jeudi 28 mai 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

CERTFR-2020-AVI-324 : Multiples vulnérabilités dans Google Chrome OS (28 mai 2020)

De multiples vulnérabilités ont été découvertes dans Google Chrome OS. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Auteur: Cert FR

CERTFR-2020-AVI-323 : Multiples vulnérabilités dans GitLab (28 mai 2020)

De multiples vulnérabilités ont été découvertes dans GitLab. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Auteur: Cert FR

Trend Micro InterScan Web Security Virtual Appliance 6.5 weak authentication

A vulnerability was found in Trend Micro InterScan Web Security Virtual Appliance 6.5 (Anti-Malware Software). It has been classified as critical. This affects an unknown code block. There is no information about possible countermeasures known....
Auteur: VulDB

Trend Micro InterScan Web Security Virtual Appliance 6.5 Remote Code Execution

A vulnerability was found in Trend Micro InterScan Web Security Virtual Appliance 6.5 (Anti-Malware Software) and classified as critical. Affected by this issue is an unknown code. There is no information about possible countermeasures known. It...
Auteur: VulDB

Trend Micro InterScan Web Security Virtual Appliance 6.5 information disclosure

A vulnerability has been found in Trend Micro InterScan Web Security Virtual Appliance 6.5 (Anti-Malware Software) and classified as problematic. Affected by this vulnerability is an unknown part. There is no information about possible...
Auteur: VulDB

Trend Micro InterScan Web Security Virtual Appliance 6.5 Web Interface cross site scripting

A vulnerability, which was classified as problematic, was found in Trend Micro InterScan Web Security Virtual Appliance 6.5 (Anti-Malware Software). Affected is some unknown functionality of the component Web Interface. There is no information...
Auteur: VulDB

Bosch Recording Station Kiosk Mode privilege escalation [CVE-2020-6774]

A vulnerability, which was classified as critical, has been found in Bosch Recording Station (unknown version). This issue affects an unknown functionality of the component Kiosk Mode. There is no information about possible countermeasures known....
Auteur: VulDB

IBM Spectrum Scale up to 5.0.4.4 weak encryption [CVE-2020-4379]

A vulnerability classified as problematic was found in IBM Spectrum Scale up to 5.0.4.4. This vulnerability affects an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

IBM Spectrum Scale up to 5.0.4.4 privilege escalation [CVE-2020-4378]

A vulnerability classified as critical has been found in IBM Spectrum Scale up to 5.0.4.4. This affects some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the affected object with...
Auteur: VulDB

IBM Spectrum Scale up to 5.0.4.4 Web UI cross site scripting

A vulnerability was found in IBM Spectrum Scale up to 5.0.4.4. It has been rated as problematic. Affected by this issue is an unknown code block of the component Web UI. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

IBM Spectrum Scale up to 5.0.4.4 Error Message information disclosure

A vulnerability was found in IBM Spectrum Scale up to 5.0.4.4. It has been declared as problematic. Affected by this vulnerability is an unknown code of the component Error Message Handler. There is no information about possible countermeasures...
Auteur: VulDB

IBM Spectrum Scale up to 5.0.4.4 weak encryption [CVE-2020-4350]

A vulnerability was found in IBM Spectrum Scale up to 5.0.4.4. It has been classified as problematic. Affected is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

IBM Spectrum Scale up to 5.0.4.4 weak encryption [CVE-2020-4349]

A vulnerability was found in IBM Spectrum Scale up to 5.0.4.4 and classified as problematic. This issue affects some unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

IBM Spectrum Scale up to 4.2.3.21/5.0.4.4 GUI privilege escalation

A vulnerability has been found in IBM Spectrum Scale up to 4.2.3.21/5.0.4.4 and classified as critical. This vulnerability affects an unknown functionality of the component GUI. There is no information about possible countermeasures known. It may...
Auteur: VulDB

IBM MobileFirst Platform Foundation 8.0.0.0 URL Log information disclosure

A vulnerability, which was classified as problematic, was found in IBM MobileFirst Platform Foundation 8.0.0.0. This affects an unknown function of the component URL Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Fork up to 5.8.2 navigation_title/title cross site scripting

A vulnerability, which was classified as problematic, has been found in Fork up to 5.8.2. Affected by this issue is some unknown processing. Upgrading to version 5.8.3 eliminates this vulnerability.
Auteur: VulDB

SQLite up to 3.31.x ext/fts3/fts3_snippet.c matchinfo() denial of service

A vulnerability classified as problematic was found in SQLite up to 3.31.x. Affected by this vulnerability is the function matchinfo() of the file ext/fts3/fts3_snippet.c. Upgrading to version 3.32.0 eliminates this vulnerability.
Auteur: VulDB

SQLite up to 3.31.x Virtual Table alter.c privilege escalation

A vulnerability classified as critical has been found in SQLite up to 3.31.x. Affected is an unknown code of the file alter.c of the component Virtual Table Handler. Upgrading to version 3.32.0 eliminates this vulnerability.
Auteur: VulDB

SQLite up to 3.31.x Snippet ext/fts3/fts3.c fts3EvalNextRow sql injection

A vulnerability was found in SQLite up to 3.31.x. It has been rated as critical. This issue affects the function fts3EvalNextRow of the file ext/fts3/fts3.c of the component Snippet Handler. Upgrading to version 3.32.0 eliminates this...
Auteur: VulDB

Centreon host-monitoring Widget toolbar.php widgetId cross site scripting

A vulnerability was found in Centreon host-monitoring Widget, service-monitoring Widget and tactical-overview Widget (the affected version is unknown). It has been declared as problematic. This vulnerability affects some unknown functionality of...
Auteur: VulDB

Centreon host-monitoring Widget index.php widgetId cross site scripting

A vulnerability was found in Centreon host-monitoring Widget, service-monitoring Widget and tactical-overview Widget (the affected version unknown). It has been classified as problematic. This affects an unknown functionality of the file...
Auteur: VulDB

JerryScript 2.2.0 Proxy Memory Consumption denial of service

A vulnerability was found in JerryScript 2.2.0 and classified as problematic. Affected by this issue is an unknown function of the component Proxy Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

JerryScript 2.2.0 Assertion denial of service

A vulnerability has been found in JerryScript 2.2.0 and classified as problematic. Affected by this vulnerability is some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

SmartDraw 2020 27.0.0.0 Installer SDNotify.exe privilege escalation

A vulnerability, which was classified as critical, was found in SmartDraw 2020 27.0.0.0. Affected is an unknown code block of the file 2020\Messages\SDNotify.exe of the component Installer. There is no information about possible countermeasures...
Auteur: VulDB

QEMU 4.2.0 hw/sd/sd.c sdhci_write() information disclosure

A vulnerability, which was classified as problematic, has been found in QEMU 4.2.0 (Virtualization Software). This issue affects the function sdhci_write() of the file hw/sd/sd.c. There is no information about possible countermeasures known. It...
Auteur: VulDB
12345678910Last

Événements SSI