Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Droit au déréférencement : le Conseil d’État tire les conséquences des arrêts de la Cour de justice de l’Union européenne

Dans sa décision du 27 mars 2020, le Conseil d’État a précisé la portée géographique du droit au déréférencement. La CNIL prend acte de cette décision qui tire les conséquences automatiques de l’arrêt de la Cour de justice de l’Union européenne...
Auteur: Cnil

Dart up to 2.7.1/2.8.0-dev.16.0 cross site scripting [CVE-2020-8923]

A vulnerability classified as problematic has been found in Dart up to 2.7.1/2.8.0-dev.16.0. Affected is an unknown functionality. Upgrading to version 2.7.2 or 2.8.0-dev.17.0 eliminates this vulnerability.
Auteur: VulDB

Google Closure Library up to 20200224 URL Parser information disclosure

A vulnerability was found in Google Closure Library up to 20200224. It has been rated as problematic. This issue affects an unknown function of the component URL Parser. Upgrading to version 20200315 eliminates this vulnerability.
Auteur: VulDB

McAfee Application and Change Control up to 8.2 DLL privilege escalation

A vulnerability was found in McAfee Application and Change Control up to 8.2. It has been declared as critical. This vulnerability affects some unknown processing of the component DLL Handler. Upgrading to version 8.3 eliminates this...
Auteur: VulDB

Moxa EDS-G516E up to 5.2 Setting Pages Parameter memory corruption

A vulnerability was found in Moxa EDS-G516E up to 5.2. It has been classified as critical. This affects an unknown code block of the component Setting Pages. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Dell RSA Authentication Manager up to 8.4 P9 Security Console Stored cross site scripting

A vulnerability was found in Dell RSA Authentication Manager up to 8.4 P9 and classified as problematic. Affected by this issue is an unknown code of the component Security Console. Applying the patch 8.4 P10 is able to eliminate this problem.
Auteur: VulDB

Dell RSA Authentication Manager up to 8.4 P9 Security Console Stored cross site scripting

A vulnerability has been found in Dell RSA Authentication Manager up to 8.4 P9 and classified as problematic. Affected by this vulnerability is an unknown part of the component Security Console. Applying the patch 9.4 P10 is able to eliminate...
Auteur: VulDB

SonicWALL SMA1000 up to 12.1.0-06411 HTTP Extraweb Server Crash denial of service

A vulnerability, which was classified as problematic, was found in SonicWALL SMA1000 up to 12.1.0-06411. Affected is some unknown functionality of the component HTTP Extraweb Server. There is no information about possible countermeasures known....
Auteur: VulDB

Kiali up to 1.15.0 Default Key weak encryption

A vulnerability, which was classified as critical, has been found in Kiali up to 1.15.0. This issue affects an unknown functionality. Upgrading to version 1.15.1 eliminates this vulnerability.
Auteur: VulDB

FasterXML jackson-databind up to 2.9.10.3 Gadget privilege escalation

A vulnerability classified as critical was found in FasterXML jackson-databind up to 2.9.10.3. This vulnerability affects an unknown function of the component Gadget Handler. Upgrading to version 2.9.10.4 eliminates this vulnerability.
Auteur: VulDB

FasterXML jackson-databind up to 2.9.10.3 Gadget unknown vulnerability

A vulnerability classified as problematic has been found in FasterXML jackson-databind up to 2.9.10.3. This affects some unknown processing of the component Gadget Handler. Upgrading to version 2.9.10.4 eliminates this vulnerability.
Auteur: VulDB

python-apt up to vor 1.9.5 Hash apt/package.py privilege escalation

A vulnerability was found in python-apt. It has been rated as critical. Affected by this issue is an unknown code block of the file apt/package.py of the component Hash Handler. Upgrading to version 1.9.5, 1.9.0ubuntu1.2, 1.6.5ubuntu0.1,...
Auteur: VulDB

python-apt MD5 apt/package.py weak authentication

A vulnerability was found in python-apt. It has been declared as critical. Affected by this vulnerability is an unknown code of the file apt/package.py of the component MD5 Handler. Upgrading to version 1.9.0ubuntu1.2, 1.6.5ubuntu0.1,...
Auteur: VulDB

CERTFR-2020-AVI-172 : Vulnérabilité dans IBM WebSphere Application Server (26 mars 2020)

Une vulnérabilité a été découverte dans IBM WebSphere Application Server. Elle permet à un attaquant de provoquer une élévation de privilèges.

Auteur: Cert FR

CERTFR-2020-AVI-171 : Multiples vulnérabilités dans Apple iCloud pour Windows (26 mars 2020)

De multiples vulnérabilités ont été découvertes dans Apple iCloud pour Windows. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une injection de code...
Auteur: Cert FR

CODESYS V3 up to 3.5.15.39 Web Server memory corruption

A vulnerability was found in CODESYS V3 up to 3.5.15.39. It has been classified as critical. Affected is an unknown part of the component Web Server. Upgrading to version 3.5.15.40 eliminates this vulnerability.
Auteur: VulDB

Adobe Bridge 10.0 Heap-based memory corruption

A vulnerability was found in Adobe Bridge 10.0 and classified as critical. This issue affects some unknown functionality. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Adobe Bridge 10.0 Out-of-Bounds memory corruption

A vulnerability has been found in Adobe Bridge 10.0 and classified as critical. This vulnerability affects an unknown functionality. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Micro Focus Vibe up to 4.0.6 Stored cross site scripting

A vulnerability, which was classified as problematic, was found in Micro Focus Vibe up to 4.0.6. This affects an unknown function. Upgrading to version 4.0.7 eliminates this vulnerability.
Auteur: VulDB

TP-LINK Archer C5 prior V3 Build 200318 Rel. 62209 Referer denial of service

A vulnerability, which was classified as problematic, has been found in TP-LINK Archer C5. Affected by this issue is some unknown processing. Upgrading to version V3 Build 200318 Rel. 62209 eliminates this vulnerability.
Auteur: VulDB

Mozilla Firefox up to 73.x memory corruption [CVE-2020-6815]

A vulnerability classified as critical was found in Mozilla Firefox up to 73.x (Web Browser). Affected by this vulnerability is an unknown code block. Upgrading to version 74.0 eliminates this vulnerability.
Auteur: VulDB

Mozilla Firefox/Firefox ESR/Thunderbird memory corruption [CVE-2020-6814]

A vulnerability classified as critical has been found in Mozilla Firefox, Firefox ESR and Thunderbird (version unknown). Affected is an unknown code. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Mozilla Firefox up to 73.x CSS Block Injection privilege escalation

A vulnerability was found in Mozilla Firefox up to 73.x. It has been rated as critical. This issue affects an unknown part of the component CSS Block Handler. Upgrading to version 74.0 eliminates this vulnerability.
Auteur: VulDB

Mozilla Firefox/Firefox ESR/Thunderbird AirPod information disclosure

A vulnerability was found in Mozilla Firefox, Firefox ESR and Thunderbird (Web Browser) (the affected version is unknown). It has been declared as problematic. This vulnerability affects some unknown functionality of the component AirPod Handler....
Auteur: VulDB

Mozilla Firefox/Firefox ESR/Thunderbird Devtools HTTP Method command injection

A vulnerability was found in Mozilla Firefox, Firefox ESR and Thunderbird (Web Browser) (the affected version unknown). It has been classified as critical. This affects an unknown functionality of the component Devtools. There is no information...
Auteur: VulDB
First265266267268269270271272273274Last

Événements SSI