Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Union Pay up to 3.4.93.4.9 on Android signature verification

A vulnerability classified as critical has been found in Union Pay up to 3.4.93.4.9 on Android (Android App Software). Affected is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Union Pay up to 1.2.0 Shopping signature verification

A vulnerability was found in Union Pay up to 1.2.0. It has been rated as critical. This issue affects an unknown part of the component Shopping Handler. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Red Hat Enterprise Linux up to 8.3 QEMU out-of-bounds read

A vulnerability was found in Red Hat Enterprise Linux up to 8.3 (Operating System). It has been declared as problematic. This vulnerability affects some unknown functionality of the component QEMU. Applying a patch is able to eliminate this...
Auteur: VulDB

CERTFR-2021-ACT-013 : Bulletin d’actualité CERTFR-2021-ACT-013 (06 avril 2021)

Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas …
Auteur: Cert FR

Redmine up to 4.0.7/4.1.1 Issues API permission

A vulnerability was found in Redmine up to 4.0.7/4.1.1 (Project Management Software). It has been classified as critical. This affects an unknown functionality of the component Issues API. Upgrading to version 4.0.8 or 4.1.2 eliminates this...
Auteur: VulDB

Redmine up to 4.0.7/4.1.1 Project project_id information disclosure

A vulnerability was found in Redmine up to 4.0.7/4.1.1 (Project Management Software) and classified as problematic. Affected by this issue is an unknown function of the component Project Handler. Upgrading to version 4.0.8 or 4.1.2 eliminates...
Auteur: VulDB

LG Mobile Devices ISMS Services access control [CVE-2021-30162]

A vulnerability has been found in LG Mobile Devices (Smartphone Operating System) (affected version unknown) and classified as critical. Affected by this vulnerability is some unknown processing of the component ISMS Services. There is no...
Auteur: VulDB

LG Mobile Device Lockscreen protection mechanism [CVE-2021-30161]

A vulnerability, which was classified as critical, was found in LG Mobile Device (Smartphone Operating System) (version unknown). Affected is an unknown code block of the component Lockscreen. There is no information about possible...
Auteur: VulDB

MediaWiki up to 1.31.11/1.35.1 Special:ResetTokens denial of service

A vulnerability, which was classified as problematic, has been found in MediaWiki up to 1.31.11/1.35.1 (Content Management System). This issue affects an unknown code of the file Special:ResetTokens. Upgrading to version 1.31.12 or 1.35.2...
Auteur: VulDB

MediaWiki up to 1.31.11/1.35.1 ChangesList Special Pages cross site scripting

A vulnerability classified as problematic was found in MediaWiki up to 1.31.11/1.35.1 (Content Management System). This vulnerability affects an unknown part of the component ChangesList Special Pages. Upgrading to version 1.31.12 or 1.35.2...
Auteur: VulDB

MediaWiki up to 1.31.11/1.35.1 Special:NewFiles cross site scripting

A vulnerability classified as problematic has been found in MediaWiki up to 1.31.11/1.35.1 (Content Management System). This affects some unknown functionality of the file Special:NewFiles. Upgrading to version 1.31.12 or 1.35.2 eliminates this...
Auteur: VulDB

Sidekiq up to 5.1.3/6.2.0 Live-Poll cross site scripting

A vulnerability was found in Sidekiq up to 5.1.3/6.2.0. It has been rated as problematic. Affected by this issue is an unknown functionality of the component Live-Poll. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Composr 10.0.36 XML Script cross site scripting

A vulnerability was found in Composr 10.0.36. It has been declared as problematic. Affected by this vulnerability is an unknown function of the component XML Script Handler. Applying a patch is able to eliminate this problem. The bugfix is ready...
Auteur: VulDB

Composr 10.0.36 unrestricted upload [CVE-2021-30149]

A vulnerability was found in Composr 10.0.36. It has been classified as critical. Affected is some unknown processing. Applying a patch is able to eliminate this problem. The bugfix is ready for download at gitlab.com.
Auteur: VulDB

Dashboard Plugin up to 1.0.2 on GLPI main2.php access control

A vulnerability was found in Dashboard Plugin up to 1.0.2 on GLPI (Forum Software) and classified as critical. This issue affects an unknown code block of the file plugins/dashboard/front/main2.php. There is no information about possible...
Auteur: VulDB

ASUS BMC Web Management Page path traversal [CVE-2021-28209]

A vulnerability has been found in ASUS BMC (the affected version is unknown) and classified as problematic. This vulnerability affects an unknown code of the component Web Management Page. There is no information about possible countermeasures...
Auteur: VulDB

ASUS BMC Web Management Page path traversal [CVE-2021-28208]

A vulnerability, which was classified as problematic, was found in ASUS BMC (the affected version unknown). This affects an unknown part of the component Web Management Page. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ASUS BMC Web Management Page path traversal [CVE-2021-28207]

A vulnerability, which was classified as problematic, has been found in ASUS BMC (affected version not known). Affected by this issue is some unknown functionality of the component Web Management Page. There is no information about possible...
Auteur: VulDB

ASUS BMC Web Management Page path traversal [CVE-2021-28206]

A vulnerability classified as problematic was found in ASUS BMC (affected version unknown). Affected by this vulnerability is an unknown functionality of the component Web Management Page. There is no information about possible countermeasures...
Auteur: VulDB

ASUS BMC Web Management Page path traversal [CVE-2021-28205]

A vulnerability classified as problematic has been found in ASUS BMC (version unknown). Affected is an unknown function of the component Web Management Page. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

ASUS BMC Web Management Page os command injection [CVE-2021-28204]

A vulnerability was found in ASUS BMC (unknown version). It has been rated as critical. This issue affects some unknown processing of the component Web Management Page. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ASUS BMC Web Set Media Image specific os command injection

A vulnerability was found in ASUS BMC (the affected version is unknown). It has been declared as critical. This vulnerability affects an unknown code block of the component Web Set Media Image Handler. There is no information about possible...
Auteur: VulDB

ASUS BMC Web Management Page buffer overflow [CVE-2021-28202]

A vulnerability was found in ASUS BMC (the affected version unknown). It has been classified as problematic. This affects an unknown code of the component Web Management Page. There is no information about possible countermeasures known. It may...
Auteur: VulDB

ASUS BMC Web Management Page buffer overflow [CVE-2021-28201]

A vulnerability was found in ASUS BMC (affected version not known) and classified as problematic. Affected by this issue is an unknown part of the component Web Management Page. There is no information about possible countermeasures known. It may...
Auteur: VulDB

ASUS BMC CD Media Configuration buffer overflow [CVE-2021-28200]

A vulnerability has been found in ASUS BMC (affected version unknown) and classified as problematic. Affected by this vulnerability is some unknown functionality of the component CD Media Configuration Handler. There is no information about...
Auteur: VulDB
First6789101112131415Last

Événements SSI