Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Linux Kernel up to 5.9.2 Reference execve unknown vulnerability

A vulnerability has been found in Linux Kernel up to 5.9.2 (Operating System) and classified as problematic. This vulnerability affects the function execve of the component Reference Handler. Upgrading to version 5.9.3 eliminates this...
Auteur: VulDB

Hashicorp go-slug up to 0.4.x pathname traversal [CVE-2020-29529]

A vulnerability, which was classified as critical, was found in Hashicorp go-slug up to 0.4.x. This affects an unknown code. Upgrading to version 0.5.0 eliminates this vulnerability. The upgrade is hosted for download at github.com.
Auteur: VulDB

productcomments up to 4.2.0 on PrestaShop sql injection [CVE-2020-26248]

A vulnerability, which was classified as problematic, has been found in productcomments up to 4.2.0 on PrestaShop. Affected by this issue is an unknown part. Upgrading to version 4.2.1 eliminates this vulnerability. The upgrade is hosted for...
Auteur: VulDB

AnyView Monitoring Software 4.6.0.1 denial of service [CVE-2020-23741]

A vulnerability classified as problematic was found in AnyView Monitoring Software 4.6.0.1. Affected by this vulnerability is some unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

DriverGenius 9.61.5480.28 Driver Wizard access control

A vulnerability classified as critical has been found in DriverGenius 9.61.5480.28 (Hardware Driver Software). Affected is an unknown functionality of the component Driver Wizard. There is no information about possible countermeasures known. It...
Auteur: VulDB

Advanced SystemCare 13.5.0.174 denial of service [CVE-2020-23738]

A vulnerability was found in Advanced SystemCare 13.5.0.174. It has been rated as problematic. This issue affects an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

DaDa Accelerator 5.6.19.816 denial of service [CVE-2020-23736]

A vulnerability was found in DaDa Accelerator 5.6.19.816. It has been declared as problematic. This vulnerability affects some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Apache Tomcat up to 8.5.59/9.0.39/10.0.0-M9 Request Header information disclosure

A vulnerability was found in Apache Tomcat up to 8.5.59/9.0.39/10.0.0-M9 (Application Server Software). It has been classified as problematic. This affects an unknown code block of the component Request Header Handler. There is no information...
Auteur: VulDB

PulseAudio on Ubuntu Snap Policy Module race condition

A vulnerability was found in PulseAudio on Ubuntu and classified as problematic. Affected by this issue is an unknown code of the component Snap Policy Module. Upgrading to version 1:13.99.3-1ubuntu2, 1:13.99.2-1ubuntu2.1, 1:13.99.1-1ubuntu3.8,...
Auteur: VulDB

stringstream Module up to 0.0.5 on Node.js out-of-bounds read

A vulnerability has been found in stringstream Module up to 0.0.5 on Node.js (JavaScript Library) and classified as problematic. Affected by this vulnerability is an unknown part. Upgrading to version 0.0.6 eliminates this vulnerability.
Auteur: VulDB

Allen-Bradley MicroLogix 1100 denial of service [CVE-2020-6111]

A vulnerability, which was classified as problematic, was found in Allen-Bradley MicroLogix 1100 (version unknown). Affected is some unknown functionality. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Check Point Endpoint Security Client up to E84.19 on Windows Installation uncontrolled search path

A vulnerability, which was classified as critical, has been found in Check Point Endpoint Security Client up to E84.19 on Windows. This issue affects an unknown functionality of the component Installation Handler. Upgrading to version E84.20...
Auteur: VulDB

Valve Game Networking Sockets up to 1.1.x Plain-Text Message SNP_ReceiveUnreliableSegment heap-based buffer overflow

A vulnerability classified as critical was found in Valve Game Networking Sockets up to 1.1.x. This vulnerability affects the function SNP_ReceiveUnreliableSegment of the component Plain-Text Message Handler. Upgrading eliminates this...
Auteur: VulDB

OpenClinic 0.8.2 medical/test_new.php unrestricted upload

A vulnerability classified as critical has been found in OpenClinic 0.8.2. This affects some unknown processing of the file medical/test_new.php. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

OpenClinic 0.8.2 lib/Check.php cross site scripting

A vulnerability was found in OpenClinic 0.8.2. It has been rated as problematic. Affected by this issue is an unknown code block in the library lib/Check.php. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

OpenClinic 0.8.2 /tests/ direct request

A vulnerability was found in OpenClinic 0.8.2. It has been declared as problematic. Affected by this vulnerability is an unknown code of the file /tests/. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Play Framework up to 2.8.0/2.8.1/2.8.2/2.8.3 Java API unknown vulnerability

A vulnerability was found in Play Framework up to 2.8.0/2.8.1/2.8.2/2.8.3. It has been classified as problematic. Affected is an unknown part of the component Java API. Upgrading eliminates this vulnerability.
Auteur: VulDB

Netscout AirMagnet Enterprise up to 11.1.4 Build 37257 Sensor access control

A vulnerability was found in Netscout AirMagnet Enterprise up to 11.1.4 Build 37257 and classified as critical. This issue affects some unknown functionality of the component Sensor Handler. There is no information about possible countermeasures...
Auteur: VulDB

Almico Speedfan 4.52 access control [CVE-2020-28175]

A vulnerability has been found in Almico Speedfan 4.52 and classified as critical. This vulnerability affects an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

python-lxml Clean Module cross site scripting [CVE-2020-27783]

A vulnerability, which was classified as problematic, was found in python-lxml (Programming Language Software) (the affected version unknown). This affects an unknown function of the component Clean Module. There is no information about possible...
Auteur: VulDB

Poppler pdftohtml uninitialized pointer [CVE-2020-27778]

A vulnerability, which was classified as problematic, has been found in Poppler (Document Reader Software) (affected version not known). Affected by this issue is some unknown processing of the component pdftohtml. There is no information about...
Auteur: VulDB

ImageMagick up to 6.9.10-68 /MagickCore/statistic.c ApplyEvaluateOperator integer overflow

A vulnerability classified as problematic was found in ImageMagick up to 6.9.10-68 (Image Processing Software). Affected by this vulnerability is the function ApplyEvaluateOperator of the file /MagickCore/statistic.c. Upgrading to version...
Auteur: VulDB

ImageMagick up to 7.0.8-67 MagickCore/resize.c divide by zero

A vulnerability classified as problematic has been found in ImageMagick up to 7.0.8-67 (Image Processing Software). Affected is an unknown code of the file MagickCore/resize.c. Upgrading to version 7.0.8-68 eliminates this vulnerability.
Auteur: VulDB

ImageMagick up to 7.0.8-67 coders/hdr.c integer overflow

A vulnerability was found in ImageMagick up to 7.0.8-67 (Image Processing Software). It has been rated as problematic. This issue affects an unknown part of the file coders/hdr.c. Upgrading to version 7.0.8-68 eliminates this vulnerability.
Auteur: VulDB

ImageMagick up to 7.0.8 /coders/palm.c WritePALMImage integer overflow

A vulnerability was found in ImageMagick up to 7.0.8 (Image Processing Software). It has been declared as problematic. This vulnerability affects the function WritePALMImage of the file /coders/palm.c. Upgrading to version 7.0.9-0 eliminates this...
Auteur: VulDB
12345678910Last

Événements SSI