Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

CERTFR-2018-AVI-583 : Multiples vulnérabilités dans le noyau Linux d’Ubuntu (04 décembre 2018)

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et un contournement de la politique de sécurité.

Auteur: Cert FR

CERTFR-2018-AVI-582 : Multiples vulnérabilités dans Google Android (04 décembre 2018)

De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et une atteinte à...
Auteur: Cert FR

Google Chrome prior 66.0.3359.106 Blink HTML Page information disclosure

A vulnerability was found in Google Chrome. It has been rated as problematic. Affected by this issue is an unknown function of the component Blink. The manipulation as part of a HTML Page leads to a information disclosure vulnerability. Using...
Auteur: VulDB

Google Chrome GarbageCollection HTML Page Heap-based memory corruption

A vulnerability was found in Google Chrome GarbageCollection. It has been declared as critical. Affected by this vulnerability is an unknown function of the component GarbageCollection. The manipulation as part of a HTML Page leads to a memory...
Auteur: VulDB

Google Chrome prior 66.0.3359.106 WebAssembly HTML Page Integer Overflow memory corruption

A vulnerability was found in Google Chrome. It has been classified as critical. Affected is an unknown function of the component WebAssembly. The manipulation as part of a HTML Page leads to a memory corruption vulnerability (Integer Overflow)....
Auteur: VulDB

Google Chrome prior 66.0.3359.106 Skia HTML Page Integer Overflow memory corruption

A vulnerability was found in Google Chrome and classified as critical. This issue affects an unknown function of the component Skia. The manipulation as part of a HTML Page leads to a memory corruption vulnerability (Integer Overflow). Using CWE...
Auteur: VulDB

Google Chrome prior 66.0.3359.106 Service Worker HTML Page Cross-Origin information disclosure

A vulnerability has been found in Google Chrome and classified as problematic. This vulnerability affects an unknown function of the component Service Worker. The manipulation as part of a HTML Page leads to a information disclosure...
Auteur: VulDB

Google Chrome prior 66.0.3359.106 PDFium PDF File privilege escalation

A vulnerability, which was classified as critical, was found in Google Chrome. This affects an unknown function of the component PDFium. The manipulation as part of a PDF File leads to a privilege escalation vulnerability. CWE is classifying the...
Auteur: VulDB

Google Chrome prior 66.0.3359.106 WebAssembly HTML Page Use-After-Free memory corruption

A vulnerability, which was classified as critical, has been found in Google Chrome. Affected by this issue is an unknown function of the component WebAssembly. The manipulation as part of a HTML Page leads to a memory corruption vulnerability...
Auteur: VulDB

Google Chrome prior 66.0.3359.106 Networking Disk Cache HTML Page memory corruption

A vulnerability classified as critical was found in Google Chrome. Affected by this vulnerability is an unknown function of the component Networking Disk Cache. The manipulation as part of a HTML Page leads to a memory corruption vulnerability....
Auteur: VulDB

Google Chrome prior 66.0.3359.106 Networking Disk Cache HTML Page privilege escalation

A vulnerability classified as critical has been found in Google Chrome. Affected is an unknown function of the component Networking Disk Cache. The manipulation as part of a HTML Page leads to a privilege escalation vulnerability. CWE is...
Auteur: VulDB

Linux Kernel up to 4.19.2 Crypto User Configuration API crypto/crypto_user.c crypto_report_one() information disclosure

A vulnerability was found in Linux Kernel up to 4.19.2. It has been rated as problematic. This issue affects the function crypto_report_one() of the file crypto/crypto_user.c of the component Crypto User Configuration API. The manipulation with...
Auteur: VulDB

hitshop up to 2014-07-15 admin.php/user/add privilege escalation

A vulnerability was found in hitshop up to 2014-07-15. It has been declared as critical. This vulnerability affects an unknown function of the file admin.php/user/add. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

YzmCMS 5.2 search.html searinfo cross site scripting

A vulnerability was found in YzmCMS 5.2. It has been classified as problematic. This affects an unknown function of the file admin/content/search.html. The manipulation of the argument searinfo as part of a Parameter leads to a cross site...
Auteur: VulDB

radare2 up to 3.0.x libr/asm/p/asm_x86_nz.c opmov memory corruption

A vulnerability was found in radare2 up to 3.0.x and classified as critical. Affected by this issue is the function opmov of the file libr/asm/p/asm_x86_nz.c. The manipulation with an unknown input leads to a memory corruption vulnerability....
Auteur: VulDB

radare2 up to 3.0.x libr/asm/p/asm_x86_nz.c gettoken memory corruption

A vulnerability has been found in radare2 up to 3.0.x and classified as critical. Affected by this vulnerability is the function gettoken of the file libr/asm/p/asm_x86_nz.c. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Wavpack up to 5.1.0 open_utils.c WavpackVerifySingleBlock memory corruption

A vulnerability, which was classified as critical, was found in Wavpack up to 5.1.0. Affected is the function WavpackVerifySingleBlock of the file open_utils.c. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

Wavpack up to 5.1.0 pack_utils.c WavpackPackInit denial of service

A vulnerability, which was classified as problematic, has been found in Wavpack up to 5.1.0. This issue affects the function WavpackPackInit of the file pack_utils.c. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

LibSass up to 3.5.4 sass_context.cpp handle_error memory corruption

A vulnerability classified as critical was found in LibSass up to 3.5.4. This vulnerability affects the function handle_error of the file sass_context.cpp. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

LibSass up to 3.5.4 ast.cpp clone() denial of service

A vulnerability classified as problematic has been found in LibSass up to 3.5.4. This affects the function clone() of the file ast.cpp. The manipulation with an unknown input leads to a denial of service vulnerability (Memory Consumption). CWE...
Auteur: VulDB

LibSass up to 3.5.4 Parser eval.cpp Binary_Expression*) denial of service

A vulnerability was found in LibSass up to 3.5.4. It has been rated as problematic. Affected by this issue is the function Sass::Eval::operator()(Sass::Binary_Expression*) of the file eval.cpp of the component Parser. The manipulation with an...
Auteur: VulDB

GNU C Library up to 2.28 getaddrinfo() Hostname unknown vulnerability

A vulnerability was found in GNU C Library up to 2.28. It has been declared as critical. The manipulation as part of a Hostname leads to a unknown weakness. The impact remains unknown. The summary by CVE is:In the GNU C Library (aka glibc or...
Auteur: VulDB

FreeBSD up to 11.2 NFS Server READDIRPLUS Request Resource Exhaustion denial of service

A vulnerability was found in FreeBSD up to 11.2. It has been classified as problematic. Affected is an unknown function of the component NFS Server. The manipulation as part of a READDIRPLUS Request leads to a denial of service vulnerability...
Auteur: VulDB

FreeBSD up to 11.2 NFS Server Length Field Integer Overflow memory corruption

A vulnerability was found in FreeBSD up to 11.2 and classified as critical. This issue affects an unknown function of the component NFS Server. The manipulation as part of a Length Field leads to a memory corruption vulnerability (Integer...
Auteur: VulDB

FreeBSD up to 11.2 NFS Server Integer Overflow memory corruption

A vulnerability has been found in FreeBSD up to 11.2 and classified as critical. This vulnerability affects an unknown function of the component NFS Server. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB
First1732173317341735173617371738173917401741Last

Événements SSI