Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

scratch-svg-renderer up to 0.1.x SVG _transformMeasurements cross site scripting

A vulnerability has been found in scratch-svg-renderer up to 0.1.x and classified as critical. This vulnerability affects the function _transformMeasurements of the component SVG Handler. Upgrading to version 0.2.0-prerelease.20201019174008...
Auteur: VulDB

Fortinet FortiOS up to 6.2.4 Command Line Interface information disclosure

A vulnerability, which was classified as problematic, was found in Fortinet FortiOS up to 6.2.4 (Firewall Software). This affects some unknown processing of the component Command Line Interface. There is no information about possible...
Auteur: VulDB

« TousAntiCovid » : la CNIL revient sur l’évolution de l’application « StopCovid »

Le Gouvernement a annoncé, jeudi 22 octobre 2020, le déploiement d’une nouvelle version de son application de traçage des cas contacts pour lutter contre la propagation du COVID-19. Elle fournit notamment des informations actualisées sur la...
Auteur: Cnil

Simple Download Monitor up to 3.8.8 URL sql injection

A vulnerability, which was classified as critical, has been found in Simple Download Monitor up to 3.8.8. Affected by this issue is an unknown code block of the component URL Handler. There is no information about possible countermeasures known....
Auteur: VulDB

Simple Download Monitor up to 3.8.8 on WordPress Scripting cross site scripting

A vulnerability classified as critical was found in Simple Download Monitor up to 3.8.8 on WordPress (WordPress Plugin). Affected by this vulnerability is an unknown code of the component Scripting Handler.
Auteur: VulDB

BigBlueButton up to 2.2.27 FreeSWITCH hard-coded key

A vulnerability classified as problematic has been found in BigBlueButton up to 2.2.27. Affected is an unknown part of the component FreeSWITCH. Upgrading to version 2.2.28 eliminates this vulnerability.
Auteur: VulDB

BigBlueButton up to 2.2.28 Username information disclosure

A vulnerability was found in BigBlueButton up to 2.2.28. It has been rated as problematic. This issue affects some unknown functionality of the component Username Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

BigBlueButton up to 2.2.28 STUN/TURN unknown vulnerability [CVE-2020-27611]

A vulnerability was found in BigBlueButton up to 2.2.28. It has been declared as critical. This vulnerability affects an unknown functionality of the component STUN/TURN Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

BigBlueButton up to 2.2.27 Firewall Configuration access control

A vulnerability was found in BigBlueButton up to 2.2.27. It has been classified as critical. This affects an unknown function of the component Firewall Configuration Handler. Upgrading to version 2.2.28 eliminates this vulnerability.
Auteur: VulDB

BigBlueButton up to 2.2.28 Interface information disclosure

A vulnerability was found in BigBlueButton up to 2.2.28 and classified as problematic. Affected by this issue is some unknown processing of the component Interface Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

BigBlueButton up to 2.2.27 Content-Type Header cross site scripting

A vulnerability has been found in BigBlueButton up to 2.2.27 and classified as problematic. Affected by this vulnerability is an unknown code block of the component Content-Type Header Handler. Upgrading to version 2.2.28 eliminates this...
Auteur: VulDB

BigBlueButton up to 2.2.27 Mute information disclosure

A vulnerability, which was classified as problematic, was found in BigBlueButton up to 2.2.27. Affected is an unknown code of the component Mute Handler. Upgrading to version 2.2.28 eliminates this vulnerability.
Auteur: VulDB

BigBlueButton up to 2.2.7 Session Cookie missing secure attribute

A vulnerability, which was classified as problematic, has been found in BigBlueButton up to 2.2.7. This issue affects an unknown part of the component Session Cookie Handler. Upgrading to version 2.2.8 eliminates this vulnerability.
Auteur: VulDB

BigBlueButton up to 2.2.8 Ghostscript sandbox

A vulnerability classified as critical was found in BigBlueButton up to 2.2.8. This vulnerability affects some unknown functionality of the component Ghostscript. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

BigBlueButton up to 2.2 LibreOffice Sandbox bigbluebutton.properties sandbox

A vulnerability classified as critical has been found in BigBlueButton up to 2.2. This affects an unknown functionality of the file bigbluebutton.properties of the component LibreOffice Sandbox. Upgrading to version 2.3 eliminates this...
Auteur: VulDB

BigBlueButton up to 2.2.6 LibreOffice Document unknown vulnerability

A vulnerability was found in BigBlueButton up to 2.2.6. It has been rated as problematic. Affected by this issue is an unknown function of the component LibreOffice Document Handler. Upgrading to version 2.2.7 eliminates this vulnerability.
Auteur: VulDB

BigBlueButton up to 2.2.6 Office Document server-side request forgery

A vulnerability was found in BigBlueButton up to 2.2.6. It has been declared as critical. Affected by this vulnerability is some unknown processing of the component Office Document Handler. Upgrading to version 2.2.7 eliminates this vulnerability.
Auteur: VulDB

Acronis True Image 2021 ACL C:\ProgramData\Acronis permission assignment

A vulnerability was found in Acronis True Image 2021. It has been classified as very critical. Affected is an unknown code block of the file C:\ProgramData\Acronis of the component ACL Handler. There is no information about possible...
Auteur: VulDB

Acronis True Image 2021 OpenSSL openssl.cnf access control

A vulnerability was found in Acronis True Image 2021 and classified as very critical. This issue affects an unknown code of the file openssl.cnf of the component OpenSSL. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Acronis Cyber Backup/Cyber Protect OpenSSL openssl.cnf access control

A vulnerability has been found in Acronis Cyber Backup and Cyber Protect (Backup Software) (the affected version is unknown) and classified as very critical. This vulnerability affects an unknown part of the file openssl.cnf of the component...
Auteur: VulDB

Mozilla Firefox up to 81.x External Protocol memory corruption

A vulnerability, which was classified as critical, was found in Mozilla Firefox up to 81.x (Web Browser). This affects some unknown functionality of the component External Protocol Handler. Upgrading to version 82.0 eliminates this vulnerability.
Auteur: VulDB

Mozilla Firefox up to 81.x External Protocol improper restriction of rendered ui layers

A vulnerability, which was classified as critical, has been found in Mozilla Firefox up to 81.x (Web Browser). Affected by this issue is an unknown functionality of the component External Protocol Handler. Upgrading to version 82.0 eliminates...
Auteur: VulDB

Mozilla Firefox up to 81.x WASM Thread denial of service

A vulnerability classified as problematic was found in Mozilla Firefox up to 81.x (Web Browser). Affected by this vulnerability is an unknown function of the component WASM Thread Handler. Upgrading to version 82.0 eliminates this vulnerability.
Auteur: VulDB

Mozilla Firefox up to 81.x Image Tag information disclosure

A vulnerability classified as problematic has been found in Mozilla Firefox up to 81.x (Web Browser). Affected is some unknown processing of the component Image Tag Handler. Upgrading to version 82.0 eliminates this vulnerability.
Auteur: VulDB

Mozilla Firefox up to 81.x Crossbeam Rust Crate Vec::from_iter memory corruption

A vulnerability was found in Mozilla Firefox up to 81.x (Web Browser). It has been rated as critical. This issue affects the function Vec::from_iter of the component Crossbeam Rust Crate. Upgrading to version 82.0 eliminates this vulnerability.
Auteur: VulDB
First567891011121314Last

Événements SSI