Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Samsung Mobile Devices prior SMR Mar-2021 Release 1 Clipboard Service access control

A vulnerability has been found in Samsung Mobile Devices (Smartphone Operating System) and classified as critical. This vulnerability affects an unknown code of the component Clipboard Service. Upgrading to version SMR Mar-2021 Release 1...
Auteur: VulDB

Samsung Mobile Devices prior SMR Mar-2021 Release 1 NotificationManagerService privileges management

A vulnerability, which was classified as critical, was found in Samsung Mobile Devices (Smartphone Operating System). This affects the function NotificationManagerService. Upgrading to version SMR Mar-2021 Release 1 eliminates this vulnerability.
Auteur: VulDB

Samsung Mobile Devices prior SMR Mar-2021 Release 1 Lockscreen access control

A vulnerability, which was classified as problematic, has been found in Samsung Mobile Devices (Smartphone Operating System). Affected by this issue is some unknown functionality of the component Lockscreen Handler. Upgrading to version SMR...
Auteur: VulDB

Samsung Mobile Devices prior SMR Feb-2021 Release 1 Application denial of service

A vulnerability classified as problematic was found in Samsung Mobile Devices (Smartphone Operating System). Affected by this vulnerability is an unknown functionality of the component Application Handler. Upgrading to version SMR Feb-2021...
Auteur: VulDB

Samsung Pay Mini Application up to 4.0.13 Lockscreen access control

A vulnerability classified as problematic has been found in Samsung Pay Mini Application up to 4.0.13. Affected is an unknown function of the component Lockscreen Handler. Upgrading to version 4.0.14 eliminates this vulnerability.
Auteur: VulDB

Samsung Pay Mini Application up to 4.0.13 Lockscreen access control

A vulnerability was found in Samsung Pay Mini Application up to 4.0.13. It has been rated as problematic. This issue affects some unknown processing of the component Lockscreen Handler. Upgrading to version 4.0.14 eliminates this vulnerability.
Auteur: VulDB

Samsung Pay Mini Application prior 4.0.14 Lockscreen access control

A vulnerability was found in Samsung Pay Mini Application. It has been declared as problematic. This vulnerability affects an unknown code block of the component Lockscreen Handler. Upgrading to version 4.0.14 eliminates this vulnerability.
Auteur: VulDB

Facebook Zstandard up to 1.4.8 permission [CVE-2021-24032]

A vulnerability was found in Facebook Zstandard up to 1.4.8 (Social Network Software). It has been classified as critical. This affects an unknown code. Upgrading to version 1.4.9 eliminates this vulnerability.
Auteur: VulDB

Facebook Zstandard up to 1.4.0 permission [CVE-2021-24031]

A vulnerability was found in Facebook Zstandard up to 1.4.0 (Social Network Software) and classified as critical. Affected by this issue is an unknown part. Upgrading to version 1.4.1 eliminates this vulnerability.
Auteur: VulDB

html-parse-stringify up to 2.0.0 Regex resource consumption

A vulnerability has been found in html-parse-stringify up to 2.0.0 and classified as problematic. Affected by this vulnerability is some unknown functionality of the component Regex Handler. Upgrading to version 2.0.1 eliminates this...
Auteur: VulDB

total.js up to 3.4.7 set Remote Code Execution

A vulnerability, which was classified as critical, was found in total.js up to 3.4.7 (JavaScript Library). Upgrading to version 3.4.8 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for...
Auteur: VulDB

Joomla! up to 3.9.24 com_media path traversal

A vulnerability, which was classified as critical, has been found in Joomla! up to 3.9.24 (Content Management System). This issue affects an unknown function of the component com_media. There is no information about possible countermeasures...
Auteur: VulDB

Joomla! up to 3.9.24 Template Manager input validation

A vulnerability classified as critical was found in Joomla! up to 3.9.24 (Content Management System). This vulnerability affects some unknown processing of the component Template Manager. There is no information about possible countermeasures...
Auteur: VulDB

Joomla! up to 3.9.24 Feed Field cross site scripting

A vulnerability classified as problematic has been found in Joomla! up to 3.9.24 (Content Management System). This affects an unknown code block of the component Feed Field Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

Joomla! up to 3.9.24 Message cross site scripting

A vulnerability was found in Joomla! up to 3.9.24 (Content Management System). It has been rated as problematic. Affected by this issue is an unknown code of the component Message Handler. There is no information about possible countermeasures...
Auteur: VulDB

Joomla! up to 3.9.24 FOFEncryptRandval random values

A vulnerability was found in Joomla! up to 3.9.24 (Content Management System). It has been declared as problematic. Affected by this vulnerability is the function FOFEncryptRandval. There is no information about possible countermeasures known. It...
Auteur: VulDB

Joomla! up to 3.9.24 2FA Secret random values

A vulnerability was found in Joomla! up to 3.9.24 (Content Management System). It has been classified as problematic. Affected is some unknown functionality of the component 2FA Secret Handler. There is no information about possible...
Auteur: VulDB

Joomla! up to 3.9.24 2FA Secret rand random values

A vulnerability was found in Joomla! up to 3.9.24 (Content Management System) and classified as problematic. This issue affects the function rand of the component 2FA Secret Handler. There is no information about possible countermeasures known....
Auteur: VulDB

GitLab Community Edition/Enterprise Edition 13.7 improper authentication

A vulnerability has been found in GitLab Community Edition and Enterprise Edition 13.7 (Bug Tracking Software) and classified as critical. This vulnerability affects an unknown function. There is no information about possible countermeasures...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition 11.8 Epics Page cross site scripting

A vulnerability, which was classified as problematic, was found in GitLab Community Edition and Enterprise Edition 11.8 (Bug Tracking Software). This affects some unknown processing of the component Epics Page. There is no information about...
Auteur: VulDB

Fortinet FortiProxy up to 1.2.9/2.0.0 SSL VPN Portal access control

A vulnerability, which was classified as critical, has been found in Fortinet FortiProxy up to 1.2.9/2.0.0 (Firewall Software). Affected by this issue is an unknown code block of the component SSL VPN Portal. Upgrading to version 1.2.10 or 2.0.1...
Auteur: VulDB

IBM Engineering Web UI cross site scripting [CVE-2021-20351]

A vulnerability classified as problematic was found in IBM Engineering (affected version unknown). Affected by this vulnerability is an unknown code of the component Web UI. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

IBM Engineering Web UI cross site scripting [CVE-2021-20350]

A vulnerability classified as problematic has been found in IBM Engineering (version unknown). Affected is an unknown part of the component Web UI. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

IBM Engineering Web UI cross site scripting [CVE-2021-20340]

A vulnerability was found in IBM Engineering (unknown version). It has been rated as problematic. This issue affects some unknown functionality of the component Web UI. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

fs-path up to 0.0.24 copy/copySync/remove/removeSync command injection

A vulnerability was found in fs-path up to 0.0.24. It has been declared as critical. This vulnerability affects the function copy/copySync/remove/removeSync. Upgrading to version 0.0.25 eliminates this vulnerability. Applying a patch is able to...
Auteur: VulDB
12345678910Last

Événements SSI