samedi 4 avril 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Apple macOS up to 10.15.3 Call History information disclosure

A vulnerability classified as problematic has been found in Apple macOS up to 10.15.3. Affected is an unknown functionality of the component Call History. Upgrading to version 10.15.4 eliminates this vulnerability. A possible mitigation has been...
Auteur: VulDB

Apple macOS up to 10.15.3 Bluetooth information disclosure

A vulnerability was found in Apple macOS up to 10.15.3. It has been rated as problematic. This issue affects an unknown function of the component Bluetooth. Upgrading to version 10.15.4 eliminates this vulnerability. A possible mitigation has...
Auteur: VulDB

Apple macOS up to 10.15.3 Bluetooth memory corruption

A vulnerability was found in Apple macOS up to 10.15.3. It has been declared as critical. This vulnerability affects some unknown processing of the component Bluetooth. Upgrading to version 10.15.4 eliminates this vulnerability. A possible...
Auteur: VulDB

Apple macOS up to 10.15.3 Bluetooth memory corruption

A vulnerability was found in Apple macOS up to 10.15.3. It has been classified as critical. This affects an unknown code block of the component Bluetooth. Upgrading to version 10.15.4 eliminates this vulnerability. A possible mitigation has been...
Auteur: VulDB

Apple macOS up to 10.15.3 Bluetooth memory corruption

A vulnerability was found in Apple macOS up to 10.15.3 and classified as critical. Affected by this issue is an unknown code of the component Bluetooth. Upgrading to version 10.15.4 eliminates this vulnerability. A possible mitigation has been...
Auteur: VulDB

Apple macOS up to 10.15.3 Bluetooth Out-of-Bounds memory corruption

A vulnerability has been found in Apple macOS up to 10.15.3 and classified as critical. Affected by this vulnerability is an unknown part of the component Bluetooth. Upgrading to version 10.15.4 eliminates this vulnerability. A possible...
Auteur: VulDB

Apple macOS up to 10.15.3 Bluetooth Out-of-Bounds memory corruption

A vulnerability, which was classified as critical, was found in Apple macOS up to 10.15.3. Affected is some unknown functionality of the component Bluetooth. Upgrading to version 10.15.4 eliminates this vulnerability. A possible mitigation has...
Auteur: VulDB

Apple macOS up to 10.15.3 Bluetooth Out-of-Bounds memory corruption

A vulnerability, which was classified as critical, has been found in Apple macOS up to 10.15.3. This issue affects an unknown functionality of the component Bluetooth. Upgrading to version 10.15.4 eliminates this vulnerability. A possible...
Auteur: VulDB

Apple macOS up to 10.15.3 AppleMobileFileIntegrity privilege escalation

A vulnerability classified as critical was found in Apple macOS up to 10.15.3. This vulnerability affects an unknown function of the component AppleMobileFileIntegrity. Upgrading to version 10.15.4 eliminates this vulnerability. A possible...
Auteur: VulDB

Apple macOS up to 10.15.3 AppleGraphicsControl memory corruption

A vulnerability classified as critical has been found in Apple macOS up to 10.15.3. This affects some unknown processing of the component AppleGraphicsControl. Upgrading to version 10.15.4 eliminates this vulnerability. A possible mitigation has...
Auteur: VulDB

Apple macOS up to 10.15.3 Apple HSSPI Support memory corruption

A vulnerability was found in Apple macOS up to 10.15.3. It has been rated as critical. Affected by this issue is an unknown code block of the component Apple HSSPI Support. Upgrading to version 10.15.4 eliminates this vulnerability. A possible...
Auteur: VulDB

CERTFR-2020-AVI-184 : Multiples vulnérabilités dans Google Chrome OS (02 avril 2020)

De multiples vulnérabilités ont été découvertes dans Google Chrome OS. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Auteur: Cert FR

CERTFR-2020-AVI-183 : Multiples vulnérabilités dans Apache Server (02 avril 2020)

De multiples vulnérabilités ont été découvertes dans Apache Server. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Auteur: Cert FR

L’ISO 27701, une norme internationale pour la protection des données personnelles

La norme ISO 27701 est une norme internationale qui décrit la gouvernance et les mesures de sécurité à mettre en place pour les traitements de données personnelles, en étendant deux normes bien connues de la sécurité informatique.
Auteur: Cnil

MS-ISAC Releases Advisory on DrayTek Devices

Original release date: April 1, 2020The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory regarding two vulnerable command injection points in DrayTek devices (CVE-2020-8515). An attacker could exploit these...
Auteur: US Cert

Google Releases Security Updates for Chrome

Original release date: April 1, 2020Google has released Chrome version 80.0.3987.162 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

CERTFR-2020-CTI-003 : 🇬🇧 Attacks involving the Mespinoza/Pysa ransomware (01 avril 2020)

  In the past few weeks, ANSSI became aware of cyber attacks targeting French local authorities. These attacks involved ransomwares whose use resulted in several encrypted files. The …
Auteur: Cert FR

CERTFR-2020-AVI-182 : Multiples vulnérabilités dans Google Chrome (01 avril 2020)

De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Auteur: Cert FR

CERTFR-2020-AVI-181 : Multiples vulnérabilités dans le noyau Linux de SUSE (01 avril 2020)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Elles permettent à un attaquant de provoquer un déni de service et une atteinte à la confidentialité des données.

Auteur: Cert FR

CERTFR-2020-AVI-180 : Multiples vulnérabilités dans le noyau Linux de Red Hat (01 avril 2020)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une...
Auteur: Cert FR

PHP up to 7.2.8/7.3.15/7.4.33 URL get_headers() privilege escalation

A vulnerability was found in PHP up to 7.2.8/7.3.15/7.4.33 (Programming Language Software). It has been declared as critical. Affected by this vulnerability is the function get_headers() of the component URL Handler. Upgrading to version 7.2.9,...
Auteur: VulDB

PHP up to 7.3.15/7.4.33 UTF-32LE Encoding mb_strtolower() memory corruption

A vulnerability was found in PHP up to 7.3.15/7.4.33 (Programming Language Software). It has been classified as critical. Affected is the function mb_strtolower() of the component UTF-32LE Encoding Handler. Upgrading to version 7.3.16 or 7.4.34...
Auteur: VulDB

PHP up to 7.2.8/7.3.15/7.4.33 EXIF Data exif_read_data() information disclosure

A vulnerability was found in PHP up to 7.2.8/7.3.15/7.4.33 (Programming Language Software) and classified as problematic. This issue affects the function exif_read_data() of the component EXIF Data Handler. Upgrading to version 7.2.9, 7.3.16 or...
Auteur: VulDB

Elasticsearch up to 6.8.7/7.6.1 API Key Generation privilege escalation

A vulnerability has been found in Elasticsearch up to 6.8.7/7.6.1 and classified as critical. This vulnerability affects an unknown functionality of the component API Key Generation. There is no information about possible countermeasures known....
Auteur: VulDB

LifterLMS Plugin 3.37.15 on WordPress Code Execution directory traversal

A vulnerability, which was classified as critical, was found in LifterLMS Plugin 3.37.15 on WordPress (WordPress Plugin). This affects an unknown function. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB
First78910111213141516Last

Événements SSI