Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

IBM WebSphere Application Server 7.0/8.0/8.5/9.0 SAML Web Inbound Trust Association Interceptor access control

A vulnerability classified as critical was found in IBM WebSphere Application Server 7.0/8.0/8.5/9.0 (Application Server Software). This vulnerability affects an unknown code block of the component SAML Web Inbound Trust Association Interceptor....
Auteur: VulDB

NetApp E-Series SANtricity OS Controller Software up to 11.70.0 information exposure

A vulnerability classified as problematic has been found in NetApp E-Series SANtricity OS Controller Software up to 11.70.0. This affects an unknown code. Upgrading to version 11.70.1 eliminates this vulnerability.
Auteur: VulDB

Facebook WhatsApp/WhatsApp Business prior 2.21.8.13 on Android Filename Validation path traversal

A vulnerability was found in Facebook WhatsApp and WhatsApp Business on Android (Social Network Software). It has been rated as critical. Affected by this issue is an unknown part of the component Filename Validation. Upgrading to version...
Auteur: VulDB

Flask-Unchained up to 0.8.x URL Validation _validate_redirect_url

A vulnerability was found in Flask-Unchained up to 0.8.x. It has been declared as problematic. Affected by this vulnerability is the function _validate_redirect_url of the component URL Validation Handler. Upgrading to version 0.9.0 eliminates...
Auteur: VulDB

JerryScript 2.2.0 re-parser.c re_parse_char_escape heap-based overflow

A vulnerability was found in JerryScript 2.2.0. It has been classified as critical. Affected is the function re_parse_char_escape of the file re-parser.c. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

JerryScript 2.2.0 parser_parse_object_initializer assertion

A vulnerability was found in JerryScript 2.2.0 and classified as critical. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Auteur: VulDB

JerryScript 2.2.0 lit-strings.c lit_read_code_unit_from_utf8 heap-based overflow

A vulnerability has been found in JerryScript 2.2.0 and classified as critical. This vulnerability affects the function lit_read_code_unit_from_utf8 of the file lit-strings.c. There is no information about possible countermeasures known. It may...
Auteur: VulDB

JerryScript 2.2.0 parser_parse_function_arguments assertion

A vulnerability, which was classified as critical, was found in JerryScript 2.2.0. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Auteur: VulDB

JerryScript 2.2.0 js-parser-statm.c parser_parse_try_statement_end assertion

A vulnerability, which was classified as critical, has been found in JerryScript 2.2.0. Affected by this issue is the function parser_parse_try_statement_end of the file js-parser-statm.c. There is no information about possible countermeasures...
Auteur: VulDB

JerryScript 2.2.0 js-scanner-util.c scanner_literal_is_created assertion

A vulnerability classified as critical was found in JerryScript 2.2.0. Affected by this vulnerability is the function scanner_literal_is_created of the file js-scanner-util.c. There is no information about possible countermeasures known. It may...
Auteur: VulDB

JerryScript 2.2.0 js-parser-expr.c parser_parse_object_initializer initialization

A vulnerability classified as critical has been found in JerryScript 2.2.0. Affected is the function parser_parse_object_initializer of the file js-parser-expr.c. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

JerryScript 2.2.0 js-parser-statm.c:733 parser_parse_function_statement assertion

A vulnerability was found in JerryScript 2.2.0. It has been rated as critical. This issue affects the function parser_parse_function_statement of the file js-parser-statm.c:733. There is no information about possible countermeasures known. It may...
Auteur: VulDB

JerryScript 2.2.0 js-parser-statm.c parser_parse_statements assertion

A vulnerability was found in JerryScript 2.2.0. It has been declared as critical. This vulnerability affects the function parser_parse_statements of the file js-parser-statm.c. There is no information about possible countermeasures known. It may...
Auteur: VulDB

JerryScript 2.2.0 js-parser-expr.c parser_parse_expression assertion

A vulnerability was found in JerryScript 2.2.0. It has been classified as critical. This affects the function parser_parse_expression of the file js-parser-expr.c. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

JerryScript 2.2.0 ecma-regexp-object.c ecma_regexp_match stack-based overflow

A vulnerability was found in JerryScript 2.2.0 and classified as critical. Affected by this issue is the function ecma_regexp_match of the file ecma-regexp-object.c. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

JerryScript 2.2.0 jmem-poolman.c jmem_pools_collect_empty heap-based overflow

A vulnerability has been found in JerryScript 2.2.0 and classified as critical. Affected by this vulnerability is the function jmem_pools_collect_empty of the file jmem-poolman.c. There is no information about possible countermeasures known. It...
Auteur: VulDB

JerryScript 2.2.0 ecma-helpers-string.c ecma_ref_ecma_string use after free

A vulnerability, which was classified as critical, was found in JerryScript 2.2.0. Affected is the function ecma_ref_ecma_string of the file ecma-helpers-string.c. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

QNAP QSS prior 1.0.2 Build 20210122 out-of-bounds read [CVE-2021-28801]

A vulnerability, which was classified as problematic, has been found in QNAP QSS. This issue affects some unknown functionality. Upgrading to version 1.0.2 Build 20210122 eliminates this vulnerability.
Auteur: VulDB

JerryScript 2.4.0 ecma-helpers.c ecma_bytecode_ref use after free

A vulnerability classified as critical was found in JerryScript 2.4.0. This vulnerability affects the function ecma_bytecode_ref of the file ecma-helpers.c. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

JerryScript 2.4.0 ecma-helpers.c ecma_deref_bigint memory corruption

A vulnerability classified as critical has been found in JerryScript 2.4.0. This affects the function ecma_deref_bigint of the file ecma-helpers.c. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

JerryScript 2.4.0 main-utils.c main_print_unhandled_exception memory corruption

A vulnerability was found in JerryScript 2.4.0. It has been rated as critical. Affected by this issue is the function main_print_unhandled_exception of the file main-utils.c. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

JerryScript 2.4.0 js-lexer.c lexer_parse_number heap-based overflow

A vulnerability was found in JerryScript 2.4.0. It has been declared as critical. Affected by this vulnerability is the function lexer_parse_number of the file js-lexer.c. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

JerryScript 2.4.0 ecma-helpers.c ecma_is_lexical_environment use after free

A vulnerability was found in JerryScript 2.4.0. It has been classified as critical. Affected is the function ecma_is_lexical_environment of the file ecma-helpers.c. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Apport prior 2.20.11-0ubuntu57 Report File denial of service

A vulnerability was found in Apport and classified as problematic. This issue affects an unknown part of the component Report File Handler. Upgrading to version 2.20.11-0ubuntu57 eliminates this vulnerability.
Auteur: VulDB

JerryScript 2.2.0 parser_emit_cbc_backward_branch assertion

A vulnerability has been found in JerryScript 2.2.0 and classified as critical. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Auteur: VulDB
12345678910Last

Événements SSI