Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

CERTFR-2020-AVI-657 : Multiples vulnérabilités dans Xen (20 octobre 2020)

De multiples vulnérabilités ont été découvertes dans Xen. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.

Auteur: Cert FR

CERTFR-2020-AVI-655 : Multiples vulnérabilités dans le noyau Linux de Red Hat (20 octobre 2020)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance, une atteinte à la confidentialité des données...
Auteur: Cert FR

CERTFR-2020-AVI-656 : Multiples vulnérabilités dans Nagios XI (20 octobre 2020)

De multiples vulnérabilités ont été découvertes dans Nagios XI . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à l'intégrité des données et une atteinte à la...
Auteur: Cert FR

CERTFR-2020-AVI-654 : Multiples vulnérabilités dans le noyau Linux de Debian (20 octobre 2020)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des...
Auteur: Cert FR

Huawei Mate 30 prior 10.1.0.150/10.1.0.160 use after free [CVE-2020-9263]

A vulnerability classified as critical was found in Huawei Mate 30 (Smartphone Operating System). This vulnerability affects an unknown part. Upgrading to version 10.1.0.150 or 10.1.0.160 eliminates this vulnerability.
Auteur: VulDB

Huawei Mate 20 prior 10.0.0.188 Bluetooth Module buffer overflow

A vulnerability classified as critical has been found in Huawei Mate 20 (Smartphone Operating System). This affects some unknown functionality of the component Bluetooth Module. Upgrading to version 10.0.0.188 eliminates this vulnerability.
Auteur: VulDB

Huawei Taurus-AN00B prior 10.1.0.156 information disclosure [CVE-2020-9112]

A vulnerability was found in Huawei Taurus-AN00B. It has been rated as problematic. Affected by this issue is an unknown functionality. Upgrading to version 10.1.0.156 eliminates this vulnerability.
Auteur: VulDB

Huawei E6878-370/E6878-870 10.0.3.1 Event denial of service

A vulnerability was found in Huawei E6878-370 and E6878-870 10.0.3.1. It has been declared as problematic. Affected by this vulnerability is an unknown function of the component Event Handler. There is no information about possible...
Auteur: VulDB

Huawei Mate 20 prior 10.1.0.163 cross site scripting [CVE-2020-9092]

A vulnerability was found in Huawei Mate 20 (Smartphone Operating System). It has been classified as problematic. Affected is some unknown processing. Upgrading to version 10.1.0.163 eliminates this vulnerability.
Auteur: VulDB

CERTFR-2020-AVI-653 : Multiples vulnérabilités dans le noyau Linux d’Ubuntu (20 octobre 2020)

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant physiquement proche de provoquer une exécution de code arbitraire, un déni de service et une atteinte à la confidentialité des données.
Auteur: Cert FR

HPE Intelligent Management Center up to 7.2 iccselectrules injection

A vulnerability was found in HPE Intelligent Management Center up to 7.2 (Log Management Software) and classified as critical. This issue affects the function iccselectrules. Upgrading to version 7.3 eliminates this vulnerability.
Auteur: VulDB

HPE Intelligent Management Center up to 7.2 perfaddormoddevicemonitor injection

A vulnerability has been found in HPE Intelligent Management Center up to 7.2 (Log Management Software) and classified as critical. This vulnerability affects the function perfaddormoddevicemonitor. Upgrading to version 7.3 eliminates this...
Auteur: VulDB

HPE Intelligent Management Center up to 7.2 ictexpertcsvdownload injection

A vulnerability, which was classified as critical, was found in HPE Intelligent Management Center up to 7.2 (Log Management Software). This affects the function ictexpertcsvdownload. Upgrading to version 7.3 eliminates this vulnerability.
Auteur: VulDB

HPE Intelligent Management Center up to 7.2 devicethresholdconfig injection

A vulnerability, which was classified as critical, has been found in HPE Intelligent Management Center up to 7.2 (Log Management Software). Affected by this issue is the function devicethresholdconfig. Upgrading to version 7.3 eliminates this...
Auteur: VulDB

HPE Intelligent Management Center up to 7.2 devsoftsel injection

A vulnerability classified as critical was found in HPE Intelligent Management Center up to 7.2 (Log Management Software). Affected by this vulnerability is the function devsoftsel. Upgrading to version 7.3 eliminates this vulnerability.
Auteur: VulDB

HPE Intelligent Management Center up to 7.2 deviceselect injection

A vulnerability classified as critical has been found in HPE Intelligent Management Center up to 7.2 (Log Management Software). Affected is the function deviceselect. Upgrading to version 7.3 eliminates this vulnerability.
Auteur: VulDB

HPE Intelligent Management Center up to 7.2 faultflasheventselectfact injection

A vulnerability was found in HPE Intelligent Management Center up to 7.2 (Log Management Software). It has been rated as critical. This issue affects the function faultflasheventselectfact. Upgrading to version 7.3 eliminates this vulnerability.
Auteur: VulDB

HPE Intelligent Management Center up to 7.2 userselectpagingcontent injection

A vulnerability was found in HPE Intelligent Management Center up to 7.2 (Log Management Software). It has been declared as critical. This vulnerability affects the function userselectpagingcontent. Upgrading to version 7.3 eliminates this...
Auteur: VulDB

HPE Intelligent Management Center up to 7.2 reportpage injection

A vulnerability was found in HPE Intelligent Management Center up to 7.2 (Log Management Software). It has been classified as critical. This affects the function reportpage. Upgrading to version 7.3 eliminates this vulnerability.
Auteur: VulDB

HPE Intelligent Management Center up to 7.2 powershellconfigcontent injection

A vulnerability was found in HPE Intelligent Management Center up to 7.2 (Log Management Software) and classified as critical. Affected by this issue is the function powershellconfigcontent. Upgrading to version 7.3 eliminates this vulnerability.
Auteur: VulDB

HPE Intelligent Management Center up to 7.2 tvxlanlegend injection

A vulnerability has been found in HPE Intelligent Management Center up to 7.2 (Log Management Software) and classified as critical. Affected by this vulnerability is the function tvxlanlegend. Upgrading to version 7.3 eliminates this...
Auteur: VulDB

HPE Intelligent Management Center up to 7.2 viewbatchtaskresultdetailfact injection

A vulnerability, which was classified as critical, was found in HPE Intelligent Management Center up to 7.2 (Log Management Software). Affected is the function viewbatchtaskresultdetailfact. Upgrading to version 7.3 eliminates this vulnerability.
Auteur: VulDB

HPE Intelligent Management Center up to 7.3 forwardredirect injection

A vulnerability, which was classified as critical, has been found in HPE Intelligent Management Center up to 7.3 (Log Management Software). This issue affects the function forwardredirect. Upgrading to version 7.3 eliminates this vulnerability.
Auteur: VulDB

HPE Intelligent Management Center up to 7.2 sshconfig injection

A vulnerability classified as critical was found in HPE Intelligent Management Center up to 7.2 (Log Management Software). This vulnerability affects the function sshconfig. Upgrading to version 7.3 eliminates this vulnerability.
Auteur: VulDB

HPE Intelligent Management Center up to 7.2 smsrulesdownload injection

A vulnerability classified as critical has been found in HPE Intelligent Management Center up to 7.2 (Log Management Software). This affects the function smsrulesdownload. Upgrading to version 7.3 eliminates this vulnerability.
Auteur: VulDB
12345678910Last

Événements SSI