Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Snow Inventory Agent up to 6.7.0 on Windows Configuration unknown vulnerability

A vulnerability has been found in Snow Inventory Agent up to 6.7.0 on Windows and classified as critical. Affected by this vulnerability is an unknown code block of the component Configuration Handler. There is no information about possible...
Auteur: VulDB

Polaris Office 9.102.66 PDF File PolarisOffice.exe divide by zero

A vulnerability, which was classified as problematic, was found in Polaris Office 9.102.66. Affected is an unknown code in the library EngineDLL.dll of the file PolarisOffice.exe of the component PDF File Handler. There is no information about...
Auteur: VulDB

Jasper up to 2.0.24 jp2_decode out-of-bounds read

A vulnerability, which was classified as problematic, has been found in Jasper up to 2.0.24 (Programming Tool Software). This issue affects the function jp2_decode. Upgrading to version 2.0.25 eliminates this vulnerability. Applying a patch is...
Auteur: VulDB

Aruba ClearPass Policy Manager up to 6.7.14/6.8.8/6.9.4 Web-based Management Interface sql injection

A vulnerability classified as critical was found in Aruba ClearPass Policy Manager up to 6.7.14/6.8.8/6.9.4 (Policy Management Software). This vulnerability affects some unknown functionality of the component Web-based Management Interface....
Auteur: VulDB

Aruba ClearPass Policy Manager up to 6.7.14/6.8.8/6.9.4 Web-based Management Interface sql injection

A vulnerability classified as critical has been found in Aruba ClearPass Policy Manager up to 6.7.14/6.8.8/6.9.4 (Policy Management Software). This affects an unknown functionality of the component Web-based Management Interface. Upgrading to...
Auteur: VulDB

Aruba ClearPass Policy Manager up to 6.7.14/6.8.8/6.9.4 Web-based Management Interface command injection

A vulnerability was found in Aruba ClearPass Policy Manager up to 6.7.14/6.8.8/6.9.4 (Policy Management Software). It has been rated as critical. Affected by this issue is an unknown function of the component Web-based Management Interface....
Auteur: VulDB

Aruba ClearPass Policy Manager up to 6.7.14/6.8.8/6.9.4 Web-based Management Interface command injection

A vulnerability was found in Aruba ClearPass Policy Manager up to 6.7.14/6.8.8/6.9.4 (Policy Management Software). It has been declared as critical. Affected by this vulnerability is some unknown processing of the component Web-based Management...
Auteur: VulDB

Aruba ClearPass Policy Manager up to 6.7.14/6.8.8/6.9.4 cross site scripting

A vulnerability was found in Aruba ClearPass Policy Manager up to 6.7.14/6.8.8/6.9.4 (Policy Management Software). It has been classified as problematic. Affected is an unknown code block. Upgrading to version 6.7.14-HF1, 6.8.8-HF1 or 6.9.5...
Auteur: VulDB

Aruba ClearPass Policy Manager up to 6.7.14/6.8.8/6.9.4 command injection

A vulnerability was found in Aruba ClearPass Policy Manager up to 6.7.14/6.8.8/6.9.4 (Policy Management Software) and classified as critical. This issue affects an unknown code. Upgrading to version 6.7.14-HF1, 6.8.8-HF1 or 6.9.5 eliminates this...
Auteur: VulDB

Aruba ClearPass Policy Manager up to 6.7.14/6.8.8/6.9.4 Web-based Management Interface cross site scripting

A vulnerability has been found in Aruba ClearPass Policy Manager up to 6.7.14/6.8.8/6.9.4 (Policy Management Software) and classified as problematic. This vulnerability affects an unknown part of the component Web-based Management Interface....
Auteur: VulDB

Collabora Online up to 4.2.12/6.4.2 loolforkit Local Privilege Escalation

A vulnerability, which was classified as critical, was found in Collabora Online up to 4.2.12/6.4.2. This affects some unknown functionality of the component loolforkit. Upgrading to version 4.2.13 or 6.4.3 eliminates this vulnerability.
Auteur: VulDB

Luxion KeyShot up to 10.0 Extraction path traversal

A vulnerability, which was classified as critical, has been found in Luxion KeyShot, KeyShot Viewer, KeyShot Network Rendering and KeyVR up to 10.0. Affected by this issue is an unknown functionality of the component Extraction Handler. Upgrading...
Auteur: VulDB

VMware Spring Cloud Netflix Zuul up to 2.2.6.RELEASE Sensitive Headers unknown vulnerability

A vulnerability classified as problematic was found in VMware Spring Cloud Netflix Zuul up to 2.2.6.RELEASE (Cloud Software). Affected by this vulnerability is an unknown function of the component Sensitive Headers Handler. Upgrading to version...
Auteur: VulDB

stunnel up to 5.56 certificate validation [CVE-2021-20230]

A vulnerability classified as critical has been found in stunnel up to 5.56. Affected is some unknown processing. Upgrading to version 5.57 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for...
Auteur: VulDB

PostgreSQL up to 13.1 Query authorization

A vulnerability was found in PostgreSQL up to 13.1 (Database Software). It has been rated as problematic. This issue affects an unknown code block of the component Query Handler. Upgrading to version 9.5.25, 9.6.21, 10.16, 11.11, 12.6 or 13.2...
Auteur: VulDB

Linux Kernel Object io_uring use after free

A vulnerability was found in Linux Kernel (Operating System) (the affected version is unknown). It has been declared as critical. This vulnerability affects the function io_uring of the component Object Handler. Applying a patch is able to...
Auteur: VulDB

Undertow HTTP Request HTTP/1.x request smuggling

A vulnerability was found in Undertow (the affected version unknown). It has been classified as critical. This affects an unknown part of the file HTTP/1.x of the component HTTP Request Handler. There is no information about possible...
Auteur: VulDB

Openshift Installer prior 0.9.0-master.0.20210125200451-95101da940b0 Kublet missing authentication

A vulnerability was found in Openshift Installer (Virtualization Software) and classified as critical. Affected by this issue is some unknown functionality of the component Kublet. Upgrading to version 0.9.0-master.0.20210125200451-95101da940b0...
Auteur: VulDB

ipTIME NAS-I up to 1.4.35 Bulletin Manage unrestricted upload

A vulnerability has been found in ipTIME NAS-I, NAS-II, NAS-IIe, NAS101, NAS1dual, NAS2dual, NAS3, NAS4 and NAS4dual up to 1.4.35 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Bulletin...
Auteur: VulDB

IBM Planning Analytics 2.0 information disclosure [CVE-2020-4953]

A vulnerability, which was classified as problematic, was found in IBM Planning Analytics 2.0. Affected is an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected object with...
Auteur: VulDB

theme-core lib/utils.js command injection [CVE-2020-28432]

A vulnerability, which was classified as critical, has been found in theme-core (unknown version). This issue affects some unknown processing in the library lib/utils.js. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

wc-cmd index.js command injection

A vulnerability classified as critical was found in wc-cmd (the affected version is unknown). This vulnerability affects an unknown code block of the file index.js. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

nuance-gulp-build-common index.js command injection

A vulnerability classified as critical has been found in nuance-gulp-build-common (the affected version unknown). This affects an unknown code of the file index.js. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

geojson2kml index.js command injection

A vulnerability was found in geojson2kml (affected version not known). It has been rated as critical. Affected by this issue is an unknown part of the file index.js. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

fastadmin 1.0.0.20200506_beta cross site scripting [CVE-2020-26609]

A vulnerability was found in fastadmin 1.0.0.20200506_beta. It has been declared as problematic. Affected by this vulnerability is some unknown functionality. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB
First45678910111213Last

Événements SSI