Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Tianocore EDK II LzmaUefiDecompressGetInfo heap-based overflow

A vulnerability was found in Tianocore EDK II (the affected version is unknown). It has been declared as critical. This vulnerability affects the function LzmaUefiDecompressGetInfo. There is no information about possible countermeasures known. It...
Auteur: VulDB

Nextcloud App up to 3.15.x on Android Lookup Server information disclosure

A vulnerability was found in Nextcloud App up to 3.15.x on Android (Android App Software). It has been classified as problematic. This affects some unknown processing of the component Lookup Server Handler. Upgrading to version 3.16.0 eliminates...
Auteur: VulDB

Apport prior 2.20.11-0ubuntu67 on Ubuntu apport/hookutils.py read_file symlink

A vulnerability was found in Apport on Ubuntu and classified as critical. Affected by this issue is the function read_file of the file apport/hookutils.py. Upgrading to version 2.20.11-0ubuntu67 eliminates this vulnerability. The upgrade is...
Auteur: VulDB

Apport prior 2.20.11-0ubuntu67 on Ubuntu apport/hookutils.py read_file symlink

A vulnerability has been found in Apport on Ubuntu and classified as critical. Affected by this vulnerability is the function read_file of the file apport/hookutils.py. Upgrading to version 2.20.11-0ubuntu67 eliminates this vulnerability. The...
Auteur: VulDB

Apport prior 2.20.11-0ubuntu67 on Ubuntu apport/hookutils.py read_file symlink

A vulnerability, which was classified as critical, was found in Apport on Ubuntu. Affected is the function read_file of the file apport/hookutils.py. Upgrading to version 2.20.11-0ubuntu67 eliminates this vulnerability. The upgrade is hosted for...
Auteur: VulDB

Apport prior 2.20.11-0ubuntu67 on Ubuntu apport/hookutils.py read_file symlink

A vulnerability, which was classified as critical, has been found in Apport on Ubuntu. This issue affects the function read_file of the file apport/hookutils.py. Upgrading to version 2.20.11-0ubuntu67 eliminates this vulnerability. The upgrade is...
Auteur: VulDB

Apport prior 2.20.11-0ubuntu67 on Ubuntu apport/hookutils.py read_file symlink

A vulnerability classified as critical was found in Apport on Ubuntu. This vulnerability affects the function read_file of the file apport/hookutils.py. Upgrading to version 2.20.11-0ubuntu67 eliminates this vulnerability. The upgrade is hosted...
Auteur: VulDB

Apport prior 2.20.11-0ubuntu67 apport/hookutils.py read_file symlink

A vulnerability classified as critical has been found in Apport. This affects the function read_file of the file apport/hookutils.py. Upgrading to version 2.20.11-0ubuntu67 eliminates this vulnerability. The upgrade is hosted for download at...
Auteur: VulDB

Apport prior 2.20.11-0ubuntu67 on Ubuntu apport/hookutils.py read_file symlink

A vulnerability was found in Apport on Ubuntu. It has been rated as critical. Affected by this issue is the function read_file of the file apport/hookutils.py. Upgrading to version 2.20.11-0ubuntu67 eliminates this vulnerability. The upgrade is...
Auteur: VulDB

Apport prior 2.20.11-0ubuntu67 on Ubuntu apport/hookutils.py read_file symlink

A vulnerability was found in Apport on Ubuntu. It has been declared as critical. Affected by this vulnerability is the function read_file of the file apport/hookutils.py. Upgrading to version 2.20.11-0ubuntu67 eliminates this vulnerability. The...
Auteur: VulDB

Apport prior 2.20.11-0ubuntu67 on Ubuntu apport/hookutils.py read_file symlink

A vulnerability was found in Apport on Ubuntu. It has been classified as critical. Affected is the function read_file of the file apport/hookutils.py. Upgrading to version 2.20.11-0ubuntu67 eliminates this vulnerability. The upgrade is hosted for...
Auteur: VulDB

Restund exposure of resource [CVE-2021-21382]

A vulnerability was found in Restund (unknown version) and classified as problematic. This issue affects an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Thycotic Password Reset Server up to 5.2.x information disclosure

A vulnerability has been found in Thycotic Password Reset Server up to 5.2.x and classified as problematic. This vulnerability affects some unknown functionality. Upgrading to version 5.3.0 eliminates this vulnerability. The upgrade is hosted for...
Auteur: VulDB

Apport prior 2.20.11-0ubuntu67 on Ubuntu data/whoopsie-upload-all process_report link following

A vulnerability, which was classified as critical, was found in Apport on Ubuntu. This affects the function process_report of the file data/whoopsie-upload-all. Upgrading to version 2.20.11-0ubuntu67 eliminates this vulnerability.
Auteur: VulDB

Apport prior 2.20.11-0ubuntu67 on Ubuntu packaging-apt-dpkg.py get_modified_conffiles os command injection

A vulnerability, which was classified as critical, has been found in Apport on Ubuntu. Affected by this issue is the function get_modified_conffiles of the file backends/packaging-apt-dpkg.py. Upgrading to version 2.20.11-0ubuntu67 eliminates...
Auteur: VulDB

KuaiFanCMS 5.x chakanhtml.module.php html_url path traversal

A vulnerability classified as problematic was found in KuaiFanCMS 5.x. Affected by this vulnerability is some unknown processing of the file chakanhtml.module.php. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

cURL 7.61.0/7.76.1 Schannel TLS Library information disclosure

A vulnerability classified as problematic has been found in cURL 7.61.0/7.76.1 (Network Utility Software). Affected is an unknown code block of the component Schannel TLS Library. Applying a patch is able to eliminate this problem. The bugfix is...
Auteur: VulDB

Nextcloud Mail up to 1.9.4 Alias authorization

A vulnerability was found in Nextcloud Mail up to 1.9.4 (Cloud Software). It has been rated as critical. This issue affects an unknown code of the component Alias Handler. Upgrading to version 1.9.5 eliminates this vulnerability. The upgrade is...
Auteur: VulDB

Nextcloud Desktop Client up to 3.3.0 certificate validation [CVE-2021-22895]

A vulnerability was found in Nextcloud Desktop Client up to 3.3.0 (Cloud Software). It has been declared as problematic. This vulnerability affects an unknown part. Upgrading to version 3.3.1 eliminates this vulnerability. The upgrade is hosted...
Auteur: VulDB

Schneider Electric PowerLogic EGX300 Modbus TCP Protocol improper authentication

A vulnerability was found in Schneider Electric PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (SCADA Software) (the affected version unknown). It has been classified as critical. This affects some unknown...
Auteur: VulDB

Schneider Electric PowerLogic EGX300 password recovery [CVE-2021-22763]

A vulnerability was found in Schneider Electric PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (SCADA Software) (affected version not known) and classified as critical. Affected by this issue is an unknown...
Auteur: VulDB

Schneider Electric Modicon X80 BMXNOR0200H RTU up to SV1.70 IR22 Web Server information disclosure

A vulnerability has been found in Schneider Electric Modicon X80 BMXNOR0200H RTU up to SV1.70 IR22 (SCADA Software) and classified as problematic. Affected by this vulnerability is an unknown function of the component Web Server. Applying a patch...
Auteur: VulDB

AccuSoft ImageGear 19.9 TIF IP_planar_raster_unpack out-of-bounds write

A vulnerability, which was classified as critical, was found in AccuSoft ImageGear 19.9. Affected is the function IP_planar_raster_unpack of the component TIF Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

AccuSoft ImageGear 19.9 JPG Handle_JPEG420 out-of-bounds write

A vulnerability, which was classified as critical, has been found in AccuSoft ImageGear 19.9. This issue affects the function Handle_JPEG420 of the component JPG Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

AccuSoft ImageGear 19.9 PNG png_palette_process memory corruption

A vulnerability classified as critical was found in AccuSoft ImageGear 19.9. This vulnerability affects the function png_palette_process of the component PNG Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB
12345678910Last

Événements SSI