Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

openSUSE Leap/Tumbleweed inn Package privilege escalation [CVE-2020-8026]

A vulnerability was found in openSUSE Leap and Tumbleweed (unknown version). It has been rated as critical. This issue affects some unknown functionality of the component inn Package. Applying a patch is able to eliminate this problem.
Auteur: VulDB

openSUSE Linux Enterprise Server/Leap/Tumbleweed Permissions Package privilege escalation

A vulnerability was found in openSUSE Linux Enterprise Server, Leap and Tumbleweed (the affected version is unknown). It has been declared as critical. This vulnerability affects an unknown functionality of the component Permissions Package....
Auteur: VulDB

Temi Firmware 20190419.165201 Origin unknown vulnerability [CVE-2020-16168]

A vulnerability was found in Temi Firmware 20190419.165201 (Firmware Software). It has been classified as critical. This affects an unknown function of the component Origin Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

CERTFR-2020-AVI-490 : Multiples vulnérabilités dans Apache Server (07 août 2020)

De multiples vulnérabilités ont été découvertes dans Apache Server. Elles permettent à un attaquant de provoquer un déni de service à distance et une atteinte à la confidentialité des données.

Auteur: Cert FR

CERTFR-2020-AVI-489 : Multiples vulnérabilités dans le noyau Linux de SUSE (07 août 2020)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et un contournement de...
Auteur: Cert FR

MyBrowserPlus Integrity Verification Setup.inf privilege escalation

A vulnerability was found in MyBrowserPlus (affected version not known) and classified as critical. Affected by this issue is some unknown processing of the file Setup.inf of the component Integrity Verification. There is no information about...
Auteur: VulDB

FreeBSD up to 11.4/12.1 on 64-bit compat32 Subsystem Message Header TOCTOU race condition

A vulnerability has been found in FreeBSD up to 11.4/12.1 on 64-bit (Operating System) and classified as problematic. Affected by this vulnerability is an unknown code block of the component compat32 Subsystem. Applying a patch is able to...
Auteur: VulDB

FreeBSD up to 11.4/12.1 USB Network Driver Network Packet memory corruption

A vulnerability, which was classified as critical, was found in FreeBSD up to 11.4/12.1. Affected is an unknown code of the component USB Network Driver. Applying a patch is able to eliminate this problem.
Auteur: VulDB

EasyCorp ZenTao Pro /pro/repo-create.html path OS Command Injection privilege escalation

A vulnerability, which was classified as very critical, has been found in EasyCorp ZenTao Pro (unknown version). This issue affects an unknown part of the file /pro/repo-create.html. There is no information about possible countermeasures known....
Auteur: VulDB

Cayin CMS system.cgi OS Command Injection privilege escalation

A vulnerability classified as critical was found in Cayin CMS (the affected version is unknown). This vulnerability affects some unknown functionality of the file system.cgi. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Cayin xPost wayfinder_meeting_input.jsp wayfinder_seqid sql injection

A vulnerability classified as very critical has been found in Cayin xPost (the affected version unknown). This affects an unknown functionality of the file wayfinder_meeting_input.jsp. There is no information about possible countermeasures known....
Auteur: VulDB

GOG Galaxy up to 1.2.64/2.0.12 on Windows GalaxyClientService privilege escalation

A vulnerability was found in GOG Galaxy up to 1.2.64/2.0.12 on Windows. It has been rated as critical. Affected by this issue is an unknown function of the component GalaxyClientService. There is no information about possible countermeasures...
Auteur: VulDB

Google Go up to 1.13.14/1.14.6 ReadUvarint/ReadVarint Loop denial of service

A vulnerability was found in Google Go up to 1.13.14/1.14.6 (Programming Language Software). It has been declared as problematic. Affected by this vulnerability is the function ReadUvarint/ReadVarint. Upgrading to version 1.13.15 or 1.14.7...
Auteur: VulDB

Advantech WebAccess HMI Designer up to 2.1.9.31 Project File Type Confusion memory corruption

A vulnerability was found in Advantech WebAccess HMI Designer up to 2.1.9.31 (SCADA Software). It has been classified as critical. Affected is an unknown code block. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Delta Electronics TPEditor up to 1.97 Project File privilege escalation

A vulnerability was found in Delta Electronics TPEditor up to 1.97 and classified as critical. This issue affects an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

Delta Electronics TPEditor up to 1.97 Project File privilege escalation

A vulnerability has been found in Delta Electronics TPEditor up to 1.97 and classified as critical. This vulnerability affects an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Delta Electronics TPEditor up to 1.97 Project File Heap-based memory corruption

A vulnerability, which was classified as critical, was found in Delta Electronics TPEditor up to 1.97. This affects some unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Delta Electronics TPEditor up to 1.97 Project File Stack-based memory corruption

A vulnerability, which was classified as critical, has been found in Delta Electronics TPEditor up to 1.97. Affected by this issue is an unknown functionality. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Delta Electronics TPEditor up to 1.97 Project File Out-of-Bounds memory corruption

A vulnerability classified as critical was found in Delta Electronics TPEditor up to 1.97. Affected by this vulnerability is an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Advantech WebAccess HMI Designer up to 2.1.9.31 Project File Double-Free denial of service

A vulnerability classified as problematic has been found in Advantech WebAccess HMI Designer up to 2.1.9.31 (SCADA Software). Affected is some unknown processing. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Advantech WebAccess HMI Designer up to 2.1.9.31 Project File Stack-based memory corruption

A vulnerability was found in Advantech WebAccess HMI Designer up to 2.1.9.31 (SCADA Software). It has been rated as critical. This issue affects an unknown code block. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Advantech WebAccess HMI Designer up to 2.1.9.31 Project File memory corruption

A vulnerability was found in Advantech WebAccess HMI Designer up to 2.1.9.31 (SCADA Software). It has been declared as critical. This vulnerability affects an unknown code. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Advantech WebAccess HMI Designer up to 2.1.9.31 Project File Out-of-Bounds memory corruption

A vulnerability was found in Advantech WebAccess HMI Designer up to 2.1.9.31 (SCADA Software). It has been classified as critical. This affects an unknown part. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Advantech WebAccess HMI Designer up to 2.1.9.31 Project File Heap-based memory corruption

A vulnerability was found in Advantech WebAccess HMI Designer up to 2.1.9.31 (SCADA Software) and classified as critical. Affected by this issue is some unknown functionality. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Apport TOCTOU race condition [CVE-2020-15702]

A vulnerability has been found in Apport (affected version unknown) and classified as problematic. Affected by this vulnerability is an unknown functionality. Upgrading eliminates this vulnerability.
Auteur: VulDB
12345678910Last

Événements SSI