Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

D-Link DIR-802 A1 up to 1.00b05 UPnP ST command injection

A vulnerability was found in D-Link DIR-802 A1 up to 1.00b05 (Router Operating System) and classified as critical. This issue affects an unknown code block of the component UPnP Handler. Addressing this vulnerability is possible by firewalling .
Auteur: VulDB

CERTFR-2021-AVI-249 : Multiple vulnérabilités dans les produits SonicWall (12 avril 2021)

Une vulnérabilité a été découverte dans les produits SonicWall. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Auteur: Cert FR

Standard Library up to 1.51.x on Rust ZIP integer overflow

A vulnerability has been found in Standard Library up to 1.51.x on Rust (Software Library) and classified as critical. This vulnerability affects an unknown code of the component ZIP Handler. Upgrading to version 1.52.0 eliminates this...
Auteur: VulDB

Standard Library up to 1.51.x on Rust __iterator_get_unchecked memory corruption

A vulnerability, which was classified as critical, was found in Standard Library up to 1.51.x on Rust (Software Library). This affects the function __iterator_get_unchecked. Upgrading to version 1.52.0 eliminates this vulnerability. Applying a...
Auteur: VulDB

Standard Library up to 1.50.x on Rust __iterator_get_unchecked memory corruption

A vulnerability, which was classified as critical, has been found in Standard Library up to 1.50.x on Rust (Software Library). Affected by this issue is the function __iterator_get_unchecked. Upgrading to version 1.51.0 eliminates this...
Auteur: VulDB

Standard Library up to 1.51.x on Rust __iterator_get_unchecked memory corruption

A vulnerability classified as critical was found in Standard Library up to 1.51.x on Rust (Software Library). Affected by this vulnerability is the function __iterator_get_unchecked. Upgrading to version 1.52.0 eliminates this vulnerability....
Auteur: VulDB

Standard Library up to 1.49.x on Rust read_to_end buffer overflow

A vulnerability classified as critical has been found in Standard Library up to 1.49.x on Rust (Software Library). Affected is the function read_to_end. Upgrading to version 1.50.0 eliminates this vulnerability. Applying a patch is able to...
Auteur: VulDB

Standard Library up to 1.48.x on Rust make_contiguous use after free

A vulnerability was found in Standard Library up to 1.48.x on Rust (Software Library). It has been rated as critical. This issue affects the function VecDeque::make_contiguous. Upgrading to version 1.49.0 eliminates this vulnerability. Applying a...
Auteur: VulDB

Standard Library up to 1.48.x on Rust UTF-8 Encoding String::retain memory corruption

A vulnerability was found in Standard Library up to 1.48.x on Rust (Software Library). It has been declared as critical. This vulnerability affects the function String::retain of the component UTF-8 Encoding Handler. Upgrading to version 1.49.0...
Auteur: VulDB

Standard Library up to 1.1.x on Rust Comparison sift_up/sift_down_range memory corruption

A vulnerability was found in Standard Library up to 1.1.x on Rust (Software Library). It has been classified as critical. This affects the function sift_up/sift_down_range of the component Comparison Handler. Upgrading to version 1.2.0 eliminates...
Auteur: VulDB

ezXML 0.8.6 XML File libezxml.a ezxml_internal_dtd null pointer dereference

A vulnerability was found in ezXML 0.8.6 and classified as problematic. Affected by this issue is the function ezxml_internal_dtd of the file libezxml.a of the component XML File Handler. There is no information about possible countermeasures...
Auteur: VulDB

Valve Steam up to 2021-04-10 Source Engine Game buffer overflow

A vulnerability has been found in Valve Steam up to 2021-04-10 and classified as critical. Affected by this vulnerability is some unknown functionality of the component Source Engine Game Handler. The problem might be mitigated by replacing the...
Auteur: VulDB

SonicWall GMS 9.3 improper authentication [CVE-2021-20020]

A vulnerability, which was classified as critical, was found in SonicWall GMS 9.3 (Firewall Software). Affected is an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Zoom Chat up to 2021-04-09 on Windows/macOS Remote Privilege Escalation

A vulnerability, which was classified as critical, has been found in Zoom Chat up to 2021-04-09 on Windows/macOS (Chat Software). There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

Samsung Account Pendingetent improper authorization [CVE-2021-25381]

A vulnerability classified as problematic was found in Samsung Account (the affected version is unknown). This vulnerability affects some unknown processing of the component Pendingetent Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

Samsung Bixby prior 3.0.53.02 Exception Remote Code Execution

A vulnerability classified as critical has been found in Samsung Bixby. This affects an unknown code block of the component Exception Handler. Upgrading to version 3.0.53.02 eliminates this vulnerability.
Auteur: VulDB

Samsung Gallery prior 5.4.16.1 Intents information disclosure

A vulnerability was found in Samsung Gallery (Photo Gallery Software). It has been rated as problematic. Affected by this issue is an unknown code of the component Intents Handler. Upgrading to version 5.4.16.1 eliminates this vulnerability.
Auteur: VulDB

Samsung SmartThings prior 1.7.63.6 Port denial of service

A vulnerability was found in Samsung SmartThings (Router Operating System). It has been declared as problematic. Affected by this vulnerability is an unknown part of the component Port Handler. Upgrading to version 1.7.63.6 eliminates this...
Auteur: VulDB

Samsung Experience Service Intent improper authentication [CVE-2021-25377]

A vulnerability was found in Samsung Experience Service (version unknown). It has been classified as problematic. Affected is some unknown functionality of the component Intent Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

Samsung Email prior 6.1.41.0 Synchronization information disclosure

A vulnerability was found in Samsung Email and classified as problematic. This issue affects an unknown functionality of the component Synchronization. Upgrading to version 6.1.41.0 eliminates this vulnerability.
Auteur: VulDB

Samsung Email prior 6.1.41.0 Attachment information disclosure

A vulnerability has been found in Samsung Email and classified as problematic. This vulnerability affects an unknown function of the component Attachment Handler. Upgrading to version 6.1.41.0 eliminates this vulnerability.
Auteur: VulDB

Samsung Members samsungrewards Scheme for Deeplink improper authorization

A vulnerability, which was classified as critical, was found in Samsung Members samsungrewards Scheme for Deeplink (the affected version unknown). This affects some unknown processing. Upgrading eliminates this vulnerability.
Auteur: VulDB

Samsung Customization Service Pendingetent improper authorization

A vulnerability, which was classified as problematic, has been found in Samsung Customization Service (affected version not known). Affected by this issue is an unknown code block of the component Pendingetent Handler. Upgrading eliminates this...
Auteur: VulDB

Samsung softsimd prior SMR APR-2021 Release 1 API privileges management

A vulnerability classified as critical was found in Samsung softsimd. Affected by this vulnerability is an unknown code of the component API. Upgrading to version SMR APR-2021 Release 1 eliminates this vulnerability.
Auteur: VulDB

Samsung Secure Folder prior SMR APR-2021 Release 1 Contact Information information disclosure

A vulnerability classified as problematic has been found in Samsung Secure Folder. Affected is an unknown part of the component Contact Information Handler. Upgrading to version SMR APR-2021 Release 1 eliminates this vulnerability.
Auteur: VulDB
12345678910Last

Événements SSI