Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Playground Sessions up to 2.5.582 on Windows UserProfiles.sol credentials storage

A vulnerability was found in Playground Sessions up to 2.5.582 on Windows. It has been declared as problematic. Affected by this vulnerability is some unknown processing of the file UserProfiles.sol. There is no information about possible...
Auteur: VulDB

Linux Kernel up to 5.7 8250_core.c serial8250_isa_init_ports null pointer dereference

A vulnerability was found in Linux Kernel up to 5.7 (Operating System). It has been classified as problematic. Affected is the function serial8250_isa_init_ports of the file drivers/tty/serial/8250/8250_core.c. Upgrading to version 5.8 eliminates...
Auteur: VulDB

Linux Kernel up to 5.7 Error Field fs/block_dev.c use after free

A vulnerability was found in Linux Kernel up to 5.7 (Operating System) and classified as problematic. This issue affects an unknown code of the file fs/block_dev.c of the component Error Field Handler. Upgrading to version 5.8 eliminates this...
Auteur: VulDB

October CMS up to 1.0.468 Upload File evil.svg cross site scripting

A vulnerability has been found in October CMS up to 1.0.468 (Content Management System) and classified as problematic. This vulnerability affects an unknown part of the file /storage/app/media/evil.svg of the component Upload File Handler....
Auteur: VulDB

October CMS up to 1.0.469 New User authorization

A vulnerability, which was classified as problematic, was found in October CMS up to 1.0.469 (Content Management System). This affects some unknown functionality of the component New User Handler. Upgrading to version 1.0.470 or 1.1.1 eliminates...
Auteur: VulDB

October CMS up to 1.0.468 Twig Sandbox authorization

A vulnerability, which was classified as critical, has been found in October CMS up to 1.0.468 (Content Management System). Affected by this issue is an unknown functionality of the component Twig Sandbox. Upgrading to version 1.0.469 or 1.1.0...
Auteur: VulDB

October CMS up to 1.0.468 authorization [CVE-2020-15246]

A vulnerability classified as problematic was found in October CMS up to 1.0.468 (Content Management System). Affected by this vulnerability is an unknown function. Upgrading to version 1.0.469 or 1.1.0 eliminates this vulnerability. Applying a...
Auteur: VulDB

Jingyun Antivirus 2.4.2.39 Driver ZySandbox.sys denial of service

A vulnerability classified as problematic has been found in Jingyun Antivirus 2.4.2.39 (Anti-Malware Software). Affected is some unknown processing in the library ZySandbox.sys of the component Driver. There is no information about possible...
Auteur: VulDB

Jingyun Antivirus 2.4.2.39 Driver ZySandbox.sys denial of service

A vulnerability was found in Jingyun Antivirus 2.4.2.39 (Anti-Malware Software). It has been rated as problematic. This issue affects an unknown code block in the library ZySandbox.sys of the component Driver. There is no information about...
Auteur: VulDB

Jingyun Antivirus 2.4.2.39 Driver ZySandbox.sys denial of service

A vulnerability was found in Jingyun Antivirus 2.4.2.39 (Anti-Malware Software). It has been declared as problematic. This vulnerability affects an unknown code in the library ZySandbox.sys of the component Driver. There is no information about...
Auteur: VulDB

Jingyun Antivirus 2.4.2.39 Driver ZySandbox.sys denial of service

A vulnerability was found in Jingyun Antivirus 2.4.2.39 (Anti-Malware Software). It has been classified as problematic. This affects an unknown part in the library ZySandbox.sys of the component Driver. There is no information about possible...
Auteur: VulDB

Jingyun Antivirus 2.4.2.39 Driver hookbody.sys denial of service

A vulnerability was found in Jingyun Antivirus 2.4.2.39 (Anti-Malware Software) and classified as problematic. Affected by this issue is some unknown functionality in the library hookbody.sys of the component Driver. There is no information about...
Auteur: VulDB

MongoDB up to 3.6.19/4.0.19/4.2.8/4.4.0/4.5.0 Query buffer overflow

A vulnerability has been found in MongoDB up to 3.6.19/4.0.19/4.2.8/4.4.0/4.5.0 (Database Software) and classified as critical. Affected by this vulnerability is an unknown functionality of the component Query Handler. Upgrading to version...
Auteur: VulDB

SalesForce Tableau Server SAML unknown vulnerability [CVE-2020-6939]

A vulnerability, which was classified as critical, was found in SalesForce Tableau Server (version unknown). Affected is an unknown function of the component SAML Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

IBM Spectrum Protect Plus up to 10.1.6 hard-coded credentials

A vulnerability, which was classified as critical, has been found in IBM Spectrum Protect Plus up to 10.1.6 (Backup Software). This issue affects some unknown processing.
Auteur: VulDB

IBM Spectrum Protect Plus up to 10.1.6 channel accessible [CVE-2020-4783]

A vulnerability classified as problematic was found in IBM Spectrum Protect Plus up to 10.1.6 (Backup Software). This vulnerability affects an unknown code block.
Auteur: VulDB

IBM Spectrum Protect Operations Center up to 7.1.11/8.1.10 WebSocket Event improper authentication

A vulnerability classified as critical has been found in IBM Spectrum Protect Operations Center up to 7.1.11/8.1.10 (Backup Software). This affects an unknown code of the component WebSocket Event Handler.
Auteur: VulDB

Intel BlueZ information disclosure [CVE-2020-12352]

A vulnerability was found in Intel BlueZ (affected version not known). It has been rated as problematic. Affected by this issue is an unknown part. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Intel BlueZ input validation [CVE-2020-12351]

A vulnerability was found in Intel BlueZ (affected version unknown). It has been declared as critical. Affected by this vulnerability is some unknown functionality. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Intel PROSet/Wireless WiFi on Win10 out-of-bounds write [CVE-2020-0569]

A vulnerability was found in Intel PROSet and Wireless WiFi on Win10 (Wireless LAN Software) (version unknown). It has been classified as problematic. Affected is an unknown functionality. There is no information about possible countermeasures...
Auteur: VulDB

Tianocore EDK II denial of service [CVE-2019-14587]

A vulnerability was found in Tianocore EDK II (unknown version) and classified as problematic. This issue affects an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Tianocore EDK II use after free [CVE-2019-14586]

A vulnerability has been found in Tianocore EDK II (the affected version is unknown) and classified as problematic. This vulnerability affects some unknown processing. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Tianocore EDK II DxeImageVerificationHandler Local Privilege Escalation

A vulnerability, which was classified as problematic, was found in Tianocore EDK II (the affected version unknown). There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Tianocore EDK II Integer Truncation Local Privilege Escalation

A vulnerability, which was classified as problematic, has been found in Tianocore EDK II (affected version not known). Affected by this issue is an unknown code of the component Integer Truncation Handler. There is no information about possible...
Auteur: VulDB

MongoDB up to 3.4.18/3.6.9/4.0.4 recursion [CVE-2018-20803]

A vulnerability classified as problematic was found in MongoDB up to 3.4.18/3.6.9/4.0.4 (Database Software). Affected by this vulnerability is an unknown part. Upgrading to version 3.4.19, 3.6.10 or 4.0.5 eliminates this vulnerability.
Auteur: VulDB
12345678910Last

Événements SSI