Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Linux Kernel up to 5.8.0 Bluetooth hci_event.c hci_extended_inquiry_result_evt out-of-bounds read

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.8.0 (Operating System). Affected by this issue is the function hci_extended_inquiry_result_evt of the file net/bluetooth/hci_event.c of the component...
Auteur: VulDB

Z-BlogPHP up to 1.5.2 zb_system/cmd.php redirect

A vulnerability classified as problematic was found in Z-BlogPHP up to 1.5.2. Affected by this vulnerability is some unknown functionality of the file zb_system/cmd.php. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Linux Kernel up to 5.0.18 XFRM Subsystem xfrm_state_fini use after free

A vulnerability classified as critical has been found in Linux Kernel up to 5.0.18 (Operating System). Affected is the function xfrm_state_fini of the component XFRM Subsystem. Upgrading to version 5.0.19 eliminates this vulnerability. The...
Auteur: VulDB

Linux Kernel up to 4.14.15 net/sctp/socket.c use after free

A vulnerability was found in Linux Kernel up to 4.14.15 (Operating System). It has been rated as critical. This issue affects an unknown function of the file net/sctp/socket.c. Upgrading to version 4.14.16 eliminates this vulnerability. The...
Auteur: VulDB

Nagios XI up to 5.7.5 Rename unrestricted upload

A vulnerability was found in Nagios XI up to 5.7.5 (Log Management Software). It has been declared as critical. This vulnerability affects some unknown processing of the component Rename Handler. There is no information about possible...
Auteur: VulDB

Google Chrome prior 91.0.4472.77 Content Security Policy Remote Code Execution

A vulnerability was found in Google Chrome (Web Browser). It has been classified as critical. This affects an unknown code block of the component Content Security Policy Handler. Upgrading to version 91.0.4472.77 eliminates this vulnerability....
Auteur: VulDB

Google Chrome prior 91.0.4472.77 Content Security Policy improper restriction of rendered ui layers

A vulnerability was found in Google Chrome (Web Browser) and classified as critical. Affected by this issue is an unknown code of the component Content Security Policy Handler. Upgrading to version 91.0.4472.77 eliminates this vulnerability. The...
Auteur: VulDB

Google Chrome prior 91.0.4472.77 Cookie Remote Code Execution

A vulnerability has been found in Google Chrome (Web Browser) and classified as critical. Affected by this vulnerability is an unknown part of the component Cookie Handler. Upgrading to version 91.0.4472.77 eliminates this vulnerability. The...
Auteur: VulDB

Google Chrome prior 91.0.4472.77 iFrameSandbox Remote Code Execution

A vulnerability, which was classified as critical, was found in Google Chrome (Web Browser). Affected is some unknown functionality of the component iFrameSandbox. Upgrading to version 91.0.4472.77 eliminates this vulnerability. The upgrade is...
Auteur: VulDB

Google Chrome prior 91.0.4472.77 PopupBlocker Remote Code Execution

A vulnerability, which was classified as critical, has been found in Google Chrome (Web Browser). This issue affects an unknown functionality of the component PopupBlocker. Upgrading to version 91.0.4472.77 eliminates this vulnerability. The...
Auteur: VulDB

Google Chrome prior 91.0.4472.77 Content Security Policy improper restriction of rendered ui layers

A vulnerability classified as critical was found in Google Chrome (Web Browser). This vulnerability affects an unknown function of the component Content Security Policy Handler. Upgrading to version 91.0.4472.77 eliminates this vulnerability. The...
Auteur: VulDB

Google Chrome prior 91.0.4472.77 Content Security Policy improper restriction of rendered ui layers

A vulnerability classified as critical has been found in Google Chrome (Web Browser). This affects some unknown processing of the component Content Security Policy Handler. Upgrading to version 91.0.4472.77 eliminates this vulnerability. The...
Auteur: VulDB

Google Chrome prior 91.0.4472.77 on Android Payments clickjacking

A vulnerability was found in Google Chrome on Android (Web Browser). It has been rated as problematic. Affected by this issue is an unknown code block of the component Payments. Upgrading to version 91.0.4472.77 eliminates this vulnerability. The...
Auteur: VulDB

Google Chrome prior 91.0.4472.77 on Android WebAuthentication use after free

A vulnerability was found in Google Chrome on Android (Web Browser). It has been declared as critical. Affected by this vulnerability is an unknown code of the component WebAuthentication. Upgrading to version 91.0.4472.77 eliminates this...
Auteur: VulDB

Google Chrome prior 91.0.4472.77 on Android Autofill heap-based overflow

A vulnerability was found in Google Chrome on Android (Web Browser). It has been classified as critical. Affected is an unknown part of the component Autofill. Upgrading to version 91.0.4472.77 eliminates this vulnerability. The upgrade is hosted...
Auteur: VulDB

Accela Civic Platform up to 21.1 Parameter security/hostSignon.do servProvCode cross site scripting

A vulnerability was found in Accela Civic Platform up to 21.1 and classified as problematic. This issue affects some unknown functionality of the file security/hostSignon.do of the component Parameter Handler. There is no information about...
Auteur: VulDB

Zoho ManageEngine Key Manager Plus up to 6000 User-Management Page cross site scripting

A vulnerability has been found in Zoho ManageEngine Key Manager Plus up to 6000 and classified as problematic. This vulnerability affects an unknown functionality of the component User-Management Page. Upgrading to version 6001 eliminates this...
Auteur: VulDB

PageLayer up to 1.3.4 Color Settings cross site scripting

A vulnerability, which was classified as problematic, was found in PageLayer up to 1.3.4. This affects an unknown function of the component Color Settings Handler. Upgrading to version 1.3.5 eliminates this vulnerability.
Auteur: VulDB

PageLayer up to 1.3.4 Parameter font-size cross site scripting

A vulnerability, which was classified as problematic, has been found in PageLayer up to 1.3.4. Affected by this issue is some unknown processing of the component Parameter Handler. Upgrading to version 1.3.5 eliminates this vulnerability.
Auteur: VulDB

Sharp NEC UN462A HTTP Request buffer overflow [CVE-2021-20699]

A vulnerability classified as critical was found in Sharp NEC UN462A, UN462VA, UN492S, UN492VS, UN552A, UN552S, UN552VS, UN552, UN552V, UX552S, UN552, V864Q, C861Q, P754Q, V754Q, C751Q, V964Q, C961Q, P654Q, V654Q, C651Q and V554Q. Affected by...
Auteur: VulDB

Red Hat WildFly up to 19.x EJBContext Principle privileges management

A vulnerability classified as critical has been found in Red Hat WildFly up to 19.x (Application Server Software). Affected is an unknown code of the component EJBContext Principle Handler. Upgrading to version 20.0.0.Final eliminates this...
Auteur: VulDB

ArcGIS Server up to 10.8.1 sql injection [CVE-2021-29099]

A vulnerability was found in ArcGIS Server up to 10.8.1. It has been rated as critical. This issue affects an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Sharp NEC UN462A HTTP Request Remote Privilege Escalation [CVE-2021-20698]

A vulnerability was found in Sharp NEC UN462A, UN462VA, UN492S, UN492VS, UN552A, UN552S, UN552VS, UN552, UN552V, UX552S, UN552, V864Q, C861Q, P754Q, V754Q, C751Q, V964Q, C961Q, P654Q, V654Q, C651Q and V554Q. It has been declared as very critical....
Auteur: VulDB

iFlyChat Plugin up to 4.6.4 on WordPress APP ID Setting cross site scripting

A vulnerability was found in iFlyChat Plugin up to 4.6.4 on WordPress (WordPress Plugin). It has been classified as problematic. This affects an unknown functionality of the component APP ID Setting Handler. There is no information about possible...
Auteur: VulDB

Easy Preloader Plugin up to 1.0.0 on WordPress cross site scripting

A vulnerability was found in Easy Preloader Plugin up to 1.0.0 on WordPress (WordPress Plugin) and classified as problematic. Affected by this issue is an unknown function. There is no information about possible countermeasures known. It may be...
Auteur: VulDB
First891011121314151617Last

Événements SSI