Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Schneider Electric C-Bus Toolkit up to 1.15.7 File Upload path traversal

A vulnerability, which was classified as critical, was found in Schneider Electric C-Bus Toolkit up to 1.15.7 (SCADA Software). This affects some unknown processing of the component File Upload Handler. There is no information about possible...
Auteur: VulDB

Schneider Electric C-Bus Toolkit up to 1.15.7 Project File Restore path traversal

A vulnerability, which was classified as critical, has been found in Schneider Electric C-Bus Toolkit up to 1.15.7 (SCADA Software). Affected by this issue is an unknown code block of the component Project File Restore Handler. There is no...
Auteur: VulDB

Schneider Electric C-Bus Toolkit up to 1.15.7 Config File path traversal

A vulnerability classified as critical was found in Schneider Electric C-Bus Toolkit up to 1.15.7 (SCADA Software). Affected by this vulnerability is an unknown code of the component Config File Handler. There is no information about possible...
Auteur: VulDB

Schneider Electric C-Bus Toolkit up to 1.15.7 privileges management

A vulnerability classified as critical has been found in Schneider Electric C-Bus Toolkit up to 1.15.7 (SCADA Software). Affected is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

AccuSoft ImageGear 19.8 JPG File out-of-bounds write

A vulnerability was found in AccuSoft ImageGear 19.8. It has been rated as critical. This issue affects some unknown functionality of the component JPG File Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

SAP NetWeaver Application Server Java 7.10 up to 7.50 authentication spoofing

A vulnerability was found in SAP NetWeaver Application Server Java 7.10 up to 7.50 (Application Server Software). It has been declared as critical. This vulnerability affects an unknown functionality. There is no information about possible...
Auteur: VulDB

SAP NetWeaver Application Server for Java NTLM Hash information disclosure

A vulnerability was found in SAP NetWeaver Application Server for Java (Application Server Software) (the affected version unknown). It has been classified as problematic. This affects an unknown function of the component NTLM Hash Handler. There...
Auteur: VulDB

SAP Solution Manager 720 information disclosure [CVE-2021-21483]

A vulnerability was found in SAP Solution Manager 720 and classified as problematic. Affected by this issue is some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

SAP NetWeaver Master Data Management 710/710.750 information disclosure

A vulnerability has been found in SAP NetWeaver Master Data Management 710/710.750 (Solution Stack Software) and classified as problematic. Affected by this vulnerability is an unknown code block. There is no information about possible...
Auteur: VulDB

CERTFR-2021-AVI-253 : [SCADA] Multiples vulnérabilités dans les produits Schneider Electric (14 avril 2021)

De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.

Auteur: Cert FR

Google Android 8.1/9.0/10.0/11.0 CryptoPlugin.cpp decrypt_1_2 out-of-bounds read

A vulnerability, which was classified as problematic, was found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). Affected is the function decrypt_1_2 of the file CryptoPlugin.cpp. Applying a patch is able to eliminate this...
Auteur: VulDB

Google Android LK Local Privilege Escalation [CVE-2021-0468]

A vulnerability, which was classified as problematic, has been found in Google Android (Smartphone Operating System) (unknown version). This issue affects an unknown part of the component LK. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Google Android 11.0 ImportVCardActivity improper restriction of rendered ui layers

A vulnerability classified as problematic was found in Google Android 11.0 (Smartphone Operating System). This vulnerability affects the function ImportVCardActivity. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Google Android 9.0/11.0 WelcomeActivity.java start Local Privilege Escalation

A vulnerability classified as problematic has been found in Google Android 9.0/11.0 (Smartphone Operating System). This affects the function start of the file WelcomeActivity.java. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 Contacts QuickContactActivity.java onActivityResult information disclosure

A vulnerability was found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). It has been rated as problematic. Affected by this issue is the function onActivityResult of the file QuickContactActivity.java of the component Contacts...
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 Screenshot ScreenshotHelper.java information disclosure

A vulnerability was found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). It has been declared as problematic. Affected by this vulnerability is some unknown processing of the file ScreenshotHelper.java of the component...
Auteur: VulDB

Google Android 11.0 InputApplicationHandle.cpp updateInfo use after free

A vulnerability was found in Google Android 11.0 (Smartphone Operating System). It has been classified as critical. Affected is the function NativeInputApplicationHandle ::updateInfo of the file InputApplicationHandle.cpp. Applying a patch is...
Auteur: VulDB

Google Android 11.0 com_android_server_power_PowerManagerService.cpp setPowerModeWithHandle out-of-bounds write

A vulnerability was found in Google Android 11.0 (Smartphone Operating System) and classified as critical. This issue affects the function setPowerModeWithHandle of the file com_android_server_power_PowerManagerService.cpp. Applying a patch is...
Auteur: VulDB

Google Android 8.1/9.0/10.0 InputDispatcher.cpp FLAG_OBSCURED improper restriction of rendered ui layers

A vulnerability has been found in Google Android 8.1/9.0/10.0 (Smartphone Operating System) and classified as problematic. This vulnerability affects an unknown part of the file InputDispatcher.cpp. Applying a patch is able to eliminate this...
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 DrmPlugin.cpp setPlayPolicy double free

A vulnerability, which was classified as critical, was found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). This affects the function setPlayPolicy of the file DrmPlugin.cpp. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 CryptoPlugin.cpp CryptoPlugin::decrypt out-of-bounds read

A vulnerability, which was classified as problematic, has been found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). Affected by this issue is the function CryptoPlugin::decrypt of the file CryptoPlugin.cpp. Applying a patch is...
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 avrc_api.cc avrc_proc_vendor_command information disclosure

A vulnerability classified as problematic was found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). Affected by this vulnerability is the function avrc_proc_vendor_command of the file avrc_api.cc. Applying a patch is able to...
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 Bluetooth DeviceChooserActivity.java onCreate improper restriction of rendered ui layers

A vulnerability classified as problematic has been found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). Affected is the function onCreate of the file DeviceChooserActivity.java of the component Bluetooth Handler. Applying a...
Auteur: VulDB

Google Android 11.0 StatsPullerManager.cpp ClearPullerCacheIfNecessary/ForceClearPullerCache use after free

A vulnerability was found in Google Android 11.0 (Smartphone Operating System). It has been rated as critical. This issue affects the function ClearPullerCacheIfNecessary/ForceClearPullerCache of the file StatsPullerManager.cpp. Applying a patch...
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 avrc_api.cc avrc_msg_cback out-of-bounds read

A vulnerability was found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). It has been declared as problematic. This vulnerability affects the function avrc_msg_cback of the file avrc_api.cc. Applying a patch is able to...
Auteur: VulDB
First891011121314151617Last

Événements SSI