samedi 6 juin 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

MediaWiki up to 1.34 Logout ready.js HTML Content Open Redirect

A vulnerability was found in MediaWiki up to 1.34 (Content Management System). It has been rated as critical. This issue affects an unknown code block of the file resources/src/mediawiki.page.ready/ready.js of the component Logout Handler....
Auteur: VulDB

Istio up to 1.4.8/1.5.3 Telemetry v2 Crafted Packet NULL Pointer Dereference denial of service

A vulnerability was found in Istio up to 1.4.8/1.5.3. It has been declared as problematic. This vulnerability affects an unknown code of the component Telemetry v2 Handler. Upgrading to version 1.4.9 or 1.5.4 eliminates this vulnerability.
Auteur: VulDB

libvirt up to 5.x API NULL Pointer Dereference denial of service

A vulnerability was found in libvirt up to 5.x (Virtualization Software). It has been classified as problematic. This affects an unknown part of the component API. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

IP Encapsulation within IP privilege escalation [CVE-2020-10136]

A vulnerability was found in IP Encapsulation within IP (affected version not known) and classified as critical. Affected by this issue is some unknown functionality. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Asus Aura Sync up to 1.07.71 IOCTL Ene.sys Request memory corruption

A vulnerability has been found in Asus Aura Sync up to 1.07.71 and classified as critical. Affected by this vulnerability is an unknown functionality in the library Ene.sys of the component IOCTL Handler. There is no information about possible...
Auteur: VulDB

Qualcomm MSM8909W/QCS605 HDR memory corruption

A vulnerability, which was classified as critical, was found in Qualcomm Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables MSM8909W/QCS605. Affected is an unknown function of the component HDR Handler. Upgrading eliminates this...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDM845 qpay Response Out-of-Bounds memory corruption

A vulnerability, which was classified as critical, has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wired Infrastructure...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130 Response Out-of-Bounds memory corruption

A vulnerability classified as critical was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wired...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130 Side-Channel information disclosure

A vulnerability classified as problematic has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130 Feature ID Integer Overflow memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wired Infrastructure and Networking. It has been rated as...
Auteur: VulDB

Qualcomm Snapdragon Compute up to SXR2130 privilege escalation

A vulnerability was found in Qualcomm Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wired Infrastructure and Networking. It has been declared as critical. Affected by this vulnerability...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130 XFRM Policy Out-of-Bounds memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130 Fingerprint Out-of-Bounds memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wired Infrastructure and Networking...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130 Fingerprint Out-of-Bounds memory corruption

A vulnerability has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wired Infrastructure and...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDX24 Response Out-of-Bounds memory corruption

A vulnerability, which was classified as critical, was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wearables (Chip...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDX24 ADSP Parser Response memory corruption

A vulnerability, which was classified as critical, has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon...
Auteur: VulDB

MailPoet Plugin up to 3.23.1 on WordPress Parameter Reflected cross site scripting

A vulnerability classified as problematic was found in MailPoet Plugin up to 3.23.1 on WordPress (WordPress Plugin). Affected by this vulnerability is an unknown part. Upgrading to version 3.23.2 eliminates this vulnerability.
Auteur: VulDB

Grafana 5.3.1 Incomplete Fix CVE-2018-12099 cross site scripting

A vulnerability classified as problematic has been found in Grafana 5.3.1. Affected is some unknown functionality of the component Incomplete Fix CVE-2018-12099. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Grafana 5.3.1 Incomplete Fix CVE-2018-12099 cross site scripting

A vulnerability was found in Grafana 5.3.1. It has been rated as problematic. This issue affects an unknown functionality of the component Incomplete Fix CVE-2018-12099. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Grafana 5.3.1 Incomplete Fix CVE-2018-12099 cross site scripting

A vulnerability was found in Grafana 5.3.1. It has been declared as problematic. This vulnerability affects an unknown function of the component Incomplete Fix CVE-2018-12099. There is no information about possible countermeasures known. It may...
Auteur: VulDB

CERTFR-2020-AVI-332 : Vulnérabilité dans les produits Apple (02 juin 2020)

Une vulnérabilité a été découverte dans les produits Apple. Elle permet à un attaquant de provoquer une exécution de code arbitraire et une élévation de privilèges.

Auteur: Cert FR

CERTFR-2020-DUR-001 : Points de contrôle Active Directory (02 juin 2020)

L'annuaire Active Directory, centre névralgique de la sécurité des systèmes d'information Microsoft, est un élément critique permettant la gestion …
Auteur: Cert FR

CERTFR-2020-AVI-331 : Multiples vulnérabilités dans Google Android (02 juin 2020)

De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de...
Auteur: Cert FR

CERTFR-2020-AVI-330 : Vulnérabilité dans Cisco NX-OS (02 juin 2020)

Une vulnérabilité a été découverte dans Cisco NX-OS. Elle permet à un attaquant de provoquer un déni de service à distance et un contournement de la politique de sécurité.

Auteur: Cert FR

CERTFR-2020-AVI-329 : Vulnérabilité dans Fortinet FortiClient (02 juin 2020)

Une vulnérabilité a été découverte dans Fortinet FortiClient. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

Auteur: Cert FR
First78910111213141516Last

Événements SSI