mercredi 26 février 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

PyYAML 5.1.0/5.1.1/5.1.2 load/load_all privilege escalation

A vulnerability classified as critical has been found in PyYAML 5.1.0/5.1.1/5.1.2. This affects the function load/load_all. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Phoenix Contact FL NAT 2208/ FL NAT 2304-2GC-2SFP prior 2.90 Access Control privilege escalation

A vulnerability was found in Phoenix Contact FL NAT 2208 and FL NAT 2304-2GC-2SFP. It has been rated as critical. Affected by this issue is an unknown functionality of the component Access Control. Upgrading to version 2.90 eliminates this...
Auteur: VulDB

FreeBSD Core Dump File information disclosure [CVE-2019-15875]

A vulnerability was found in FreeBSD (affected version unknown). It has been declared as problematic. Affected by this vulnerability is an unknown function of the component Core Dump File Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

undefsafe up to 2.0.2 Prototype privilege escalation

A vulnerability was found in undefsafe up to 2.0.2. It has been classified as critical. Affected is some unknown processing. Upgrading to version 2.0.3 eliminates this vulnerability.
Auteur: VulDB

component-flatten Prototype privilege escalation [CVE-2019-10794]

A vulnerability was found in component-flatten (unknown version) and classified as critical. This issue affects an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

dot-object up to 2.1.2 Prototype privilege escalation

A vulnerability has been found in dot-object up to 2.1.2 and classified as critical. This vulnerability affects an unknown code. Upgrading to version 2.1.3 eliminates this vulnerability.
Auteur: VulDB

bodymen up to 1.1.0 Handler Function Prototype privilege escalation

A vulnerability, which was classified as critical, was found in bodymen up to 1.1.0. This affects an unknown part of the component Handler Function. Upgrading to version 1.1.1 eliminates this vulnerability.
Auteur: VulDB

promise-probe up to 0.9.x file/outputFile/options command injection

A vulnerability, which was classified as critical, has been found in promise-probe up to 0.9.x. Affected by this issue is the function file/outputFile/options. Upgrading to version 0.10.0 eliminates this vulnerability.
Auteur: VulDB

Phoenix Contact AXL F BK PN/AXL F BK ETH/AXL F BK ETH XC Request privilege escalation

A vulnerability classified as critical was found in Phoenix Contact AXL F BK PN, AXL F BK ETH and AXL F BK ETH XC (affected version unknown). Affected by this vulnerability is an unknown functionality. There is no information about possible...
Auteur: VulDB

GE Voluson S8 Kiosk Mode privilege escalation

A vulnerability was found in GE Voluson S8 (Medical Device Software) (the affected version is unknown). It has been declared as critical. This vulnerability affects an unknown part of the component Kiosk Mode. The best possible mitigation is...
Auteur: VulDB

CERTFR-2020-AVI-095 : Multiples vulnérabilités dans le noyau Linux de Red Hat (18 février 2020)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à l'intégrité des données.

Auteur: Cert FR

WordPress Profile Builder Plugin Critical Vulnerability (CERT-EU Security Advisory 2020-008)

A critical vulnerability affecting the WordPress Profile Builder Plugin has been identified. Profile Builder is a plugin designed to create custom forms that allow users to register, edit their profile, etc. The plugin is affected by a broken...
Auteur: Cert EU

CA Unified Infrastructure Management up to 9.20 Robot Controller memory corruption

A vulnerability classified as critical has been found in CA Unified Infrastructure Management up to 9.20. Affected is an unknown function of the component Robot Controller. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

CA Unified Infrastructure Management up to 9.20 Robot Controller NULL Pointer Dereference denial of service

A vulnerability was found in CA Unified Infrastructure Management up to 9.20. It has been rated as problematic. This issue affects some unknown processing of the component Robot Controller. There is no information about possible countermeasures...
Auteur: VulDB

CA Unified Infrastructure Management up to 9.20 ACL Command privilege escalation

A vulnerability was found in CA Unified Infrastructure Management up to 9.20. It has been declared as critical. This vulnerability affects an unknown code block of the component ACL Handler. There is no information about possible countermeasures...
Auteur: VulDB

Easy Property Listings up to 3.3 cross site request forgery [CVE-2020-5530]

A vulnerability was found in Easy Property Listings up to 3.3. It has been classified as problematic. This affects an unknown code. Upgrading to version 3.4 eliminates this vulnerability.
Auteur: VulDB

Huawei P10 Plus Digital Balance Mode privilege escalation [CVE-2020-1872]

A vulnerability was found in Huawei P10 Plus (Smartphone Operating System) and classified as critical. Affected by this issue is an unknown part of the component Digital Balance Mode. Upgrading to version 9.1.0.201(C01E75R1P12T8),...
Auteur: VulDB

Huawei HEGE-560/OSCA-550/OSCA-550A/OSCA-550AX/OSCA-550X privilege escalation

A vulnerability, which was classified as critical, was found in Huawei HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX and OSCA-550X. Affected is an unknown functionality. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Huawei HEGE-560/OSCA-550AX/OSCA-550X weak authentication [CVE-2020-1842]

A vulnerability, which was classified as critical, has been found in Huawei HEGE-560, OSCA-550AX and OSCA-550X (unknown version). This issue affects an unknown function. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Huawei NIP6800/Secospace USG6600/Secospace USG9500 Pointer Dereference denial of service

A vulnerability classified as problematic was found in Huawei NIP6800, Secospace USG6600 and Secospace USG9500 (the affected version is unknown). This vulnerability affects some unknown processing. There is no information about possible...
Auteur: VulDB

Huawei P30 up to 10.0.0 privilege escalation [CVE-2020-1812]

A vulnerability classified as critical has been found in Huawei P30 up to 10.0.0. This affects an unknown code block. Upgrading to version 10.0.0.173(C00E73R1P11) eliminates this vulnerability.
Auteur: VulDB

Huawei Mate 20 up to 10.0.0 ADB Mode privilege escalation

A vulnerability was found in Huawei Mate 20 up to 10.0.0. It has been rated as critical. Affected by this issue is an unknown code of the component ADB Mode. Upgrading to version 10.0.0.185(C00E74R3P8) eliminates this vulnerability.
Auteur: VulDB

GaussDB 200 6.5.1 command injection [CVE-2020-1790]

A vulnerability was found in GaussDB 200 6.5.1. It has been declared as critical. Affected by this vulnerability is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

Huawei OSCA-550/OSCA-550A/OSCA-550AX/OSCA-550X 1.0.1.21(SP3) weak authentication

A vulnerability was found in Huawei OSCA-550, OSCA-550A, OSCA-550AX and OSCA-550X 1.0.1.21(SP3). It has been classified as critical. Affected is some unknown functionality. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Huawei HEGE-560 privilege escalation [CVE-2020-1855]

A vulnerability has been found in Huawei HEGE-560, HEGE-570, OSCA-550, OSCA-550A, OSCA-550AX and OSCA-550X and classified as critical. Affected by this vulnerability is some unknown functionality. There is no information about possible...
Auteur: VulDB
First567891011121314Last

Événements SSI