Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Google Android pb_encode.c pb_write out-of-bounds write

A vulnerability was found in Google Android (Smartphone Operating System) (the affected version unknown). It has been classified as critical. This affects the function pb_write of the file pb_encode.c. Applying a patch is able to eliminate this...
Auteur: VulDB

McAfee Endpoint Security/Global Threat Intelligence up to 10.7.0 on Windows DNS cleartext transmission

A vulnerability was found in McAfee Endpoint Security and Global Threat Intelligence up to 10.7.0 on Windows and classified as problematic. Affected by this issue is some unknown processing of the component DNS Handler. Upgrading to version...
Auteur: VulDB

McAfee Advanced Threat Defense up to 4.12.1 HTTP Request Parameter information disclosure

A vulnerability has been found in McAfee Advanced Threat Defense up to 4.12.1 and classified as problematic. Affected by this vulnerability is an unknown code block of the component HTTP Request Parameter Handler. Upgrading to version 4.12.2...
Auteur: VulDB

McAfee Advanced Threat Defense up to 4.12.1 HTTP Request Parameter information disclosure

A vulnerability, which was classified as problematic, was found in McAfee Advanced Threat Defense up to 4.12.1. Affected is an unknown code of the component HTTP Request Parameter Handler. Upgrading to version 4.12.2 eliminates this vulnerability.
Auteur: VulDB

CERTFR-2021-AVI-270 : Multiples vulnérabilités dans WordPress (15 avril 2021)

De multiples vulnérabilités ont été découvertes dans Wordpress. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur et une atteinte à la confidentialité des données.

Auteur: Cert FR

Adobe Digital Editions up to 4.5.11.187245 on macOS access control

A vulnerability, which was classified as critical, has been found in Adobe Digital Editions up to 4.5.11.187245 on macOS (Ebook Software). This issue affects an unknown part. Upgrading to version 4.5.11.187606 eliminates this vulnerability. The...
Auteur: VulDB

Zulip Server up to 3.3 Topic Moving API unknown vulnerability

A vulnerability classified as problematic was found in Zulip Server up to 3.3. This vulnerability affects some unknown functionality of the component Topic Moving API. Upgrading to version 3.4 eliminates this vulnerability.
Auteur: VulDB

Zulip Server up to 3.3 all_public_streams API access control

A vulnerability classified as critical has been found in Zulip Server up to 3.3. This affects an unknown functionality of the component all_public_streams API. Upgrading to version 3.4 eliminates this vulnerability.
Auteur: VulDB

Zulip Server up to 3.3 permission [CVE-2021-30478]

A vulnerability was found in Zulip Server up to 3.3. It has been rated as critical. Affected by this issue is an unknown function. Upgrading to version 3.4 eliminates this vulnerability.
Auteur: VulDB

Zulip Server up to 3.3 Webhook access control

A vulnerability was found in Zulip Server up to 3.3. It has been declared as critical. Affected by this vulnerability is some unknown processing of the component Webhook Handler. Upgrading to version 3.4 eliminates this vulnerability.
Auteur: VulDB

Jazzband Django Debug Toolbar up to 1.11.0/2.2.0/3.2.0 SQL Panel raw_sql sql injection

A vulnerability was found in Jazzband Django Debug Toolbar up to 1.11.0/2.2.0/3.2.0 (Content Management System). It has been classified as critical. Affected is an unknown code block of the component SQL Panel. Upgrading to version 1.11.1, 2.2.1...
Auteur: VulDB

Intelbras WIN 300/WRN 342 up to 2021-01-04 def_wirelesspassword source code

A vulnerability was found in Intelbras WIN 300 and WRN 342 up to 2021-01-04 and classified as problematic. This issue affects an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

AjaxSearchPro up to 4.20.7 Administration Panel deserialization

A vulnerability has been found in AjaxSearchPro up to 4.20.7 and classified as critical. This vulnerability affects an unknown part of the component Administration Panel. Upgrading to version 4.20.8 eliminates this vulnerability.
Auteur: VulDB

Pi-hole 5.2.4 privileges management [CVE-2021-29449]

A vulnerability, which was classified as critical, was found in Pi-hole 5.2.4. This affects some unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Deark up to 1.5.7 src/fmtutil.c pixelsize divide by zero

A vulnerability, which was classified as problematic, has been found in Deark up to 1.5.7. Affected by this issue is an unknown functionality of the file src/fmtutil.c. Upgrading to version 1.5.8 eliminates this vulnerability. Applying a patch is...
Auteur: VulDB

Deark up to 1.5.7 src/deark-dbuf.c dbuf_write null pointer dereference

A vulnerability classified as problematic was found in Deark up to 1.5.7. Affected by this vulnerability is the function dbuf_write of the file src/deark-dbuf.c. Upgrading to version 1.5.8 eliminates this vulnerability. Applying a patch is able...
Auteur: VulDB

TIBCO Messaging Eclipse Mosquitto Distribution up to 1.3.0 on Windows Installation access control

A vulnerability classified as critical has been found in TIBCO Messaging Eclipse Mosquitto Distribution up to 1.3.0 on Windows. Affected is some unknown processing of the component Installation. Upgrading eliminates this vulnerability.
Auteur: VulDB

TIBCO Messaging Eclipse Mosquitto Distribution up to 1.3.0 on Windows Installation access control

A vulnerability was found in TIBCO Messaging Eclipse Mosquitto Distribution up to 1.3.0 on Windows. It has been rated as critical. This issue affects an unknown code block of the component Installation. Upgrading eliminates this vulnerability.
Auteur: VulDB

YubiHSM yubihsm-connector up to 3.0.0 Endpoint /api/connector infinite loop

A vulnerability was found in YubiHSM yubihsm-connector up to 3.0.0. It has been declared as problematic. This vulnerability affects an unknown code of the file /api/connector of the component Endpoint. Upgrading to version 3.0.1 eliminates this...
Auteur: VulDB

Devolutions Server/Server LTS delete sql injection

A vulnerability was found in Devolutions Server and Server LTS (the affected version unknown). It has been classified as critical. This affects an unknown part of the file api/security/userinfo/delete. Upgrading eliminates this vulnerability.
Auteur: VulDB

Group Office 6.4.196 URL Parameter group/api/upload.php url server-side request forgery

A vulnerability was found in Group Office 6.4.196 and classified as critical. Affected by this issue is some unknown functionality of the file group/api/upload.php of the component URL Parameter Handler. There is no information about possible...
Auteur: VulDB

Devolutions Server/Server LTS HTML Page unknown vulnerability

A vulnerability has been found in Devolutions Server and Server LTS (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown functionality of the component HTML Page Handler. Upgrading eliminates this...
Auteur: VulDB

TOTOLINK X5000R/A720R HTTP Request ip os command injection

A vulnerability, which was classified as critical, was found in TOTOLINK X5000R and A720R (version unknown). Affected is an unknown function of the component HTTP Request Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

TOTOLINK X5000R/A720R HTTP Request command os command injection

A vulnerability, which was classified as critical, has been found in TOTOLINK X5000R and A720R (unknown version). This issue affects some unknown processing of the component HTTP Request Handler. There is no information about possible...
Auteur: VulDB

Parallels Desktop 16.0.1-48919 Toolgate out-of-bounds read

A vulnerability classified as problematic was found in Parallels Desktop 16.0.1-48919. This vulnerability affects an unknown code block of the component Toolgate. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB
First6789101112131415Last

Événements SSI