Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Thycotic Password Reset Server up to 5.2.x information disclosure

A vulnerability has been found in Thycotic Password Reset Server up to 5.2.x and classified as problematic. This vulnerability affects some unknown functionality. Upgrading to version 5.3.0 eliminates this vulnerability. The upgrade is hosted for...
Auteur: VulDB

Apport prior 2.20.11-0ubuntu67 on Ubuntu data/whoopsie-upload-all process_report link following

A vulnerability, which was classified as critical, was found in Apport on Ubuntu. This affects the function process_report of the file data/whoopsie-upload-all. Upgrading to version 2.20.11-0ubuntu67 eliminates this vulnerability.
Auteur: VulDB

Apport prior 2.20.11-0ubuntu67 on Ubuntu packaging-apt-dpkg.py get_modified_conffiles os command injection

A vulnerability, which was classified as critical, has been found in Apport on Ubuntu. Affected by this issue is the function get_modified_conffiles of the file backends/packaging-apt-dpkg.py. Upgrading to version 2.20.11-0ubuntu67 eliminates...
Auteur: VulDB

KuaiFanCMS 5.x chakanhtml.module.php html_url path traversal

A vulnerability classified as problematic was found in KuaiFanCMS 5.x. Affected by this vulnerability is some unknown processing of the file chakanhtml.module.php. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

cURL 7.61.0/7.76.1 Schannel TLS Library information disclosure

A vulnerability classified as problematic has been found in cURL 7.61.0/7.76.1 (Network Utility Software). Affected is an unknown code block of the component Schannel TLS Library. Applying a patch is able to eliminate this problem. The bugfix is...
Auteur: VulDB

Nextcloud Mail up to 1.9.4 Alias authorization

A vulnerability was found in Nextcloud Mail up to 1.9.4 (Cloud Software). It has been rated as critical. This issue affects an unknown code of the component Alias Handler. Upgrading to version 1.9.5 eliminates this vulnerability. The upgrade is...
Auteur: VulDB

Nextcloud Desktop Client up to 3.3.0 certificate validation [CVE-2021-22895]

A vulnerability was found in Nextcloud Desktop Client up to 3.3.0 (Cloud Software). It has been declared as problematic. This vulnerability affects an unknown part. Upgrading to version 3.3.1 eliminates this vulnerability. The upgrade is hosted...
Auteur: VulDB

Schneider Electric PowerLogic EGX300 Modbus TCP Protocol improper authentication

A vulnerability was found in Schneider Electric PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (SCADA Software) (the affected version unknown). It has been classified as critical. This affects some unknown...
Auteur: VulDB

Schneider Electric PowerLogic EGX300 password recovery [CVE-2021-22763]

A vulnerability was found in Schneider Electric PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (SCADA Software) (affected version not known) and classified as critical. Affected by this issue is an unknown...
Auteur: VulDB

Schneider Electric Modicon X80 BMXNOR0200H RTU up to SV1.70 IR22 Web Server information disclosure

A vulnerability has been found in Schneider Electric Modicon X80 BMXNOR0200H RTU up to SV1.70 IR22 (SCADA Software) and classified as problematic. Affected by this vulnerability is an unknown function of the component Web Server. Applying a patch...
Auteur: VulDB

AccuSoft ImageGear 19.9 TIF IP_planar_raster_unpack out-of-bounds write

A vulnerability, which was classified as critical, was found in AccuSoft ImageGear 19.9. Affected is the function IP_planar_raster_unpack of the component TIF Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

AccuSoft ImageGear 19.9 JPG Handle_JPEG420 out-of-bounds write

A vulnerability, which was classified as critical, has been found in AccuSoft ImageGear 19.9. This issue affects the function Handle_JPEG420 of the component JPG Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

AccuSoft ImageGear 19.9 PNG png_palette_process memory corruption

A vulnerability classified as critical was found in AccuSoft ImageGear 19.9. This vulnerability affects the function png_palette_process of the component PNG Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

AccuSoft ImageGear 19.9 PSD read_icc_icCurve_data heap-based overflow

A vulnerability classified as critical has been found in AccuSoft ImageGear 19.9. This affects the function read_icc_icCurve_data of the component PSD Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Samsung Health up to 6.16 Component access control

A vulnerability was found in Samsung Health up to 6.16. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Component Handler. Upgrading to version 6.17 eliminates this vulnerability. The...
Auteur: VulDB

Samsung Tizen bluetooth-frwk improper authentication [CVE-2021-25424]

A vulnerability was found in Samsung Tizen (affected version unknown). It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component bluetooth-frwk. Upgrading eliminates this vulnerability. The...
Auteur: VulDB

Samsung Internet prior 14.0.1.62 Address Bar clickjacking

A vulnerability was found in Samsung Internet. It has been classified as problematic. Affected is an unknown function of the component Address Bar Handler. Upgrading to version 14.0.1.62 eliminates this vulnerability. The upgrade is hosted for...
Auteur: VulDB

Samsung Internet prior 14.0.1.62 Component Protection privileges management

A vulnerability was found in Samsung Internet and classified as critical. This issue affects some unknown processing of the component Component Protection. Upgrading to version 14.0.1.62 eliminates this vulnerability. The upgrade is hosted for...
Auteur: VulDB

Samsung SDP SDK prior SMR JUN-2021 Release 1 improper authorization

A vulnerability has been found in Samsung SDP SDK and classified as critical. This vulnerability affects an unknown code block. Upgrading to version SMR JUN-2021 Release 1 eliminates this vulnerability. The upgrade is hosted for download at...
Auteur: VulDB

Samsung NPU Driver prior SMR JUN-2021 Release 1 out-of-bounds write

A vulnerability, which was classified as critical, was found in Samsung NPU Driver (Hardware Driver Software). This affects an unknown code. Upgrading to version SMR JUN-2021 Release 1 eliminates this vulnerability. The upgrade is hosted for...
Auteur: VulDB

Samsung SmartThings prior 1.7.64.21 log file [CVE-2021-25404]

A vulnerability, which was classified as problematic, has been found in Samsung SmartThings (Router Operating System). Affected by this issue is an unknown part. Upgrading to version 1.7.64.21 eliminates this vulnerability. The upgrade is hosted...
Auteur: VulDB

Samsung Account prior 10.8.0.4 SettingWebView access control

A vulnerability classified as problematic was found in Samsung Account. Affected by this vulnerability is some unknown functionality of the component SettingWebView. Upgrading to version 10.8.0.4 eliminates this vulnerability. The upgrade is...
Auteur: VulDB

Samsung Notes prior 4.2.04.27 Pen Latency information disclosure

A vulnerability classified as problematic has been found in Samsung Notes (Smartphone Operating System). Affected is an unknown functionality of the component Pen Latency Handler. Upgrading to version 4.2.04.27 eliminates this vulnerability. The...
Auteur: VulDB

Samsung Health up to 6.15 Intents access control

A vulnerability was found in Samsung Health up to 6.15. It has been rated as critical. This issue affects an unknown function of the component Intents Handler. Upgrading to version 6.16 eliminates this vulnerability. The upgrade is hosted for...
Auteur: VulDB

Samsung Internet prior 14.0.1.20 Intents access control

A vulnerability was found in Samsung Internet. It has been declared as critical. This vulnerability affects some unknown processing of the component Intents Handler. Upgrading to version 14.0.1.20 eliminates this vulnerability. The upgrade is...
Auteur: VulDB
12345678910Last

Événements SSI