Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

grub2 up to 2.05 squashfs Filesystem Heap-based memory corruption

A vulnerability, which was classified as critical, has been found in grub2 up to 2.05. This issue affects an unknown code block of the component squashfs Filesystem Handler. Upgrading to version 2.06 eliminates this vulnerability.
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130 memory corruption [CVE-2019-14130]

A vulnerability classified as critical was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile and Snapdragon Wired Infrastructure and Networking up to SXR2130 (Chip Software). This vulnerability affects an unknown code....
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130 Protection Module memory corruption

A vulnerability classified as critical has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile and Snapdragon Wired Infrastructure and Networking up to SXR2130 (Chip Software). This affects an unknown part of the...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130 memory corruption [CVE-2019-14123]

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile and Snapdragon Wired Infrastructure & Networking up to SXR2130 (Chip Software). It has been rated as critical. Affected by this issue is some unknown...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR1130 Command Out-of-Bounds information disclosure

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SM8150 debugfs unknown vulnerability

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Voice & Music up to SM8150 (Chip Software). It has been classified as problematic....
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130 memory corruption [CVE-2019-14099]

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wearables (Chip Software) and classified as critical. This...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDX20 Display Module Out-of-Bounds memory corruption

A vulnerability has been found in Qualcomm Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wearables (Chip Software) and...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR1130 Socket Use-After-Free memory corruption

A vulnerability, which was classified as critical, was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130 Kernel Thread Use-After-Free memory corruption

A vulnerability, which was classified as critical, has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wearables up to...
Auteur: VulDB

express-fileupload up to 1.1.7 HTTP Request Remote Code Execution

A vulnerability classified as critical was found in express-fileupload up to 1.1.7. Affected by this vulnerability is some unknown functionality. Upgrading to version 1.1.8 eliminates this vulnerability.
Auteur: VulDB

Grandstream HT800 up to 1.0.17.5 SSH Service Backdoor weak authentication

A vulnerability classified as critical has been found in Grandstream HT800 up to 1.0.17.5. Affected is an unknown functionality of the component SSH Service. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Grandstream HT800 up to 1.0.17.5 TR-069 Service NULL Pointer Dereference denial of service

A vulnerability was found in Grandstream HT800 up to 1.0.17.5. It has been rated as problematic. This issue affects an unknown function of the component TR-069 Service. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Grandstream HT800 up to 1.0.17.5 TR-069 Service CPU Exhaustion denial of service

A vulnerability was found in Grandstream HT800 up to 1.0.17.5. It has been declared as problematic. This vulnerability affects some unknown processing of the component TR-069 Service. There is no information about possible countermeasures known....
Auteur: VulDB

Grandstream HT800 up to 1.0.17.5 Configuration File SIP Message command injection

A vulnerability was found in Grandstream HT800 up to 1.0.17.5. It has been classified as critical. This affects an unknown code block of the component Configuration File. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Global TechStream up to 15.10.032 Code Execution [CVE-2020-5610]

A vulnerability was found in Global TechStream up to 15.10.032 and classified as critical. Affected by this issue is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

seafile-client 7.0.8 DLL exchndl.dll privilege escalation

A vulnerability has been found in seafile-client 7.0.8 and classified as critical. Affected by this vulnerability is an unknown part in the library exchndl.dll of the component DLL Handler. There is no information about possible countermeasures...
Auteur: VulDB

libssh 0.9.4 tftpserver.c ssh_buffer_new NULL Pointer Dereference denial of service

A vulnerability, which was classified as problematic, was found in libssh 0.9.4. Affected is the function ssh_buffer_new of the file tftpserver.c. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

GNOME Balsa up to 2.5.x imap-handle.c imap_mbox_connect Response NULL Pointer Dereference denial of service

A vulnerability, which was classified as problematic, has been found in GNOME Balsa up to 2.5.x. This issue affects the function imap_mbox_connect of the file libbalsa/imap/imap-handle.c. Upgrading to version 2.6.0 eliminates this vulnerability.
Auteur: VulDB

GNOME evolution-data-server up to 3.35.90 imapx_free_capability/imapx_connect_to_server NULL Pointer Dereference denial of service

A vulnerability classified as problematic was found in GNOME evolution-data-server up to 3.35.90. This vulnerability affects the function imapx_free_capability/imapx_connect_to_server. Upgrading to version 3.35.91 eliminates this vulnerability.
Auteur: VulDB

grub2 up to 2.04 on Linux UEFI Secure Boot grub_cmd_initrd/grub_initrd_init Argument Integer Overflow memory corruption

A vulnerability classified as critical has been found in grub2 up to 2.04 on Linux. This affects the function grub_cmd_initrd/grub_initrd_init of the component UEFI Secure Boot. There is no information about possible countermeasures known. It may...
Auteur: VulDB

grub2 up to 2.04 Secure Boot grub_script_function_create() Use-After-Free memory corruption

A vulnerability was found in grub2 up to 2.04. It has been rated as critical. Affected by this issue is the function grub_script_function_create() of the component Secure Boot. There is no information about possible countermeasures known. It may...
Auteur: VulDB

grub2 up to 2.04 Kernel Signature Validator privilege escalation

A vulnerability was found in grub2 up to 2.04. It has been declared as critical. Affected by this vulnerability is an unknown code of the component Kernel Signature Validator. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Zoho ManageEngine Desktop Central up to 10.0.532 Header Integer Overflow memory corruption

A vulnerability was found in Zoho ManageEngine Desktop Central up to 10.0.532. It has been classified as critical. Affected is an unknown part of the component Header Handler. Upgrading to version 10.0.533 eliminates this vulnerability.
Auteur: VulDB

auth0 Package up to 2.27.0 on npm Authorization Header Log information disclosure

A vulnerability was found in auth0 Package up to 2.27.0 on npm and classified as problematic. This issue affects some unknown functionality. Upgrading to version 2.27.1 eliminates this vulnerability.
Auteur: VulDB
First78910111213141516Last

Événements SSI