lundi 6 juillet 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Adobe Illustrator up to 24.1.2 Code Execution memory corruption

A vulnerability was found in Adobe Illustrator up to 24.1.2 (Image Processing Software). It has been classified as critical. Affected is an unknown function. Upgrading eliminates this vulnerability.
Auteur: VulDB

SecureAuth IdP 9.3.0 Template SecureAuth.aspx cross site scripting

A vulnerability was found in SecureAuth IdP 9.3.0 and classified as problematic. This issue affects some unknown processing of the file SecureAuth.aspx of the component Template Handler. There is no information about possible countermeasures...
Auteur: VulDB

Rapid7 Metasploit Pro 4.17.1-20200427 Scan Asset notes cross site scripting

A vulnerability has been found in Rapid7 Metasploit Pro 4.17.1-20200427 and classified as problematic. This vulnerability affects an unknown code block of the component Scan Asset Handler. Upgrading to version 4.17.1-20200514 eliminates this...
Auteur: VulDB

Rapid7 Metasploit Pro 4.17.1-20200427 Scan Asset host cross site scripting

A vulnerability, which was classified as problematic, was found in Rapid7 Metasploit Pro 4.17.1-20200427. This affects an unknown code of the component Scan Asset Handler. Upgrading to version 4.17.1-20200514 eliminates this vulnerability.
Auteur: VulDB

NVIDIA Linux GPU Display Driver UVM Driver denial of service

A vulnerability, which was classified as problematic, has been found in NVIDIA Linux GPU Display Driver (Hardware Driver Software) (affected version not known). Affected by this issue is an unknown part of the component UVM Driver. There is no...
Auteur: VulDB

NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys DxgkDdiEscape denial of service

A vulnerability classified as problematic was found in NVIDIA Windows GPU Display Driver (Hardware Driver Software) (affected version unknown). Affected by this vulnerability is the function DxgkDdiEscape in the library nvlddmkm.sys of the...
Auteur: VulDB

NVIDIA Windows GPU Display Driver DirectX 11 User Mode Driver nvwgf2um/x.dll denial of service

A vulnerability classified as problematic has been found in NVIDIA Windows GPU Display Driver (Hardware Driver Software) (version unknown). Affected is an unknown functionality in the library nvwgf2um/x.dll of the component DirectX 11 User Mode...
Auteur: VulDB

NVIDIA Windows GPU Display Driver Service Host Code Execution

A vulnerability was found in NVIDIA Windows GPU Display Driver (Hardware Driver Software) (unknown version). It has been rated as critical. This issue affects an unknown function of the component Service Host. There is no information about...
Auteur: VulDB

NVIDIA Windows GPU Display Driver Inter Process Communication API Code Execution

A vulnerability was found in NVIDIA Windows GPU Display Driver (Hardware Driver Software) (the affected version is unknown). It has been declared as critical. This vulnerability affects some unknown processing of the component Inter Process...
Auteur: VulDB

generator-jhipster-kotlin 1.6.0 Password Reset Log privilege escalation

A vulnerability was found in generator-jhipster-kotlin 1.6.0. It has been classified as critical. This affects an unknown code block of the component Password Reset Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

VMware ESXi/Workstation/Fusion vmxnet3 Virtual Network Adapter Heap-based information disclosure

A vulnerability was found in VMware ESXi, Workstation and Fusion (affected version not known) and classified as problematic. Affected by this issue is an unknown code of the component vmxnet3 Virtual Network Adapter. Upgrading eliminates this...
Auteur: VulDB

VMware ESXi/Workstation/Fusion Shader Out-of-Bounds denial of service

A vulnerability has been found in VMware ESXi, Workstation and Fusion (affected version unknown) and classified as problematic. Affected by this vulnerability is an unknown part of the component Shader Handler. Upgrading eliminates this...
Auteur: VulDB

VMware ESXi/Workstation/Fusion USB 3.0 Controller Out-of-Bounds memory corruption

A vulnerability, which was classified as critical, was found in VMware ESXi, Workstation and Fusion (Virtualization Software) (version unknown). Affected is some unknown functionality of the component USB 3.0 Controller Handler. Upgrading...
Auteur: VulDB

VMware ESXi/Workstation/Fusion USB 2.0 Controller Heap-based memory corruption

A vulnerability, which was classified as critical, has been found in VMware ESXi, Workstation and Fusion (Virtualization Software) (unknown version). This issue affects an unknown functionality of the component USB 2.0 Controller. Upgrading...
Auteur: VulDB

VMware ESXi/Workstation/Fusion USB 2.0 Controller Heap-based memory corruption

A vulnerability classified as critical was found in VMware ESXi, Workstation and Fusion (Virtualization Software) (the affected version is unknown). This vulnerability affects an unknown function of the component USB 2.0 Controller. Upgrading...
Auteur: VulDB

VMware ESXi/Workstation/Fusion XHCI USB Controller information disclosure

A vulnerability classified as problematic has been found in VMware ESXi, Workstation and Fusion (Virtualization Software) (the affected version unknown). This affects some unknown processing of the component XHCI USB Controller. Upgrading...
Auteur: VulDB

VMware ESXi/Workstation/Fusion EHCI USB Controller information disclosure

A vulnerability was found in VMware ESXi, Workstation and Fusion (Virtualization Software) (affected version not known). It has been rated as problematic. Affected by this issue is an unknown code block of the component EHCI USB Controller....
Auteur: VulDB

VMware ESXi/Workstation/Fusion PVNVRAM Use-After-Free memory corruption

A vulnerability was found in VMware ESXi, Workstation and Fusion (Virtualization Software) (affected version unknown). It has been declared as critical. Affected by this vulnerability is an unknown code of the component PVNVRAM. Upgrading...
Auteur: VulDB

OpenEXR up to 2.5.1 IlmImf/ImfMisc.cpp getChunkOffsetTableSize() chunkCount memory corruption

A vulnerability was found in OpenEXR up to 2.5.1. It has been classified as critical. Affected is the function getChunkOffsetTableSize() of the file IlmImf/ImfMisc.cpp. Upgrading to version 2.5.2 eliminates this vulnerability.
Auteur: VulDB

OpenEXR up to 2.5.1 ImfDeepScanLineInputFile.cpp DeepScanLineInputFile() memory corruption

A vulnerability was found in OpenEXR up to 2.5.1 and classified as critical. This issue affects the function DeepScanLineInputFile::DeepScanLineInputFile() of the file IlmImf/ImfDeepScanLineInputFile.cpp. Upgrading to version 2.5.2 eliminates...
Auteur: VulDB

OpenEXR up to 2.5.1 ImfTiledInputFile.cpp TiledInputFile() denial of service

A vulnerability has been found in OpenEXR up to 2.5.1 and classified as problematic. This vulnerability affects the function TiledInputFile::TiledInputFile() of the file IlmImf/ImfTiledInputFile.cpp. Upgrading to version 2.5.2 eliminates this...
Auteur: VulDB

Argent RecoveryManager executeRecovery denial of service

A vulnerability, which was classified as problematic, was found in Argent RecoveryManager (the affected version unknown). This affects the function executeRecovery. Applying the patch 0xdc350d09f71c48c5D22fBE2741e4d6A03970E192 is able to...
Auteur: VulDB

CERTFR-2020-AVI-392 : Multiples vulnérabilités dans le noyau linux d’Ubuntu (26 juin 2020)

De multiples vulnérabilités ont été découvertes dans le noyau linux d'Ubuntu. Elles permettent à un attaquant de provoquer une exécution de code arbitraire et un déni de service.

Auteur: Cert FR

CERTFR-2020-AVI-391 : Vulnérabilité dans Mozilla Firefox pour iOS (26 juin 2020)

Une vulnérabilité a été découverte dans Mozilla Firefox pour iOS. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

Auteur: Cert FR

Trojita up to 0.7 MSA/SMTP.cpp weak authentication

A vulnerability, which was classified as problematic, has been found in Trojita up to 0.7. Affected by this issue is some unknown processing of the file MSA/SMTP.cpp. Upgrading to version 0.8 eliminates this vulnerability.
Auteur: VulDB
First12131415161718192021Last

Événements SSI