminates this vulnerability.
Auteur: VulDB

TensorFlow up to 2.3.x Large Value tf.image.crop_and_resize boxes memory corruption

A vulnerability classified as problematic has been found in TensorFlow up to 2.3.x (Artificial Intelligence Software). This affects the function tf.image.crop_and_resize of the component Large Value Handler. Upgrading to version 2.4.0 eliminates...
Auteur: VulDB

TensorFlow up to 2.3.x Dimensions tf.quantization.quantize_and_dequantize axis out-of-bounds read

A vulnerability was found in TensorFlow up to 2.3.x (Artificial Intelligence Software). It has been rated as problematic. Affected by this issue is the function tf.quantization.quantize_and_dequantize of the component Dimensions Handler....
Auteur: VulDB
First45678910111213Last

Événements SSI