Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

geojson2kml index.js command injection

A vulnerability was found in geojson2kml (affected version not known). It has been rated as critical. Affected by this issue is an unknown part of the file index.js. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

fastadmin 1.0.0.20200506_beta cross site scripting [CVE-2020-26609]

A vulnerability was found in fastadmin 1.0.0.20200506_beta. It has been declared as problematic. Affected by this vulnerability is some unknown functionality. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Advantech WebAccess/SCADA up to 9.0 WADashboard Remote Privilege Escalation

A vulnerability was found in Advantech WebAccess and SCADA up to 9.0 (SCADA Software). It has been classified as critical. Affected is an unknown functionality of the component WADashboard. Upgrading to version 9.0.1 eliminates this vulnerability.
Auteur: VulDB

WECON LeviStudioU up to 2019-09-21 Project File buffer overflow

A vulnerability was found in WECON LeviStudioU up to 2019-09-21 and classified as critical. This issue affects an unknown function of the component Project File Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Keycloak HTTP Header authentication bypass [CVE-2020-14359]

A vulnerability has been found in Keycloak (the affected version is unknown) and classified as critical. This vulnerability affects some unknown processing of the component HTTP Header Handler. There is no information about possible...
Auteur: VulDB

Rendertron up to 2.x Screenshot server-side request forgery

A vulnerability, which was classified as critical, was found in Rendertron up to 2.x. This affects an unknown code block of the component Screenshot Handler. Upgrading to version 3.0.0 eliminates this vulnerability.
Auteur: VulDB

NanoHTTPD up to 2.3.1 HTTP GET RouterNanoHTTPD.java GeneralHandler cross site scripting

A vulnerability, which was classified as problematic, has been found in NanoHTTPD up to 2.3.1 (Web Server). Affected by this issue is the function GeneralHandler of the file RouterNanoHTTPD.java of the component HTTP GET Handler. There is no...
Auteur: VulDB

netplex json-smart-v1/json-smart-v2 unknown vulnerability [CVE-2021-27568]

A vulnerability classified as problematic was found in netplex json-smart-v1 and json-smart-v2 (affected version unknown). There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

CIRA Canadian Shield App prior 4.0.13 on iOS certificate validation

A vulnerability classified as problematic has been found in CIRA Canadian Shield App on iOS (iOS App Software). Affected is some unknown functionality. Upgrading to version 4.0.13 eliminates this vulnerability.
Auteur: VulDB

Nozomi Guardian/CMC up to 20.0.7.3 Web GUI path traversal

A vulnerability was found in Nozomi Guardian and CMC up to 20.0.7.3. It has been rated as critical. This issue affects an unknown functionality of the component Web GUI. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Nozomi Guardian/CMC up to 20.0.7.3 Web GUI os command injection

A vulnerability was found in Nozomi Guardian and CMC up to 20.0.7.3. It has been declared as critical. This vulnerability affects an unknown function of the component Web GUI. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Atlassian JIRA Server for Slack Plugin up to 2.0.14 Endpoint injection

A vulnerability was found in Atlassian JIRA Server for Slack Plugin up to 2.0.14 (Bug Tracking Software). It has been classified as critical. This affects some unknown processing of the component Endpoint. Upgrading to version 2.0.15 eliminates...
Auteur: VulDB

Keybase Desktop Client Cache information disclosure [CVE-2021-23827]

A vulnerability was found in Keybase Desktop Client (affected version not known) and classified as problematic. Affected by this issue is an unknown code block of the component Cache Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

Luxion KeyShot up to 10.0 Project File null pointer dereference

A vulnerability has been found in Luxion KeyShot, KeyShot Viewer, KeyShot Network Rendering and KeyVR up to 10.0 and classified as problematic. Affected by this vulnerability is an unknown code of the component Project File Handler. Upgrading to...
Auteur: VulDB

Luxion KeyShot up to 10.0 Project File out-of-bounds write

A vulnerability, which was classified as critical, was found in Luxion KeyShot, KeyShot Viewer, KeyShot Network Rendering and KeyVR up to 10.0. Affected is an unknown part of the component Project File Handler. Upgrading to version 10.1...
Auteur: VulDB

Luxion KeyShot up to 10.0 Network Share dll Remote Privilege Escalation

A vulnerability, which was classified as critical, has been found in Luxion KeyShot, KeyShot Viewer, KeyShot Network Rendering and KeyVR up to 10.0. This issue affects some unknown functionality in the library dll of the component Network Share...
Auteur: VulDB

Luxion KeyShot up to 10.0 Project File out-of-bounds read

A vulnerability classified as critical was found in Luxion KeyShot, KeyShot Viewer, KeyShot Network Rendering and KeyVR up to 10.0. This vulnerability affects an unknown functionality of the component Project File Handler. Upgrading to version...
Auteur: VulDB

Google Chrome prior 88.0.4324.182 on Linux Web Sockets use after free

A vulnerability classified as critical has been found in Google Chrome on Linux (Web Browser). This affects an unknown function of the component Web Sockets. Upgrading to version 88.0.4324.182 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 88.0.4324.182 V8 heap-based overflow

A vulnerability was found in Google Chrome (Web Browser). It has been rated as critical. Affected by this issue is some unknown processing of the component V8. Upgrading to version 88.0.4324.182 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 88.0.4324.182 on Windows Tab Strip heap-based overflow

A vulnerability was found in Google Chrome on Windows (Web Browser). It has been declared as critical. Affected by this vulnerability is an unknown code block of the component Tab Strip Handler. Upgrading to version 88.0.4324.182 eliminates this...
Auteur: VulDB

Google Chrome prior 88.0.4324.182 Tab Strip heap-based overflow

A vulnerability was found in Google Chrome (Web Browser). It has been classified as critical. Affected is an unknown code of the component Tab Strip Handler. Upgrading to version 88.0.4324.182 eliminates this vulnerability.
Auteur: VulDB

Google Chrome up to 88.0.4324.181 on Linux GPU Process stack-based overflow

A vulnerability was found in Google Chrome up to 88.0.4324.181 on Linux (Web Browser) and classified as critical. This issue affects an unknown part of the component GPU Process. Upgrading to version 88.0.4324.182 eliminates this vulnerability.
Auteur: VulDB

Google Chrome up to 88.0.4324.181 on Linux Media heap-based overflow

A vulnerability has been found in Google Chrome up to 88.0.4324.181 on Linux (Web Browser) and classified as critical. This vulnerability affects some unknown functionality of the component Media. Upgrading to version 88.0.4324.182 eliminates...
Auteur: VulDB

Google Chrome prior 88.0.4324.182 Payments use after free

A vulnerability, which was classified as critical, was found in Google Chrome (Web Browser). This affects an unknown functionality of the component Payments. Upgrading to version 88.0.4324.182 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 88.0.4324.182 on Windows HTML Page use after free

A vulnerability, which was classified as critical, has been found in Google Chrome on Windows (Web Browser). Affected by this issue is an unknown function of the component HTML Page Handler. Upgrading to version 88.0.4324.182 eliminates this...
Auteur: VulDB
First6789101112131415Last

Événements SSI