Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

SAP NetWeaver Application Server Java 7.10 up to 7.50 authentication spoofing

A vulnerability was found in SAP NetWeaver Application Server Java 7.10 up to 7.50 (Application Server Software). It has been declared as critical. This vulnerability affects an unknown functionality. There is no information about possible...
Auteur: VulDB

SAP NetWeaver Application Server for Java NTLM Hash information disclosure

A vulnerability was found in SAP NetWeaver Application Server for Java (Application Server Software) (the affected version unknown). It has been classified as problematic. This affects an unknown function of the component NTLM Hash Handler. There...
Auteur: VulDB

SAP Solution Manager 720 information disclosure [CVE-2021-21483]

A vulnerability was found in SAP Solution Manager 720 and classified as problematic. Affected by this issue is some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

SAP NetWeaver Master Data Management 710/710.750 information disclosure

A vulnerability has been found in SAP NetWeaver Master Data Management 710/710.750 (Solution Stack Software) and classified as problematic. Affected by this vulnerability is an unknown code block. There is no information about possible...
Auteur: VulDB

CERTFR-2021-AVI-253 : [SCADA] Multiples vulnérabilités dans les produits Schneider Electric (14 avril 2021)

De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.

Auteur: Cert FR

Google Android 8.1/9.0/10.0/11.0 CryptoPlugin.cpp decrypt_1_2 out-of-bounds read

A vulnerability, which was classified as problematic, was found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). Affected is the function decrypt_1_2 of the file CryptoPlugin.cpp. Applying a patch is able to eliminate this...
Auteur: VulDB

Google Android LK Local Privilege Escalation [CVE-2021-0468]

A vulnerability, which was classified as problematic, has been found in Google Android (Smartphone Operating System) (unknown version). This issue affects an unknown part of the component LK. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Google Android 11.0 ImportVCardActivity improper restriction of rendered ui layers

A vulnerability classified as problematic was found in Google Android 11.0 (Smartphone Operating System). This vulnerability affects the function ImportVCardActivity. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Google Android 9.0/11.0 WelcomeActivity.java start Local Privilege Escalation

A vulnerability classified as problematic has been found in Google Android 9.0/11.0 (Smartphone Operating System). This affects the function start of the file WelcomeActivity.java. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 Contacts QuickContactActivity.java onActivityResult information disclosure

A vulnerability was found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). It has been rated as problematic. Affected by this issue is the function onActivityResult of the file QuickContactActivity.java of the component Contacts...
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 Screenshot ScreenshotHelper.java information disclosure

A vulnerability was found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). It has been declared as problematic. Affected by this vulnerability is some unknown processing of the file ScreenshotHelper.java of the component...
Auteur: VulDB

Google Android 11.0 InputApplicationHandle.cpp updateInfo use after free

A vulnerability was found in Google Android 11.0 (Smartphone Operating System). It has been classified as critical. Affected is the function NativeInputApplicationHandle ::updateInfo of the file InputApplicationHandle.cpp. Applying a patch is...
Auteur: VulDB

Google Android 11.0 com_android_server_power_PowerManagerService.cpp setPowerModeWithHandle out-of-bounds write

A vulnerability was found in Google Android 11.0 (Smartphone Operating System) and classified as critical. This issue affects the function setPowerModeWithHandle of the file com_android_server_power_PowerManagerService.cpp. Applying a patch is...
Auteur: VulDB

Google Android 8.1/9.0/10.0 InputDispatcher.cpp FLAG_OBSCURED improper restriction of rendered ui layers

A vulnerability has been found in Google Android 8.1/9.0/10.0 (Smartphone Operating System) and classified as problematic. This vulnerability affects an unknown part of the file InputDispatcher.cpp. Applying a patch is able to eliminate this...
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 DrmPlugin.cpp setPlayPolicy double free

A vulnerability, which was classified as critical, was found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). This affects the function setPlayPolicy of the file DrmPlugin.cpp. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 CryptoPlugin.cpp CryptoPlugin::decrypt out-of-bounds read

A vulnerability, which was classified as problematic, has been found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). Affected by this issue is the function CryptoPlugin::decrypt of the file CryptoPlugin.cpp. Applying a patch is...
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 avrc_api.cc avrc_proc_vendor_command information disclosure

A vulnerability classified as problematic was found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). Affected by this vulnerability is the function avrc_proc_vendor_command of the file avrc_api.cc. Applying a patch is able to...
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 Bluetooth DeviceChooserActivity.java onCreate improper restriction of rendered ui layers

A vulnerability classified as problematic has been found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). Affected is the function onCreate of the file DeviceChooserActivity.java of the component Bluetooth Handler. Applying a...
Auteur: VulDB

Google Android 11.0 StatsPullerManager.cpp ClearPullerCacheIfNecessary/ForceClearPullerCache use after free

A vulnerability was found in Google Android 11.0 (Smartphone Operating System). It has been rated as critical. This issue affects the function ClearPullerCacheIfNecessary/ForceClearPullerCache of the file StatsPullerManager.cpp. Applying a patch...
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 avrc_api.cc avrc_msg_cback out-of-bounds read

A vulnerability was found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). It has been declared as problematic. This vulnerability affects the function avrc_msg_cback of the file avrc_api.cc. Applying a patch is able to...
Auteur: VulDB

Google Android 10.0/11.0 NFC rw_mfc.cc rw_mfc_handle_read_op out-of-bounds write

A vulnerability was found in Google Android 10.0/11.0 (Smartphone Operating System). It has been classified as critical. This affects the function rw_mfc_handle_read_op of the file rw_mfc.cc of the component NFC Handler. Applying a patch is able...
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 ALooper.cpp pollOnce memory corruption

A vulnerability was found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System) and classified as critical. Affected by this issue is the function pollOnce of the file ALooper.cpp. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Google Android 10.0 TelephonyManager.java getSimSerialNumber information disclosure

A vulnerability has been found in Google Android 10.0 (Smartphone Operating System) and classified as problematic. Affected by this vulnerability is the function getSimSerialNumber of the file TelephonyManager.java. Applying a patch is able to...
Auteur: VulDB

Google Android 11.0 LogEvent.cpp parseExclusiveStateAnnotation out-of-bounds write

A vulnerability, which was classified as critical, was found in Google Android 11.0 (Smartphone Operating System). Affected is the function parseExclusiveStateAnnotation of the file LogEvent.cpp. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Google Android 11.0 LogEvent.cpp parsePrimaryFieldFirstUidAnnotation out-of-bounds write

A vulnerability, which was classified as critical, has been found in Google Android 11.0 (Smartphone Operating System). This issue affects the function parsePrimaryFieldFirstUidAnnotation of the file LogEvent.cpp. Applying a patch is able to...
Auteur: VulDB
First567891011121314Last

Événements SSI