Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Autodesk FBX Review FBX File denial of service [CVE-2021-27029]

A vulnerability, which was classified as problematic, was found in Autodesk FBX Review (Feedback Software) (the affected version unknown). This affects an unknown code block of the component FBX File Handler. There is no information about...
Auteur: VulDB

Autodesk FBX Review up to 1.4.0 DLL File memory corruption

A vulnerability, which was classified as critical, has been found in Autodesk FBX Review up to 1.4.0 (Feedback Software). Affected by this issue is an unknown code of the component DLL File Handler. There is no information about possible...
Auteur: VulDB

Autodesk FBX Review up to 1.4.0 DLL File out-of-bounds write

A vulnerability classified as critical was found in Autodesk FBX Review up to 1.4.0 (Feedback Software). Affected by this vulnerability is an unknown part of the component DLL File Handler. There is no information about possible countermeasures...
Auteur: VulDB

VMware NSX-T Role Based Access Control access control [CVE-2021-21981]

A vulnerability classified as critical has been found in VMware NSX-T (version unknown). Affected is some unknown functionality of the component Role Based Access Control. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Fibaro Home Center/Home Center Lite Web-based Management Interface cleartext transmission

A vulnerability was found in Fibaro Home Center and Home Center Lite (unknown version). It has been rated as problematic. This issue affects an unknown functionality of the component Web-based Management Interface. There is no information about...
Auteur: VulDB

Fibaro Home Center/Home Center Lite up to 4.540 os command injection

A vulnerability was found in Fibaro Home Center and Home Center Lite up to 4.540. It has been declared as critical. This vulnerability affects an unknown function. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Fibaro Home Center/Home Center Lite up to 4.600 Internal Management Service authorization

A vulnerability was found in Fibaro Home Center and Home Center Lite up to 4.600. It has been classified as critical. This affects some unknown processing of the component Internal Management Service. There is no information about possible...
Auteur: VulDB

Fibaro Home Center/Home Center Lite up to 4.600 SSH Connection authorization

A vulnerability was found in Fibaro Home Center and Home Center Lite up to 4.600 and classified as critical. Affected by this issue is an unknown code block of the component SSH Connection Handler. There is no information about possible...
Auteur: VulDB

IBM Resilient SOAR 38.0 Remote Privilege Escalation [CVE-2021-20527]

A vulnerability has been found in IBM Resilient SOAR 38.0 and classified as problematic. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Auteur: VulDB

Online Discussion Forum 1.0 Messaging Subsystem cross site scripting

A vulnerability, which was classified as problematic, was found in Online Discussion Forum 1.0 (Forum Software). Affected is an unknown part of the component Messaging Subsystem. There is no information about possible countermeasures known. It...
Auteur: VulDB

XMB up to 1.9.11.15/1.9.12.02 BBCode cross site scripting

A vulnerability, which was classified as problematic, has been found in XMB up to 1.9.11.15/1.9.12.02. This issue affects some unknown functionality of the component BBCode Handler. Upgrading to version 1.9.11.16 or 1.9.12.03 eliminates this...
Auteur: VulDB

Adobe Robohelp up to 2020.0.3 uncontrolled search path [CVE-2021-21070]

A vulnerability classified as critical was found in Adobe Robohelp up to 2020.0.3. This vulnerability affects an unknown functionality. Upgrading eliminates this vulnerability.
Auteur: VulDB

Innorix versuibs up to 9.2.18.385 the argument injection

A vulnerability classified as critical has been found in Innorix versuibs up to 9.2.18.385. This affects an unknown function.
Auteur: VulDB

CERTFR-2021-ACT-015 : Bulletin d’actualité CERTFR-2021-ACT-015 (19 avril 2021)

Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas …
Auteur: Cert FR

CERTFR-2021-AVI-285 : Vulnérabilité dans VMware NSX-T (19 avril 2021)

Une vulnérabilité a été découverte dans VMware NSX-T. Elle permet à un attaquant de provoquer une élévation de privilèges.

Auteur: Cert FR

CERTFR-2021-AVI-284 : Multiples vulnérabilités dans le noyau Linux de SUSE (19 avril 2021)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire et un déni de service...
Auteur: Cert FR

CERTFR-2021-AVI-283 : Vulnérabilité dans Juniper Junos OS (19 avril 2021)

Une vulnérabilité a été découverte dans Juniper Junos OS. Elle permet à un attaquant de provoquer un déni de service à distance.

Auteur: Cert FR

CERTFR-2021-AVI-282 : Multiples vulnérabilités dans les produits Qnap (19 avril 2021)

De multiples vulnérabilités ont été découvertes dans les produits Qnap. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.

Auteur: Cert FR

CERTFR-2021-AVI-281 : Vulnérabilité dans OpenSSH (19 avril 2021)

Une vulnérabilité a été découverte dans OpenSSH. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Auteur: Cert FR

CERTFR-2021-AVI-280 : Multiples vulnérabilités dans Mitel MiCollab (19 avril 2021)

De multiples vulnérabilités ont été découvertes dans Mitel MiCollab. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

Auteur: Cert FR

killing child_process Remote Code Execution

A vulnerability was found in killing (affected version not known). It has been rated as critical. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Auteur: VulDB

roar-pidusage stat Remote Code Execution

A vulnerability was found in roar-pidusage (affected version unknown). It has been declared as critical. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Auteur: VulDB

portkiller child_process Remote Code Execution

A vulnerability was found in portkiller (version unknown). It has been classified as critical. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Auteur: VulDB

picotts say Remote Code Execution

A vulnerability was found in picotts (unknown version) and classified as critical. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Auteur: VulDB

onion-oled-js Scroll child_process Remote Code Execution

A vulnerability has been found in onion-oled-js (the affected version is unknown) and classified as critical. This vulnerability affects the function child_process of the component Scroll Handler. There is no information about possible...
Auteur: VulDB
12345678910Last

Événements SSI