vendredi 10 juillet 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Qualcomm Snapdragon Auto up to SXR1130 memory corruption [CVE-2019-10552]

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables and...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR1130 UE Message memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wearables (Chip Software). It has been declared as critical. This vulnerability...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SM8150 CSEQ Header NULL Pointer Dereference denial of service

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wearables (Chip Software). It has been classified as problematic. This affects some...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130 WLAN memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wired...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR1130 WLAN Driver Null Character Out-of-Bounds memory corruption

A vulnerability has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Voice & Music (Chip Software) and...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDX20 WLAN Double-Free memory corruption

A vulnerability, which was classified as critical, was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Voice...
Auteur: VulDB

Coronavirus (Covid-19) : les rappels de la CNIL sur la collecte de données personnelles

Dans le contexte de crise sanitaire liée au coronavirus, particuliers et professionnels s’interrogent sur les mesures à mettre en œuvre aux fins de limiter la propagation du virus, et sur les conditions dans lesquelles les données personnelles,...
Auteur: Cnil

NCSC Releases Advisory on Securing Internet-Connected Cameras

Original release date: March 5, 2020The United Kingdom (UK) National Cyber Security Centre (NCSC) has released an advisory on securing internet-connected cameras such as smart security cameras and baby monitors. An attacker could gain access to...
Auteur: US Cert

Cisco Releases Security Updates

Original release date: March 5, 2020Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates...
Auteur: US Cert

Point-to-Point Protocol Daemon Vulnerability

Original release date: March 5, 2020The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting Point-to-Point Protocol Daemon versions 2.4.2 through 2.4.8. A remote attacker can exploit this vulnerability to take...
Auteur: US Cert

CERTFR-2020-AVI-128 : Multiples vulnérabilités dans les produits Cisco (05 mars 2020)

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à l'intégrité des données et une atteinte à la...
Auteur: Cert FR

CERTFR-2020-AVI-127 : Multiples vulnérabilités dans Google Chrome (05 mars 2020)

De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Auteur: Cert FR

CERTFR-2020-AVI-126 : Multiples vulnérabilités dans Google Chrome OS (05 mars 2020)

De multiples vulnérabilités ont été découvertes dans Google Chrome OS. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Auteur: Cert FR

UNCTAD ASYCUDA World up to 2020 Java RMI Server Remote Code Execution

A vulnerability, which was classified as critical, has been found in UNCTAD ASYCUDA World up to 2020. This issue affects some unknown functionality of the component Java RMI Server. There is no information about possible countermeasures known. It...
Auteur: VulDB

Craft CMS up to 3.2.45 Seomatic Injection privilege escalation

A vulnerability classified as problematic was found in Craft CMS up to 3.2.45 (Content Management System). This vulnerability affects an unknown functionality of the component Seomatic. Upgrading to version 3.2.46 eliminates this vulnerability.
Auteur: VulDB

Rubetek SmartHome 2020 Beacon Sniffing weak encryption

A vulnerability classified as critical has been found in Rubetek SmartHome 2020. This affects an unknown function of the component Beacon Handler. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Humax HGA12R-02 BRGCAA 1.1.53 Web-based Interface weak authentication

A vulnerability was found in Humax HGA12R-02 BRGCAA 1.1.53. It has been rated as critical. Affected by this issue is some unknown processing of the component Web-based Interface. There is no information about possible countermeasures known. It...
Auteur: VulDB

Arris TG1692A Login Page /login information disclosure

A vulnerability was found in Arris TG1692A (affected version unknown). It has been declared as problematic. Affected by this vulnerability is an unknown code block of the file /login of the component Login Page. There is no information about...
Auteur: VulDB

Appointment Booking Calendar Plugin up to 1.3.34 on WordPress admin.php privilege escalation

A vulnerability was found in Appointment Booking Calendar Plugin up to 1.3.34 on WordPress. It has been classified as critical. Affected is an unknown code of the file /wp-admin/admin.php?page=cpabc_appointments.php. Upgrading to version 1.3.35...
Auteur: VulDB

Appointment Booking Calendar Plugin up to 1.3.34 on WordPress cpabc_appointments.php cross site scripting

A vulnerability was found in Appointment Booking Calendar Plugin up to 1.3.34 on WordPress and classified as problematic. This issue affects an unknown part of the file cpabc_appointments.php. Upgrading to version 1.3.35 eliminates this...
Auteur: VulDB

Creative Contact Form Extension up to 4.6.1 on Joomla helpers/mailer.php creativecontactform_upload information disclosure

A vulnerability has been found in Creative Contact Form Extension up to 4.6.1 on Joomla and classified as problematic. This vulnerability affects some unknown functionality of the file helpers/mailer.php. Upgrading to version 4.6.2 eliminates...
Auteur: VulDB

ZyXEL NAS up to 5.20 weblogin.cgi username command injection

A vulnerability, which was classified as critical, was found in ZyXEL NAS up to 5.20. This affects an unknown functionality of the file weblogin.cgi. Upgrading to version 5.21 eliminates this vulnerability.
Auteur: VulDB

CNCF Envoy up to 1.13.0 Access Control privilege escalation

A vulnerability, which was classified as critical, has been found in CNCF Envoy up to 1.13.0. Affected by this issue is an unknown function of the component Access Control. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

CNCF Envoy up to 1.13.0 Pipeline Request Memory Exhaustion denial of service

A vulnerability classified as problematic was found in CNCF Envoy up to 1.13.0. Affected by this vulnerability is some unknown processing of the component Pipeline Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

CNCF Envoy up to 1.13.0 TLS Inspector privilege escalation

A vulnerability classified as critical has been found in CNCF Envoy up to 1.13.0. Affected is an unknown code block of the component TLS Inspector. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB
First278279280281282283284285286287Last

Événements SSI