Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

ManageEngine ADSelfService Plus Build 6003 privilege escalation

A vulnerability classified as critical was found in ManageEngine ADSelfService Plus Build 6003. This vulnerability affects an unknown part. Applying a patch is able to eliminate this problem. The bugfix is ready for download at...
Auteur: VulDB

Apache HTTP Server up to 2.4.43 HTTP2 Request Crash denial of service

A vulnerability classified as problematic has been found in Apache HTTP Server. This affects some unknown functionality of the component HTTP2 Request Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Handysoft Groupware Integrity Verification hslogin2.dll Web Page Code privilege escalation

A vulnerability was found in Handysoft Groupware (affected version not known). It has been rated as critical. Affected by this issue is an unknown functionality in the library hslogin2.dll of the component Integrity Verification. There is no...
Auteur: VulDB

Spring Cloud Netflix up to 2.1.5/2.2.3 Hystrix Dashboard privilege escalation

A vulnerability was found in Spring Cloud Netflix up to 2.1.5/2.2.3. It has been declared as critical. Affected by this vulnerability is an unknown function of the component Hystrix Dashboard. Upgrading to version 2.1.6 or 2.2.4 eliminates this...
Auteur: VulDB

Sophos XG Firewall up to 2020-08-05 User Portal OS Command Injection privilege escalation

A vulnerability was found in Sophos XG Firewall up to 2020-08-05. It has been classified as critical. Affected is some unknown processing of the component User Portal. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Temi Robox OS up to 119.24 weak authentication [CVE-2020-16169]

A vulnerability was found in Temi Robox OS up to 119.24 and classified as critical. This issue affects an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Temi Launcher OS up to 13146 weak authentication [CVE-2020-16167]

A vulnerability has been found in Temi Launcher OS up to 13146 and classified as critical. This vulnerability affects an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Mahara up to 19.04.5/19.10.3/20.04.0 Folder Name cross site scripting

A vulnerability, which was classified as problematic, was found in Mahara up to 19.04.5/19.10.3/20.04.0. This affects an unknown part of the component Folder Name Handler. Upgrading to version 19.04.6, 19.10.4 or 20.04.1 eliminates this...
Auteur: VulDB

PassMark BurnInTest/OSForensics/PerformanceTest Kernel Driver DirectIo32.sys Code Execution

A vulnerability, which was classified as critical, has been found in PassMark BurnInTest, OSForensics and PerformanceTest (affected version not known). Affected by this issue is some unknown functionality in the library DirectIo32.sys of the...
Auteur: VulDB

PassMark BurnInTest/OSForensics/PerformanceTest Request DirectIo32.sys Stack-based memory corruption

A vulnerability classified as critical was found in PassMark BurnInTest, OSForensics and PerformanceTest (affected version unknown). Affected by this vulnerability is an unknown functionality in the library DirectIo32.sys of the component Request...
Auteur: VulDB

Prism Previewers Plugin cross site scripting [CVE-2020-15138]

A vulnerability classified as problematic has been found in Prism (version unknown). Affected is an unknown function of the component Previewers Plugin. The best possible mitigation is suggested to be Workaround.
Auteur: VulDB

DIGITUS DA-70254 2.073.000.E0008 denial of service [CVE-2020-15065]

A vulnerability was found in DIGITUS DA-70254 2.073.000.E0008. It has been rated as problematic. This issue affects some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

DIGITUS DA-70254 2.073.000.E0008 Server Name Persistent cross site scripting

A vulnerability was found in DIGITUS DA-70254 2.073.000.E0008. It has been declared as problematic. This vulnerability affects an unknown code block of the component Server Name Handler. There is no information about possible countermeasures...
Auteur: VulDB

DIGITUS DA-70254 2.073.000.E0008 Web Admin password weak authentication

A vulnerability was found in DIGITUS DA-70254 2.073.000.E0008. It has been classified as critical. This affects an unknown code of the component Web Admin Handler. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

DIGITUS DA-70254 2.073.000.E0008 UDP Traffic Password weak encryption

A vulnerability was found in DIGITUS DA-70254 2.073.000.E0008 and classified as problematic. Affected by this issue is an unknown part of the component UDP Traffic Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 denial of service

A vulnerability has been found in Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 and classified as problematic. Affected by this vulnerability is some unknown functionality. There is no information about possible countermeasures...
Auteur: VulDB

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 Server Name Persistent cross site scripting

A vulnerability, which was classified as problematic, was found in Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000. Affected is an unknown functionality of the component Server Name Handler. There is no information about possible...
Auteur: VulDB

TP-LINK TL-PS310U prior 2.079.000.t0210 denial of service [CVE-2020-15057]

A vulnerability classified as problematic has been found in TP-LINK TL-PS310U. This affects an unknown code block. Upgrading to version 2.079.000.t0210 eliminates this vulnerability.
Auteur: VulDB

TP-LINK TL-PS310U prior 2.079.000.t0210 Server Name Persistent cross site scripting

A vulnerability was found in TP-LINK TL-PS310U. It has been rated as problematic. Affected by this issue is an unknown code of the component Server Name Handler. Upgrading to version 2.079.000.t0210 eliminates this vulnerability.
Auteur: VulDB

TP-LINK TL-PS310U prior 2.079.000.t0210 Web Administration password weak authentication

A vulnerability was found in TP-LINK TL-PS310U. It has been declared as critical. Affected by this vulnerability is an unknown part of the component Web Administration. Upgrading to version 2.079.000.t0210 eliminates this vulnerability.
Auteur: VulDB

TP-LINK TL-PS310U prior 2.079.000.t0210 UDP Traffic Password weak encryption

A vulnerability was found in TP-LINK TL-PS310U. It has been classified as problematic. Affected is some unknown functionality of the component UDP Traffic Handler. Upgrading to version 2.079.000.t0210 eliminates this vulnerability.
Auteur: VulDB

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 Web Administration password weak authentication

A vulnerability, which was classified as critical, has been found in Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000. This issue affects an unknown function of the component Web Administration. There is no information about possible...
Auteur: VulDB

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 UDP Traffic Password weak encryption

A vulnerability classified as problematic was found in Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000. This vulnerability affects some unknown processing of the component UDP Traffic Handler. There is no information about possible...
Auteur: VulDB

SecurEnvoy SecurMail 9.3.503 Cookie OS Command Injection privilege escalation

A vulnerability was found in SecurEnvoy SecurMail 9.3.503 and classified as critical. This issue affects an unknown functionality of the component Cookie Handler. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Apache HTTP Server up to 2.4.43 mod_http2 unknown vulnerability

A vulnerability has been found in Apache HTTP Server (Web Server) and classified as problematic. This vulnerability affects an unknown function of the component mod_http2. It is possible to mitigate the problem by applying the configuration...
Auteur: VulDB
12345678910Last

Événements SSI