Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Google Chrome prior 89.0.4389.72 TabStrip/Navigation Remote Code Execution

A vulnerability, which was classified as critical, has been found in Google Chrome (Web Browser). This issue affects some unknown functionality of the component TabStrip/Navigation. Upgrading to version 89.0.4389.72 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 89.0.4389.72 Loader Remote Code Execution

A vulnerability classified as critical was found in Google Chrome (Web Browser). This vulnerability affects an unknown functionality of the component Loader. Upgrading to version 89.0.4389.72 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 89.0.4389.72 V8 out-of-bounds read

A vulnerability classified as critical has been found in Google Chrome (Web Browser). This affects an unknown function of the component V8. Upgrading to version 89.0.4389.72 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 89.0.4389.72 AppCache Remote Code Execution

A vulnerability was found in Google Chrome (Web Browser). It has been rated as critical. Affected by this issue is some unknown processing of the component AppCache. Upgrading to version 89.0.4389.72 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 89.0.4389.72 Bookmarks use after free

A vulnerability was found in Google Chrome (Web Browser). It has been declared as critical. Affected by this vulnerability is an unknown code block of the component Bookmarks. Upgrading to version 89.0.4389.72 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 89.0.4389.72 Audio Remote Code Execution

A vulnerability was found in Google Chrome (Web Browser). It has been classified as critical. Affected is an unknown code of the component Audio. Upgrading to version 89.0.4389.72 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 89.0.4389.72 Audio Remote Code Execution

A vulnerability was found in Google Chrome (Web Browser) and classified as critical. This issue affects an unknown part of the component Audio. Upgrading to version 89.0.4389.72 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 89.0.4389.72 on iOS Remote Code Execution

A vulnerability has been found in Google Chrome on iOS (Web Browser) and classified as critical. Upgrading to version 89.0.4389.72 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 89.0.4389.72 Reader Mode Remote Code Execution

A vulnerability, which was classified as critical, was found in Google Chrome (Web Browser). This affects an unknown functionality of the component Reader Mode. Upgrading to version 89.0.4389.72 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 89.0.4389.72 WebRTC use after free

A vulnerability, which was classified as critical, has been found in Google Chrome (Web Browser). Affected by this issue is an unknown function of the component WebRTC. Upgrading to version 89.0.4389.72 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 89.0.4389.72 TabStrip heap-based overflow

A vulnerability classified as critical was found in Google Chrome (Web Browser). Affected by this vulnerability is some unknown processing of the component TabStrip. Upgrading to version 89.0.4389.72 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 89.0.4389.72 WebAudio heap-based overflow

A vulnerability classified as critical has been found in Google Chrome (Web Browser). Affected is an unknown code block of the component WebAudio. Upgrading to version 89.0.4389.72 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 89.0.4389.72 TabStrip heap-based overflow

A vulnerability was found in Google Chrome (Web Browser). It has been rated as critical. This issue affects an unknown code of the component TabStrip. Upgrading to version 89.0.4389.72 eliminates this vulnerability.
Auteur: VulDB

Xerox AltaLink C8070 prior 101.00x.099.28200 Clone Install unknown vulnerability

A vulnerability was found in Xerox AltaLink B8045, AltaLink B8055, AltaLink B8065, AltaLink B8075, AltaLink B8090, AltaLink C8030, AltaLink C8035, AltaLink C8045, AltaLink C8055 and AltaLink C8070. It has been declared as problematic. This...
Auteur: VulDB

Xerox AltaLink C8070 prior 101.00x.099.28200 cleartext transmission

A vulnerability was found in Xerox AltaLink B8045, AltaLink B8055, AltaLink B8065, AltaLink B8075, AltaLink B8090, AltaLink C8030, AltaLink C8035, AltaLink C8045, AltaLink C8055 and AltaLink C8070. It has been classified as problematic. This...
Auteur: VulDB

CERTFR-2021-AVI-166 : Vulnérabilité dans Cisco UTD Snort IPS Engine (04 mars 2021)

Une vulnérabilité a été découverte dans Cisco UTD Snort IPS Engine pour IOS XE et ISO XE SD-WAN. Elle permet à un attaquant de provoquer un déni de service.

Auteur: Cert FR

CERTFR-2021-AVI-165 : Multiples vulnérabilités dans Fortinet FortiProxy (04 mars 2021)

De multiples vulnérabilités ont été découvertes dans Fortinet FortiProxy. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un contournement de la politique de sécurité et une atteinte à la...
Auteur: Cert FR

CERTFR-2021-AVI-164 : Multiples vulnérabilités dans Apache Tomcat (04 mars 2021)

De multiples vulnérabilités ont été découvertes dans Apache Tomcat. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et une atteinte à la confidentialité des données.

Auteur: Cert FR

openark Orchestrator up to 3.2.3 orchestrator.js orchestrator-msg cross site scripting

A vulnerability was found in openark Orchestrator up to 3.2.3 and classified as problematic. Affected by this issue is an unknown functionality of the file resources/public/js/orchestrator.js. Upgrading to version 3.2.4 eliminates this...
Auteur: VulDB

AdGuard prior 0.105.2 inadequate encryption [CVE-2021-27935]

A vulnerability has been found in AdGuard and classified as problematic. Affected by this vulnerability is an unknown function. Upgrading to version 0.105.2 eliminates this vulnerability.
Auteur: VulDB

LumisXP up to 9.x API PageControllerXml.jsp xml external entity reference

A vulnerability, which was classified as problematic, was found in LumisXP up to 9.x. Affected is some unknown processing of the file PageControllerXml.jsp of the component API. Upgrading to version 10.0.0 eliminates this vulnerability.
Auteur: VulDB

Zabbix up to 4.0.27/5.0.7/5.2.3/5.3.x CControllerAuthenticationUpdate cross-site request forgery

A vulnerability, which was classified as problematic, has been found in Zabbix up to 4.0.27/5.0.7/5.2.3/5.3.x (Network Management Software). This issue affects the function CControllerAuthenticationUpdate. Upgrading to version 4.0.28rc1,...
Auteur: VulDB

BigProf Online Invoicing System up to 4.3 csv injection [CVE-2021-27839]

A vulnerability classified as critical was found in BigProf Online Invoicing System up to 4.3. This vulnerability affects an unknown code. Upgrading to version 4.4 eliminates this vulnerability. The upgrade is hosted for download at github.com.
Auteur: VulDB

CERTFR-2021-AVI-163 : Vulnérabilité dans VMware View Planner (04 mars 2021)

Une vulnérabilité a été découverte dans VMware View Planner. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Auteur: Cert FR

genugate up to 9.0 Z p18/9.6 p6/10.1 p3 Web Interface improper authentication

A vulnerability classified as critical has been found in genugate up to 9.0 Z p18/9.6 p6/10.1 p3. This affects an unknown part of the component Web Interface. Upgrading to version 9.0 Z p19, 9.6 p7 or 10.1 p4 eliminates this vulnerability.
Auteur: VulDB
12345678910Last

Événements SSI