Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Google Chrome prior 91.0.4472.101 Accessibility use after free

A vulnerability has been found in Google Chrome (Web Browser) and classified as critical. Affected by this vulnerability is some unknown processing of the component Accessibility. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 Spell Check use after free

A vulnerability, which was classified as critical, was found in Google Chrome (Web Browser). Affected is an unknown code block of the component Spell Check. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 Loader use after free

A vulnerability, which was classified as critical, has been found in Google Chrome (Web Browser). This issue affects an unknown code of the component Loader. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 ANGLE out-of-bounds write

A vulnerability classified as critical was found in Google Chrome (Web Browser). This vulnerability affects an unknown part of the component ANGLE. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 Autofill use after free

A vulnerability classified as critical has been found in Google Chrome (Web Browser). This affects some unknown functionality of the component Autofill Handler. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 Extension use after free

A vulnerability was found in Google Chrome (Web Browser). It has been rated as critical. Affected by this issue is an unknown functionality of the component Extension. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 BFCache use after free

A vulnerability was found in Google Chrome (Web Browser). It has been declared as critical. Affected by this vulnerability is an unknown function of the component BFCache. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Bridgecrew Checkov up to 2.0.138 Terraform File deserialization

A vulnerability was found in Bridgecrew Checkov up to 2.0.138. It has been classified as critical. Affected is some unknown processing of the component Terraform File Handler. Upgrading to version 2.0.139 eliminates this vulnerability.
Auteur: VulDB

RESTEasy up to 4.6.0.Final URL Encoding cross site scripting

A vulnerability was found in RESTEasy up to 4.6.0.Final and classified as problematic. This issue affects an unknown code block of the component URL Encoding Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Zoho ManageEngine ServiceDesk Plus up to 11204 Disallowed Input List Remote Privilege Escalation

A vulnerability has been found in Zoho ManageEngine ServiceDesk Plus up to 11204 and classified as very critical. This vulnerability affects an unknown code of the component Disallowed Input List Handler. Upgrading to version 11205 eliminates...
Auteur: VulDB

Palo Alto Cortex XDR Agent up to 5.0.10/6.1.7/7.2.2 on Windows uncontrolled search path

A vulnerability, which was classified as critical, was found in Palo Alto Cortex XDR Agent up to 5.0.10/6.1.7/7.2.2 on Windows. This affects an unknown part. Upgrading to version 5.0.11, 6.1.8 or 7.2.3 eliminates this vulnerability.
Auteur: VulDB

CubeCoders AMP up to 2.1.1.7 Java Version Setting unknown vulnerability

A vulnerability, which was classified as problematic, has been found in CubeCoders AMP up to 2.1.1.7. Affected by this issue is some unknown functionality of the component Java Version Setting Handler. Upgrading to version 2.1.1.8 eliminates this...
Auteur: VulDB

Palo Alto Prisma Cloud Compute prior 21.04.412 Console debug log file

A vulnerability classified as problematic was found in Palo Alto Prisma Cloud Compute (Cloud Software). Affected by this vulnerability is an unknown functionality of the component Console. Upgrading to version 21.04.412 eliminates this...
Auteur: VulDB

set-getter 0.1.0 Prototype code injection

A vulnerability classified as critical has been found in set-getter 0.1.0. Affected is an unknown function of the component Prototype Handler. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com.
Auteur: VulDB

expand-hash up to 1.0.1 Prototype code injection

A vulnerability was found in expand-hash up to 1.0.1. It has been rated as critical. This issue affects some unknown processing of the component Prototype Handler. Applying a patch is able to eliminate this problem. The bugfix is ready for...
Auteur: VulDB

F5 BIG-IQ Centralized Management up to 8.0.0.0 Configuration Utility Remote Privilege Escalation

A vulnerability was found in F5 BIG-IQ Centralized Management up to 8.0.0.0. It has been declared as critical. This vulnerability affects an unknown code block of the component Configuration Utility. Upgrading to version 8.0.0.1 eliminates this...
Auteur: VulDB

thefuck up to 3.30 on Python Undo Archive path traversal

A vulnerability was found in thefuck up to 3.30 on Python. It has been classified as critical. This affects an unknown code of the component Undo Archive Handler. Upgrading to version 3.31 eliminates this vulnerability. The upgrade is hosted for...
Auteur: VulDB

openSUSE openSUSE Leap/openSUSE Factory 15.2 symlink [CVE-2021-31997]

A vulnerability was found in openSUSE openSUSE Leap and openSUSE Factory 15.2 and classified as critical. Affected by this issue is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

SuSE openSUSE Leap 15.2 symlink [CVE-2021-25322]

A vulnerability has been found in SuSE openSUSE Leap 15.2 and classified as critical. Affected by this vulnerability is some unknown functionality. Upgrading eliminates this vulnerability.
Auteur: VulDB

SuSE Linux Enterprise Server default permission [CVE-2021-31998]

A vulnerability, which was classified as critical, was found in SuSE Linux Enterprise Server, openSUSE Backports and openSUSE Leap (Operating System) (version unknown). Affected is an unknown functionality. Upgrading eliminates this vulnerability.
Auteur: VulDB

BlueZ src/gatt-database.c cli_feat_read_cb offset out-of-bounds read

A vulnerability, which was classified as problematic, has been found in BlueZ (unknown version). This issue affects the function cli_feat_read_cb of the file src/gatt-database.c. There is no information about possible countermeasures known. It...
Auteur: VulDB

Apache HTTP Server up to 2.4.46 on Windows denial of service

A vulnerability classified as problematic was found in Apache HTTP Server up to 2.4.46 on Windows (Web Server). This vulnerability affects some unknown processing. Upgrading to version 2.4.48 eliminates this vulnerability.
Auteur: VulDB

Apache HTTP Server up to 2.4.46 MergeSlashes Remote Code Execution

A vulnerability classified as problematic has been found in Apache HTTP Server up to 2.4.46 (Web Server). This affects an unknown code block of the component MergeSlashes Handler. Upgrading to version 2.4.48 eliminates this vulnerability.
Auteur: VulDB

Apache HTTP Server up to 2.4.46 mod_session heap-based overflow

A vulnerability was found in Apache HTTP Server up to 2.4.46 (Web Server). It has been rated as critical. Affected by this issue is an unknown code of the component mod_session. Upgrading to version 2.4.48 eliminates this vulnerability.
Auteur: VulDB

Apache HTTP Server up to 2.4.46 mod_session null pointer dereference

A vulnerability was found in Apache HTTP Server up to 2.4.46 (Web Server). It has been declared as problematic. Affected by this vulnerability is an unknown part of the component mod_session. Upgrading to version 2.4.48 eliminates this...
Auteur: VulDB
First567891011121314Last

Événements SSI