Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Dell EMC OpenManage Server Administrator up to 9.4 Web API API Request directory traversal

A vulnerability, which was classified as critical, has been found in Dell EMC OpenManage Server Administrator up to 9.4. This issue affects an unknown function of the component Web API. There is no information about possible countermeasures...
Auteur: VulDB

IBM Planning Analytics up to 2.0.9.1 Web UI cross site scripting

A vulnerability classified as problematic was found in IBM Planning Analytics up to 2.0.9.1. This vulnerability affects some unknown processing of the component Web UI. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

IBM Planning Analytics up to 2.0.9.1 Clickjacking privilege escalation

A vulnerability classified as critical has been found in IBM Planning Analytics up to 2.0.9.1. This affects an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

IBM Tivoli Key Lifecycle Manager weak authentication [CVE-2020-4574]

A vulnerability was found in IBM Tivoli Key Lifecycle Manager (affected version not known). It has been rated as problematic. Affected by this issue is an unknown code. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

IBM Tivoli Key Lifecycle Manager 3.0.1/4.0 HTTP Requests information disclosure

A vulnerability was found in IBM Tivoli Key Lifecycle Manager 3.0.1/4.0. It has been declared as problematic. Affected by this vulnerability is an unknown part. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

IBM Tivoli Key Lifecycle Manager 3.0.1/4.0 Error Message information disclosure

A vulnerability was found in IBM Tivoli Key Lifecycle Manager 3.0.1/4.0 (Directory Service Software). It has been classified as problematic. Affected is some unknown functionality of the component Error Message Handler. There is no information...
Auteur: VulDB

IBM Tivoli Key Lifecycle Manager 3.0.1/4.0 Protection Mechanism privilege escalation

A vulnerability was found in IBM Tivoli Key Lifecycle Manager 3.0.1/4.0 (Directory Service Software) and classified as critical. This issue affects an unknown functionality of the component Protection Mechanism. There is no information about...
Auteur: VulDB

IBM Tivoli Key Lifecycle Manager 3.0.1/4.0 Account Lockout weak authentication

A vulnerability has been found in IBM Tivoli Key Lifecycle Manager 3.0.1/4.0 (Directory Service Software) and classified as problematic. This vulnerability affects an unknown function of the component Account Lockout. There is no information...
Auteur: VulDB

IBM Maximo Asset Management 7.6.0.1/7.6.0.2 XML Data XML External Entity

A vulnerability, which was classified as critical, was found in IBM Maximo Asset Management 7.6.0.1/7.6.0.2 (Asset Management Software). This affects some unknown processing of the component XML Data Handler. There is no information about...
Auteur: VulDB

SICK Package Analytics 04.1.1 Configuration File Credentials information disclosure

A vulnerability, which was classified as problematic, has been found in SICK Package Analytics 04.1.1. Affected by this issue is an unknown code block of the component Configuration File Handler. There is no information about possible...
Auteur: VulDB

SICK Package Analytics 04.0.0 REST API information disclosure

A vulnerability classified as problematic was found in SICK Package Analytics 04.0.0. Affected by this vulnerability is an unknown code of the component REST API. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

SICK Package Analytics 04.0.0 REST API weak authentication

A vulnerability classified as critical has been found in SICK Package Analytics 04.0.0. Affected is an unknown part of the component REST API. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

dlf Extension up to 3.1.1 on TYPO3 cross site scripting [CVE-2020-16095]

A vulnerability was found in dlf Extension up to 3.1.1 on TYPO3. It has been rated as problematic. This issue affects some unknown functionality. Upgrading to version 3.1.2 eliminates this vulnerability.
Auteur: VulDB

Claws Mail up to 3.17.6 IMAP Server imap_scan_tree_recursive memory corruption

A vulnerability was found in Claws Mail up to 3.17.6 (Mail Client Software). It has been declared as critical. This vulnerability affects the function imap_scan_tree_recursive of the component IMAP Server Handler. There is no information about...
Auteur: VulDB

Grin 3.x Mimblewimble unknown vulnerability [CVE-2020-15899]

A vulnerability was found in Grin 3.x. It has been classified as problematic. This affects an unknown function of the component Mimblewimble. Upgrading to version 4.0.0 eliminates this vulnerability.
Auteur: VulDB

Veeam ONE 10.0.0.750_20200415 Reporter_ImportLicense XML Document XML External Entity

A vulnerability was found in Veeam ONE 10.0.0.750_20200415 and classified as critical. Affected by this issue is the function Reporter_ImportLicense. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Veeam ONE 10.0.0.750_20200415 SSRSReport XML Document XML External Entity

A vulnerability has been found in Veeam ONE 10.0.0.750_20200415 and classified as critical. Affected by this vulnerability is the function SSRSReport. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Netgear R6700 1.0.4.84_10.0.58 File Upload Stack-based memory corruption

A vulnerability, which was classified as critical, was found in Netgear R6700 1.0.4.84_10.0.58 (Wireless LAN Software). Affected is an unknown code of the component File Upload Handler. There is no information about possible countermeasures...
Auteur: VulDB

Netgear R6700 1.0.4.84_10.0.58 httpd Service Stack-based memory corruption

A vulnerability, which was classified as critical, has been found in Netgear R6700 1.0.4.84_10.0.58 (Wireless LAN Software). This issue affects an unknown part of the component httpd Service. There is no information about possible countermeasures...
Auteur: VulDB

OpenClinic GA 5.09.02/5.89.05b SQL privilege escalation

A vulnerability classified as critical was found in OpenClinic GA 5.09.02/5.89.05b. This vulnerability affects some unknown functionality of the component SQL Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

OpenClinic GA 5.09.02/5.89.05b Remote Code Execution [CVE-2020-14492]

A vulnerability classified as critical has been found in OpenClinic GA 5.09.02/5.89.05b. This affects an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected object with...
Auteur: VulDB

OpenClinic GA 5.09.02/5.89.05b Parameter Remote Code Execution

A vulnerability was found in OpenClinic GA 5.09.02/5.89.05b. It has been rated as critical. Affected by this issue is an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

OpenClinic GA 5.09.02/5.89.05b Hash Password weak encryption

A vulnerability was found in OpenClinic GA 5.09.02/5.89.05b. It has been declared as problematic. Affected by this vulnerability is some unknown processing of the component Hash Handler. There is no information about possible countermeasures...
Auteur: VulDB

OpenClinic GA 5.09.02/5.89.05b File Upload Verification Remote Code Execution

A vulnerability was found in OpenClinic GA 5.09.02/5.89.05b. It has been classified as critical. Affected is an unknown code block of the component File Upload Verification. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

OpenClinic GA 5.09.02 Default Credentials weak authentication

A vulnerability was found in OpenClinic GA 5.09.02 and classified as critical. This issue affects an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB
First45678910111213Last

Événements SSI