samedi 30 mai 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Google Android EXT4 File System privilege escalation [CVE-2018-10876]

A vulnerability was found in Google Android (Smartphone Operating System). It has been classified as critical. This affects code of the component EXT4 File System. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Google Android up to 9.0 System privilege escalation

A vulnerability was found in Google Android up to 9.0 (Smartphone Operating System) and classified as critical. Affected by this issue is a part of the component System. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Google Android up to 9.0 System privilege escalation

A vulnerability has been found in Google Android up to 9.0 (Smartphone Operating System) and classified as critical. Affected by this vulnerability is a functionality of the component System. The manipulation with an unknown input leads to a...
Auteur: VulDB

Google Android up to 9.0 System privilege escalation

A vulnerability, which was classified as critical, was found in Google Android up to 9.0 (Smartphone Operating System). Affected is a function of the component System. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Google Android up to 9.0 System privilege escalation

A vulnerability, which was classified as critical, has been found in Google Android up to 9.0 (Smartphone Operating System). This issue affects some functionality of the component System. The manipulation with an unknown input leads to a...
Auteur: VulDB

Google Android up to 9.0 System privilege escalation

A vulnerability classified as critical was found in Google Android up to 9.0 (Smartphone Operating System). This vulnerability affects the functionality of the component System. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Google Android up to 9.0 System privilege escalation

A vulnerability classified as critical has been found in Google Android up to 9.0 (Smartphone Operating System). This affects an unknown function of the component System. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Google Android up to 9.0 System privilege escalation

A vulnerability was found in Google Android up to 9.0 (Smartphone Operating System). It has been rated as critical. Affected by this issue is some processing of the component System. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Google Android up to 9.0 System privilege escalation

A vulnerability was found in Google Android up to 9.0 (Smartphone Operating System). It has been declared as critical. Affected by this vulnerability is a code block of the component System. The manipulation with an unknown input leads to a...
Auteur: VulDB

Google Android up to 9.0 System privilege escalation

A vulnerability was found in Google Android up to 9.0 (Smartphone Operating System). It has been classified as critical. Affected is code of the component System. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Google Android up to 9.0 System privilege escalation

A vulnerability was found in Google Android up to 9.0 (Smartphone Operating System) and classified as critical. This issue affects a part of the component System. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Google Android up to 9.0 System privilege escalation

A vulnerability has been found in Google Android up to 9.0 (Smartphone Operating System) and classified as critical. This vulnerability affects a functionality of the component System. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Google Android up to 9.0 System privilege escalation

A vulnerability, which was classified as critical, was found in Google Android up to 9.0 (Smartphone Operating System). This affects a function of the component System. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Google Android 8.0/8.1/9.0 Framework privilege escalation

A vulnerability, which was classified as critical, has been found in Google Android 8.0/8.1/9.0 (Smartphone Operating System). Affected by this issue is some functionality of the component Framework. The manipulation with an unknown input leads...
Auteur: VulDB

CERT/CC Reports Critical Vulnerabilities in Microsoft Windows, Server

Original release date: January 04, 2019 The CERT Coordination Center (CERT/CC) has released information on vulnerabilities affecting versions of Microsoft Windows and Windows Server. A remote attacker could exploit these vulnerabilities to...
Auteur: US Cert

VU#531281: Microsoft Windows DNS servers are vulnerable to heap overflow

CWE-122:Heap-based Buffer Overflow - CVE-2018-8626 Microsoft Windows Domain Name System(DNS)servers are vulnerable to heap overflow attacks. Microsoft acknowledges that"an attacker who successfully exploited the vulnerability could run arbitrary...
Auteur: US Cert

VU#289907: Microsoft Windows Kernel Transaction Manager (KTM) is vulnerable to a race condition

CWE-362:Concurrent Execution using Shared Resource with Improper Synchronization('Race Condition')- CVE-2018-8611 According to Microsoft,the Windows kernel fails"to properly handle objects in memory". A successful attacker could run arbitrary...
Auteur: US Cert

CERTFR-2019-AVI-002 : Multiples vulnérabilités dans Adobe Acrobat et Reader (04 janvier 2019)

De multiples vulnérabilités ont été découvertes dans Adobe Acrobat et Reader. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et une élévation de privilèges.

Auteur: Cert FR

YUNUCMS 1.1.8 System.php site_title cross site scripting

A vulnerability classified as problematic has been found in YUNUCMS 1.1.8. Affected is an unknown function of the file app/admin/controller/System.php. The manipulation of the argument site_title as part of a POST Request leads to a cross site...
Auteur: VulDB

vTiger CRM up to 7.1.0 HF1 Logo Upload CompanyDetailsSave.php privilege escalation

A vulnerability was found in vTiger CRM up to 7.1.0 HF1. It has been rated as critical. This issue affects some processing of the file actions/CompanyDetailsSave.php of the component Logo Upload Handler. The manipulation with an unknown input...
Auteur: VulDB

weixin-java-tools 3.3.0 Incomplete Fix CVE-2018-20318 BaseWxPayResult.java getXmlDoc XML External Entity

A vulnerability was found in weixin-java-tools 3.3.0. It has been rated as critical. Affected by this issue is the function getXmlDoc of the file BaseWxPayResult.java of the component Incomplete Fix CVE-2018-20318. The manipulation with an...
Auteur: VulDB

YUNUCMS 1.1.8 Show.php cw cross site scripting

A vulnerability was found in YUNUCMS 1.1.8. It has been declared as problematic. Affected by this vulnerability is a code block of the file app/index/controller/Show.php. The manipulation of the argument cw as part of a Parameter leads to a...
Auteur: VulDB

GNU binutils 2.31.1 libiberty cplus-dem.c demangle_template Argument memory corruption

A vulnerability was found in GNU binutils 2.31.1. It has been classified as critical. Affected is the function demangle_template of the file cplus-dem.c of the component libiberty. The manipulation as part of a Argument leads to a memory...
Auteur: VulDB

GNU binutils up to 2.31.1 objdump.c load_specific_debug_section memory corruption

A vulnerability was found in GNU binutils up to 2.31.1 and classified as critical. This issue affects the function load_specific_debug_section of the file objdump.c. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

IBM Publishing Engine 2.1.2/6.0.5/6.0.6 Web UI cross site scripting

A vulnerability has been found in IBM Publishing Engine 2.1.2/6.0.5/6.0.6 and classified as problematic. This vulnerability affects a functionality of the component Web UI. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB
First1011101210131014101510161017101810191020Last

Événements SSI