Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

xnio up to 3.8.1.Final Garbage Collection resource consumption

A vulnerability was found in xnio up to 3.8.1.Final. It has been declared as problematic. Affected by this vulnerability is some unknown functionality of the component Garbage Collection Handler. There is no information about possible...
Auteur: VulDB

RESTEasy Route Cache resource consumption [CVE-2020-14326]

A vulnerability was found in RESTEasy (version unknown). It has been classified as problematic. Affected is an unknown functionality of the component Route Cache Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Red Hat JBoss Enterprise Application Platform /var/run/jboss-eap/ race condition

A vulnerability was found in Red Hat JBoss Enterprise Application Platform (Application Server Software) (unknown version) and classified as problematic. This issue affects an unknown function of the file /var/run/jboss-eap/. There is no...
Auteur: VulDB

Xdg-utils 1.1.0 on Debian xdg-open open_generic_xdg_mime Remote Privilege Escalation

A vulnerability has been found in Xdg-utils 1.1.0 on Debian and classified as critical. This vulnerability affects the function open_generic_xdg_mime of the component xdg-open. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Red Hat Satellite 6.7.2 improper authentication [CVE-2020-14380]

A vulnerability, which was classified as critical, was found in Red Hat Satellite 6.7.2. This affects an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Red Hat 3scale API Management Platform API Admin Portal permission

A vulnerability, which was classified as critical, has been found in Red Hat 3scale API Management Platform (Automation Software) (affected version not known). Affected by this issue is an unknown code of the component API Admin Portal. There is...
Auteur: VulDB

Red Hat Satellite VM information disclosure [CVE-2020-14371]

A vulnerability classified as problematic was found in Red Hat Satellite (affected version unknown). Affected by this vulnerability is an unknown part of the component VM Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

Red Hat Satellite OMAPI Secret information disclosure [CVE-2020-14335]

A vulnerability classified as problematic has been found in Red Hat Satellite (version unknown). Affected is some unknown functionality of the component OMAPI Secret Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

FFmpeg 4.2 vf_tile.c filter_frame memory leak

A vulnerability was found in FFmpeg 4.2 (Multimedia Processing Software). It has been rated as problematic. This issue affects the function filter_frame of the file vf_tile.c. Applying a patch is able to eliminate this problem. The bugfix is...
Auteur: VulDB

FFmpeg 4.2 wtvdec.c wtvfile_open_sector memory leak

A vulnerability was found in FFmpeg 4.2 (Multimedia Processing Software). It has been declared as problematic. This vulnerability affects the function wtvfile_open_sector of the file wtvdec.c. Applying a patch is able to eliminate this problem....
Auteur: VulDB

FFmpeg 4.2 framepool.c ff_frame_pool_get memory leak

A vulnerability was found in FFmpeg 4.2 (Multimedia Processing Software). It has been classified as problematic. This affects the function ff_frame_pool_get of the file framepool.c. There is no information about possible countermeasures known. It...
Auteur: VulDB

FFmpeg 4.2 libavutil/float_dsp.c avpriv_float_dsp_allocl memory leak

A vulnerability was found in FFmpeg 4.2 (Multimedia Processing Software) and classified as problematic. Affected by this issue is the function avpriv_float_dsp_allocl of the file libavutil/float_dsp.c. There is no information about possible...
Auteur: VulDB

GNU libiberty Symbol rust-demangle.c demangle_path recursion

A vulnerability has been found in GNU libiberty (affected version unknown) and classified as problematic. Affected by this vulnerability is the function demangle_path of the file rust-demangle.c of the component Symbol Handler. There is no...
Auteur: VulDB

Pharmacy Medical Store and Sale Point 1.0 /medical/inventories.php catID sql injection

A vulnerability, which was classified as critical, was found in Pharmacy Medical Store and Sale Point 1.0 (Medical Device Software). Affected is an unknown part of the file /medical/inventories.php. There is no information about possible...
Auteur: VulDB

SourceCodester Online Shopping Alphaware 1.0 /alphaware/details.php id sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Online Shopping Alphaware 1.0. This issue affects some unknown functionality of the file /alphaware/details.php. There is no information about possible...
Auteur: VulDB

Mozilla Firefox up to 7.0 HTTP 0.9 Error cross site scripting

A vulnerability classified as problematic was found in Mozilla Firefox up to 7.0 (Web Browser). This vulnerability affects an unknown functionality of the component HTTP 0.9 Error Handler. Upgrading to version 8.0 eliminates this vulnerability.
Auteur: VulDB

CERTFR-2021-AVI-423 : Vulnérabilité dans Apache (02 juin 2021)

Une vulnérabilité a été découverte dans Apache. Elle permet à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Auteur: Cert FR

CERTFR-2021-AVI-422 : Vulnérabilité dans les produits Cisco (02 juin 2021)

Une vulnérabilité a été découverte dans les produits Cisco. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Auteur: Cert FR

CERTFR-2021-AVI-421 : Multiples vulnérabilités dans les produits Gitlab (02 juin 2021)

De multiples vulnérabilités ont été découvertes dans les produits Gitlab. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à la...
Auteur: Cert FR

CERTFR-2021-AVI-420 : Multiples vulnérabilités dans les produits Mozilla (02 juin 2021)

De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Elles permettent à un attaquant de provoquer une exécution de code arbitraire et une atteinte à la confidentialité des données.

Auteur: Cert FR

CERTFR-2021-AVI-419 : Multiples vulnérabilités dans les produits Fortinet (02 juin 2021)

De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la...
Auteur: Cert FR

NextCloud Mail up to 1.4.2/1.8.1 Mail Metadata permission

A vulnerability classified as critical has been found in NextCloud Mail up to 1.4.2/1.8.1 (Cloud Software). This affects an unknown function of the component Mail Metadata Handler. Upgrading to version 1.4.3 or 1.8.2 eliminates this vulnerability.
Auteur: VulDB

Chiyu SEMAC/Biosense/BF-630/BF-631/Webpass if.cgi username cross site scripting

A vulnerability was found in Chiyu SEMAC, Biosense, BF-630, BF-631 and Webpass. It has been rated as problematic. Affected by this issue is some unknown processing of the file if.cgi. Upgrading eliminates this vulnerability. The upgrade is hosted...
Auteur: VulDB

Chiyu BF-630 404 Error Message cross site scripting [CVE-2021-31641]

A vulnerability was found in Chiyu BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, BF-MINI-W and SEMAC. It has been declared as problematic. Affected by this vulnerability is an unknown code block of the component 404 Error Message...
Auteur: VulDB

CMS Made Simple 2.2.14 Setting News Module cross site scripting

A vulnerability was found in CMS Made Simple 2.2.14 (Content Management System). It has been classified as problematic. Affected is an unknown code of the component Setting News Module. There is no information about possible countermeasures...
Auteur: VulDB
First17181920212223242526Last

Événements SSI