mardi 7 juillet 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Bento4 1.5.1-628 mp42hls Core/Ap4Array.h AP4_CttsTableEntry() memory corruption

A vulnerability was found in Bento4 1.5.1-628 (Multimedia Player Software). It has been declared as critical. Affected by this vulnerability is the function AP4_CttsTableEntry::AP4_CttsTableEntry() of the file Core/Ap4Array.h of the component...
Auteur: VulDB

poppler 0.74.0 pdfseparate JBIG2Stream.cc readGenericBitmap() PDF File memory corruption

A vulnerability was found in poppler 0.74.0 (Document Reader Software). It has been classified as critical. Affected is the function JBIG2Stream::readGenericBitmap() of the file JBIG2Stream.cc of the component pdfseparate. The manipulation as...
Auteur: VulDB

Glen Dimplex Deutschland GmbH Carel pCOWeb Configuration Tool Service Port 10000 privilege escalation

A vulnerability was found in Glen Dimplex Deutschland GmbH Carel pCOWeb Configuration Tool and classified as critical. This issue affects a part of the component Service Port 10000. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Amazon Ring Doorbell up to 3.4.6 weak encryption [CVE-2019-9483]

A vulnerability has been found in Amazon Ring Doorbell up to 3.4.6 and classified as critical. This vulnerability affects a functionality. The manipulation with an unknown input leads to a weak encryption vulnerability. The CWE definition for...
Auteur: VulDB

MISP 2.4.102 Settings information disclosure

A vulnerability, which was classified as problematic, was found in MISP 2.4.102. This affects a function of the component Settings. The manipulation with an unknown input leads to a information disclosure vulnerability. CWE is classifying the...
Auteur: VulDB

Check Point ZoneAlarm up to 15.3.064.17729 WCF Service privilege escalation

A vulnerability classified as critical has been found in Check Point ZoneAlarm up to 15.3.064.17729 (Firewall Software). Affected is an unknown function of the component WCF Service. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

pfSense 2.4.4_1 Access Restriction Source IP Address privilege escalation

A vulnerability was found in pfSense 2.4.4_1 (Firewall Software). It has been rated as critical. This issue affects some processing of the component Access Restriction. The manipulation as part of a Source IP Address leads to a privilege...
Auteur: VulDB

pfSense 2.4.4_1 Access Restriction Expiretable Config privilege escalation

A vulnerability was found in pfSense 2.4.4_1 (Firewall Software). It has been declared as critical. This vulnerability affects a code block of the component Access Restriction. The manipulation as part of a Expiretable Config leads to a...
Auteur: VulDB

Adobe ColdFusion up to 11 Update 17/2016 Update 9/2018 Update 2 File Upload Remote Code Execution

A vulnerability, which was classified as critical, has been found in Adobe ColdFusion up to 11 Update 17/2016 Update 9/2018 Update 2 (Programming Language Software). This issue affects some functionality of the component File Upload. The...
Auteur: VulDB

Google Chrome prior 72.0.3626.121 Use-After-Free memory corruption

A vulnerability classified as critical has been found in Google Chrome (Web Browser). This affects an unknown function. The manipulation with an unknown input leads to a memory corruption vulnerability (Use-After-Free). CWE is classifying the...
Auteur: VulDB

CERTFR-2019-AVI-083 : Multiples vulnérabilités dans Aruba Instant (28 février 2019)

De multiples vulnérabilités ont été découvertes dans Aruba Instant. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une injection de code indirecte à...
Auteur: Cert FR

CERTFR-2019-AVI-082 : Multiples vulnérabilités dans les produits Cisco (28 février 2019)

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.

Auteur: Cert FR

CERTFR-2019-AVI-081 : Multiples vulnérabilités dans Wireshark (28 février 2019)

De multiples vulnérabilités ont été découvertes dans Wireshark. Elles permettent à un attaquant de provoquer un déni de service à distance.

Auteur: Cert FR

Google Android 8.0/8.1/9.0 btif_hd.cc register_app memory corruption

A vulnerability has been found in Google Android 8.0/8.1/9.0 (Smartphone Operating System) and classified as critical. Affected by this vulnerability is the function register_app of the file btif_hd.cc. The manipulation with an unknown input...
Auteur: VulDB

Google Android Android-7.0 on 7.0/7.1.1/7.1.2/8.0/8.1/9.0 bta_hl_main.cc bta_hl_sdp_query_results memory corruption

A vulnerability, which was classified as critical, was found in Google Android Android-7.0 on 7.0/7.1.1/7.1.2/8.0/8.1/9.0 (Smartphone Operating System). Affected is the function bta_hl_sdp_query_results of the file bta_hl_main.cc. The...
Auteur: VulDB

Google Android up to 9.0 btif_core.cc btif_dm_data_copy memory corruption

A vulnerability, which was classified as critical, has been found in Google Android up to 9.0 (Smartphone Operating System). This issue affects the function btif_dm_data_copy of the file btif_core.cc. The manipulation with an unknown input leads...
Auteur: VulDB

Google Android 8.0/8.1/9.0 System_server SkSwizzler.cpp sample6 memory corruption

A vulnerability classified as critical was found in Google Android 8.0/8.1/9.0 (Smartphone Operating System). This vulnerability affects the function sample6 of the file SkSwizzler.cpp of the component System_server. The manipulation with an...
Auteur: VulDB

Google Android up to 9.0 SkSwizzler.cpp onSetSampleX memory corruption

A vulnerability classified as critical has been found in Google Android up to 9.0 (Smartphone Operating System). This affects the function onSetSampleX of the file SkSwizzler.cpp. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

Google Android 9 System_server SkSwizzler.cpp SkSwizzler::onSetSampleX memory corruption

A vulnerability was found in Google Android 9 (Smartphone Operating System). It has been rated as critical. Affected by this issue is the function SkSwizzler::onSetSampleX of the file SkSwizzler.cpp of the component System_server. The...
Auteur: VulDB

Cisco Webex Meetings Desktop App Update Service privilege escalation

A vulnerability was found in Cisco Webex Meetings Desktop App and Webex Productivity Tools for Windows (Unified Communication Software). It has been declared as critical. Affected by this vulnerability is a code block of the component Update...
Auteur: VulDB

Cisco RV110W Wireless-N VPN Firewall Web-based Management Interface HTTP Requests privilege escalation

A vulnerability was found in Cisco RV110W Wireless-N VPN Firewall, RV130W Wireless-N Multifunction VPN Router and RV215W Wireless-N VPN Router (Firewall Software). It has been classified as critical. Affected is code of the component Web-based...
Auteur: VulDB

Mozilla Firefox/Firefox ESR/Thunderbird Same-Origin Policy privilege escalation

A vulnerability was found in Mozilla Firefox, Firefox ESR and Thunderbird (Mail Client Software) and classified as critical. This issue affects a part. The manipulation with an unknown input leads to a privilege escalation vulnerability...
Auteur: VulDB

Mozilla Firefox/Firefox ESR/Thunderbird ANGLE Graphics Library Integer memory corruption

A vulnerability has been found in Mozilla Firefox, Firefox ESR and Thunderbird (Mail Client Software) and classified as critical. This vulnerability affects a functionality of the component ANGLE Graphics Library. The manipulation with an...
Auteur: VulDB

Mozilla Firefox up to 63.x WebExtensions Argument privilege escalation

A vulnerability, which was classified as critical, was found in Mozilla Firefox up to 63.x (Web Browser). This affects a function of the component WebExtensions. The manipulation as part of a Argument leads to a privilege escalation...
Auteur: VulDB

Mozilla Firefox up to 63.x RSS Feed Preview Clickjacking privilege escalation

A vulnerability, which was classified as critical, has been found in Mozilla Firefox up to 63.x (Web Browser). Affected by this issue is some functionality of the component RSS Feed Preview. The manipulation with an unknown input leads to a...
Auteur: VulDB
First1007100810091010101110121013101410151016Last

Événements SSI