Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Constructor.Win32.Bifrose.ag Bifrost Setting File Import stack-based overflow

A vulnerability was found in Constructor.Win32.Bifrose.ag (unknown version). It has been rated as critical. This issue affects an unknown code of the component Bifrost Setting File Import. There is no information about possible countermeasures...
Auteur: VulDB

HEUR.Backdoor.Win32.Generic Service Port 1080 C:\WINDOWS\1314.exe backdoor

A vulnerability was found in HEUR.Backdoor.Win32.Generic (Remote Access Software) (the affected version is unknown). It has been declared as critical. This vulnerability affects an unknown part of the file C:\WINDOWS\1314.exe of the component...
Auteur: VulDB

Trojan.Win32.Bayrob.dtrg C:\mnfqzckna0dkc\ permission

A vulnerability was found in Trojan.Win32.Bayrob.dtrg (the affected version unknown). It has been classified as critical. This affects some unknown functionality of the file C:\mnfqzckna0dkc\. There is no information about possible...
Auteur: VulDB

Trojan-Dropper.Win32.Agent.bjtzcp C:\Isrimss2018\ permission

A vulnerability was found in Trojan-Dropper.Win32.Agent.bjtzcp (affected version not known) and classified as critical. Affected by this issue is an unknown functionality of the file C:\Isrimss2018\. There is no information about possible...
Auteur: VulDB

Trojan.Win32.NanoBot.onh C:\AppData\ permission

A vulnerability has been found in Trojan.Win32.NanoBot.onh (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown function of the file C:\AppData\. There is no information about possible...
Auteur: VulDB

Trojan.Win32.Agentb.iofv C:\drivr\ permission

A vulnerability, which was classified as critical, was found in Trojan.Win32.Agentb.iofv (version unknown). Affected is some unknown processing of the file C:\drivr\. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

overlayfs on Ubuntu privileges management [CVE-2021-3493]

A vulnerability, which was classified as critical, has been found in overlayfs on Ubuntu (unknown version). This issue affects an unknown code block. Applying a patch is able to eliminate this problem. The bugfix is ready for download at...
Auteur: VulDB

Shiftfs on Ubuntu Kernel Memory copy_from_user double free

A vulnerability classified as critical was found in Shiftfs on Ubuntu (the affected version is unknown). This vulnerability affects the function copy_from_user of the component Kernel Memory Handler. Applying a patch is able to eliminate this...
Auteur: VulDB

ezXML 0.8.6 XML File Parser libezxml.a ezxml_parse_str out-of-bounds read

A vulnerability classified as problematic has been found in ezXML 0.8.6. This affects the function ezxml_parse_str of the file libezxml.a of the component XML File Parser. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ezXML 0.8.6 XML File Parser libezxml.a ezxml_parse_str memory corruption

A vulnerability was found in ezXML 0.8.6. It has been rated as critical. Affected by this issue is the function ezxml_parse_str of the file libezxml.a of the component XML File Parser. There is no information about possible countermeasures known....
Auteur: VulDB

a12n-server 0.18.0 on npm HAL-Form privileges management

A vulnerability was found in a12n-server 0.18.0 on npm (NPM Package). It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component HAL-Form. Upgrading to version 0.18.2 eliminates this...
Auteur: VulDB

Portofino up to 5.2.0 JSON Web Token signature verification

A vulnerability was found in Portofino up to 5.2.0. It has been classified as critical. Affected is an unknown function of the component JSON Web Token Handler. Upgrading to version 5.2.1 eliminates this vulnerability. Applying a patch is able to...
Auteur: VulDB

jose-node-cjs-runtime up to 3.11.3 on npm information exposure

A vulnerability was found in jose-node-cjs-runtime up to 3.11.3 on npm (NPM Package) and classified as problematic. This issue affects some unknown processing. Upgrading to version 3.11.4 eliminates this vulnerability.
Auteur: VulDB

jose-node-esm-runtime up to 3.11.3 on npm information exposure

A vulnerability has been found in jose-node-esm-runtime up to 3.11.3 on npm (NPM Package) and classified as problematic. This vulnerability affects an unknown code block. Upgrading to version 3.11.4 eliminates this vulnerability.
Auteur: VulDB

jose-browser-runtime up to 3.11.3 on npm information exposure

A vulnerability, which was classified as problematic, was found in jose-browser-runtime up to 3.11.3 on npm (NPM Package). This affects an unknown code. Upgrading to version 3.11.4 eliminates this vulnerability.
Auteur: VulDB

jose prior 1.28.1/2.0.5/3.11.4 on npm information exposure [CVE-2021-29443]

A vulnerability, which was classified as problematic, has been found in jose on npm (NPM Package). Affected by this issue is an unknown part. Upgrading to version 1.28.1, 2.0.5 or 3.11.4 eliminates this vulnerability.
Auteur: VulDB

Siemens Mendix up to 7.23.18/8.6.8/8.12.4/9.0.4 User Role privileges management

A vulnerability classified as critical was found in Siemens Mendix up to 7.23.18/8.6.8/8.12.4/9.0.4. Affected by this vulnerability is some unknown functionality of the component User Role Handler. Upgrading to version 7.23.19, 8.6.9, 8.12.5,...
Auteur: VulDB

Tribal Systems Zenario CMS 8.8.52729 Pugin Library Delete Module ajax.php ID sql injection

A vulnerability classified as critical has been found in Tribal Systems Zenario CMS 8.8.52729 (Content Management System). Affected is an unknown functionality of the file ajax.php of the component Pugin Library Delete Module. Upgrading to...
Auteur: VulDB

Adobe Genuine Service up to 6.6 uncontrolled search path [CVE-2020-9681]

A vulnerability was found in Adobe Genuine Service up to 6.6. It has been rated as critical. This issue affects an unknown function. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Genuine Service up to 6.6 Symlink access control

A vulnerability was found in Adobe Genuine Service up to 6.6. It has been declared as critical. This vulnerability affects some unknown processing of the component Symlink Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

Adobe Genuine Service up to 6.6 uncontrolled search path [CVE-2020-9667]

A vulnerability was found in Adobe Genuine Service up to 6.6. It has been classified as critical. This affects an unknown code block. Upgrading eliminates this vulnerability.
Auteur: VulDB

QNAP QTS Multimedia Console/Media Streaming Add-on sql injection

A vulnerability was found in QNAP QTS (Network Attached Storage Software) (affected version not known) and classified as critical. Affected by this issue is an unknown code of the component Multimedia Console/Media Streaming Add-on. Upgrading...
Auteur: VulDB

QNAP QTS/QuTS Hero command injection [CVE-2020-2509]

A vulnerability has been found in QNAP QTS and QuTS Hero (Network Attached Storage Software) (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown part. Upgrading eliminates this vulnerability.
Auteur: VulDB

IBM Spectrum Protect 7.1/8.1 Command Parser stack-based overflow

A vulnerability, which was classified as critical, was found in IBM Spectrum Protect 7.1/8.1 (Backup Software). Affected is some unknown functionality of the component Command Parser. There is no information about possible countermeasures known....
Auteur: VulDB

vscode-bazel up to 0.4.0 JSON Config File file inclusion

A vulnerability, which was classified as problematic, has been found in vscode-bazel up to 0.4.0. This issue affects an unknown functionality of the component JSON Config File Handler. Upgrading to version 0.4.1 eliminates this vulnerability....
Auteur: VulDB
12345678910Last

Événements SSI