Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

remarkable 1.7.1 URL lib/parser_inline.js cross site scripting

A vulnerability has been found in remarkable 1.7.1 and classified as problematic. This vulnerability affects a functionality in the library lib/parser_inline.js of the component URL Handler. The manipulation with the input value \x0ejavascript:...
Auteur: VulDB

remarkable 1.7.1 lib/common/html_re.js Regular Expression denial of service

A vulnerability, which was classified as problematic, was found in remarkable 1.7.1. This affects a function in the library lib/common/html_re.js. The manipulation as part of a Regular Expression leads to a denial of service vulnerability...
Auteur: VulDB

KonaKart 8.9.0.0 Product Category Image Code Execution

A vulnerability, which was classified as critical, has been found in KonaKart 8.9.0.0. Affected by this issue is some functionality of the component Product Category Image Handler. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

CentOS-WebPanel.com CentOS Web Panel 0.9.8.793 DNS Functions Domain Reflected cross site scripting

A vulnerability classified as problematic was found in CentOS-WebPanel.com CentOS Web Panel 0.9.8.793. Affected by this vulnerability is the functionality of the component DNS Functions. The manipulation of the argument Domain with an unknown...
Auteur: VulDB

Suricata up to 4.1.3 decode-mpls.c DecodeMPLS Network Packet memory corruption

A vulnerability classified as critical has been found in Suricata up to 4.1.3. Affected is the function DecodeMPLS of the file decode-mpls.c. The manipulation as part of a Network Packet leads to a memory corruption vulnerability. CWE is...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 Crafted Packet Code Execution memory corruption

A vulnerability was found in Anker Roav A1 Dashcam RoavA1SWV1.9. It has been rated as very critical. This issue affects some processing. The manipulation as part of a Crafted Packet leads to a memory corruption vulnerability (Code Execution)....
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 HTTP Server HTTP POST Request privilege escalation

A vulnerability was found in Anker Roav A1 Dashcam RoavA1SWV1.9. It has been declared as problematic. This vulnerability affects a code block of the component HTTP Server. The manipulation as part of a HTTP POST Request leads to a privilege...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 Crafted Packet Deadlock denial of service

A vulnerability was found in Anker Roav A1 Dashcam RoavA1SWV1.9. It has been classified as problematic. This affects code. The manipulation as part of a Crafted Packet leads to a denial of service vulnerability (Deadlock). CWE is classifying the...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 Reboot denial of service

A vulnerability was found in Anker Roav A1 Dashcam RoavA1SWV1.9 and classified as problematic. Affected by this issue is a part. The manipulation with an unknown input leads to a denial of service vulnerability (Reboot). Using CWE to declare the...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 Crafted Packet Memory denial of service

A vulnerability has been found in Anker Roav A1 Dashcam RoavA1SWV1.9 and classified as problematic. Affected by this vulnerability is a functionality. The manipulation as part of a Crafted Packet leads to a denial of service vulnerability...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 Thumbnail Crafted Packet NULL Pointer Dereference denial of service

A vulnerability, which was classified as problematic, was found in Anker Roav A1 Dashcam RoavA1SWV1.9. Affected is a function of the component Thumbnail Handler. The manipulation as part of a Crafted Packet leads to a denial of service...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 Wi-Fi Command Crafted Packet Stack-based memory corruption

A vulnerability, which was classified as critical, has been found in Anker Roav A1 Dashcam RoavA1SWV1.9. This issue affects some functionality of the component Wi-Fi Command Handler. The manipulation as part of a Crafted Packet leads to a memory...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 HTTP Server HTTP PUT Request Firmware privilege escalation

A vulnerability classified as critical was found in Anker Roav A1 Dashcam RoavA1SWV1.9. This vulnerability affects the functionality of the component HTTP Server. The manipulation as part of a HTTP PUT Request leads to a privilege escalation...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 Default Credentials weak authentication

A vulnerability classified as critical has been found in Anker Roav A1 Dashcam RoavA1SWV1.9. This affects an unknown function. The manipulation with an unknown input leads to a weak authentication vulnerability (Default Credentials). CWE is...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 URL Parser Crafted Packet Stack-based memory corruption

A vulnerability was found in Anker Roav A1 Dashcam RoavA1SWV1.9. It has been rated as critical. Affected by this issue is some processing of the component URL Parser. The manipulation as part of a Crafted Packet leads to a memory corruption...
Auteur: VulDB

Anker Roav A1 Dashcam RoavA1SWV1.9 Wi-Fi Command Crafted Packet Stack-based memory corruption

A vulnerability was found in Anker Roav A1 Dashcam RoavA1SWV1.9. It has been declared as critical. Affected by this vulnerability is a code block of the component Wi-Fi Command Handler. The manipulation as part of a Crafted Packet leads to a...
Auteur: VulDB

D-Link DIR-822 B1 SetWiFiVerifyAlpha do_wps WPSPIN privilege escalation

A vulnerability was found in D-Link DIR-822 B1 (Router Operating System) (version unknown). It has been classified as critical. Affected is the function do_wps of the file /HNAP1/SetWiFiVerifyAlpha. The manipulation of the argument WPSPIN as...
Auteur: VulDB

D-Link DIR-822 3.10B06 SetQoSSettings.php uplink privilege escalation

A vulnerability was found in D-Link DIR-822 3.10B06 (Router Operating System) and classified as critical. This issue affects a part of the file SetQoSSettings.php. The manipulation of the argument uplink as part of a Shell Metacharacter leads to...
Auteur: VulDB

D-Link DIR-868L 2.05B02 /HNAP1/SetClientInfoDemo AudioMute/AudioEnable command injection

A vulnerability has been found in D-Link DIR-868L 2.05B02 (Router Operating System) and classified as critical. This vulnerability affects a functionality of the file /HNAP1/SetClientInfoDemo. The manipulation of the argument...
Auteur: VulDB

D-Link DIR-822/DIR-860L/DIR-868L/DIR-880L/DIR-890L SetAccessPointMode IsAccessPoint command injection

A vulnerability, which was classified as critical, was found in D-Link DIR-822, DIR-860L, DIR-868L, DIR-880L and DIR-890L (Router Operating System). This affects a function of the file /HNAP1/SetAccessPointMode. The manipulation of the argument...
Auteur: VulDB

D-Link DIR-818LW/DIR-822 B1 SetRouterSettings.php IPTWAN_build_command RemotePort privilege escalation

A vulnerability, which was classified as critical, has been found in D-Link DIR-818LW and DIR-822 B1 (Router Operating System) (affected version not known). Affected by this issue is the function IPTWAN_build_command of the file...
Auteur: VulDB

Simditor up to 2.3.21 SVG Element DOM-Based cross site scripting

A vulnerability classified as problematic was found in Simditor up to 2.3.21. Affected by this vulnerability is the functionality. The manipulation as part of a SVG Element leads to a cross site scripting vulnerability (DOM-Based). The CWE...
Auteur: VulDB

Virgin Media Wireless Router 3.0 Web Interface POST Request Persistent denial of service

A vulnerability classified as problematic has been found in Virgin Media Wireless Router 3.0 (Router Operating System). Affected is an unknown function of the component Web Interface. The manipulation as part of a POST Request leads to a denial...
Auteur: VulDB

Kieran O'Shea Calendar Plugin up to 1.3.10 on WordPress admin.php event_title parameter cross site scripting

A vulnerability was found in Kieran O'Shea Calendar Plugin up to 1.3.10 on WordPress (Calendar Software). It has been rated as problematic. This issue affects some processing of the file wp-admin/admin.php?page=calendar. The manipulation of the...
Auteur: VulDB

Espressif ESP-IDF up to 2.x/3.0.5/3.1.0 Bootloader esp_image_format.c process_segment privilege escalation

A vulnerability was found in Espressif ESP-IDF up to 2.x/3.0.5/3.1.0. It has been declared as problematic. This vulnerability affects a code block of the file components/bootloader_support/src/esp_image_format.c of the component Bootloader. The...
Auteur: VulDB
First946947948949950951952953954955Last

Événements SSI