Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

BitDefender Endpoint Security prior 4.12.80 on Mac privilege escalation

A vulnerability was found in BitDefender Endpoint Security on Mac and classified as critical. This issue affects an unknown code block. Upgrading to version 4.12.80 eliminates this vulnerability.
Auteur: VulDB

IBM Financial Transaction Manager 3.2.4 Web UI cross site scripting

A vulnerability has been found in IBM Financial Transaction Manager 3.2.4 (Financial Software) and classified as problematic. This vulnerability affects an unknown code of the component Web UI. There is no information about possible...
Auteur: VulDB

IBM i2 Analyst Notebook 9.2.1/9.2.2 memory corruption [CVE-2020-4554]

A vulnerability, which was classified as critical, was found in IBM i2 Analyst Notebook 9.2.1/9.2.2. This affects an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

IBM i2 Analyst Notebook 9.2.1/9.2.2 memory corruption [CVE-2020-4553]

A vulnerability, which was classified as critical, has been found in IBM i2 Analyst Notebook 9.2.1/9.2.2. Affected by this issue is some unknown functionality. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

IBM i2 Analyst Notebook 9.2.1 memory corruption [CVE-2020-4552]

A vulnerability classified as critical was found in IBM i2 Analyst Notebook 9.2.1. Affected by this vulnerability is an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

IBM i2 Analyst Notebook 9.2.1/9.2.2 memory corruption [CVE-2020-4551]

A vulnerability classified as critical has been found in IBM i2 Analyst Notebook 9.2.1/9.2.2. Affected is an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected object with...
Auteur: VulDB

IBM i2 Analyst Notebook 9.2.1/9.2.2 memory corruption [CVE-2020-4550]

A vulnerability was found in IBM i2 Analyst Notebook 9.2.1/9.2.2. It has been rated as critical. This issue affects some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

IBM i2 Analyst Notebook 9.2.1 memory corruption [CVE-2020-4549]

A vulnerability was found in IBM i2 Analyst Notebook 9.2.1. It has been declared as critical. This vulnerability affects an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

IBM WebSphere Application Server 7.0/8.0/8.5/9.0 UNC Path privilege escalation

A vulnerability was found in IBM WebSphere Application Server 7.0/8.0/8.5/9.0 (Application Server Software). It has been classified as critical. This affects an unknown code of the component UNC Path Handler. There is no information about...
Auteur: VulDB

IBM Cognos Anaytics 11.0/11.1 XML Data XML External Entity

A vulnerability was found in IBM Cognos Anaytics 11.0/11.1 (Business Process Management Software) and classified as critical. Affected by this issue is an unknown part of the component XML Data Handler. There is no information about possible...
Auteur: VulDB

IBM Financial Transaction Manager 3.2.4 sql injection [CVE-2020-4328]

A vulnerability has been found in IBM Financial Transaction Manager 3.2.4 (Financial Software) and classified as critical. Affected by this vulnerability is some unknown functionality. There is no information about possible countermeasures known....
Auteur: VulDB

IBM Cognos Analytics 11.0/11.1 My Schedules and Subscriptions Page privilege escalation

A vulnerability, which was classified as critical, was found in IBM Cognos Analytics 11.0/11.1 (Business Process Management Software). Affected is an unknown functionality of the component My Schedules and Subscriptions Page. There is no...
Auteur: VulDB

IBM Cognos Analytics 11.0/11.1 Cache Data information disclosure

A vulnerability, which was classified as problematic, has been found in IBM Cognos Analytics 11.0/11.1 (Business Process Management Software). This issue affects an unknown function of the component Cache Data Handler. There is no information...
Auteur: VulDB

CERTFR-2020-AVI-481 : Vulnérabilité dans IBM WebSphere (03 août 2020)

Une vulnérabilité a été découverte dans IBM WebSphere. Elle permet à un attaquant de provoquer une élévation de privilèges.

Auteur: Cert FR

VMware Tanzu Application Service for VMs up to 2.7.18/2.8.12/2.9.6 App Autoscaler Credentials information disclosure

A vulnerability classified as problematic was found in VMware Tanzu Application Service for VMs up to 2.7.18/2.8.12/2.9.6. This vulnerability affects some unknown processing of the component App Autoscaler. Upgrading to version 2.7.19, 2.8.13 or...
Auteur: VulDB

VMware GemFire/Tanzu GemFire for VMs prior 9.10.0 JMX Service Remote Code Execution

A vulnerability was found in VMware GemFire and Tanzu GemFire for VMs. It has been rated as critical. Affected by this issue is an unknown code of the component JMX Service. Upgrading to version 9.10.0 eliminates this vulnerability.
Auteur: VulDB

RSA MFA Agent 2.0 on Windows weak authentication [CVE-2020-5384]

A vulnerability was found in RSA MFA Agent 2.0 on Windows. It has been declared as critical. Affected by this vulnerability is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

tgstation-server 4.4.0/4.4.1 directory traversal [CVE-2020-16136]

A vulnerability was found in tgstation-server 4.4.0/4.4.1. It has been classified as problematic. Affected is some unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Sonatype Nexus Repository Manager up to 3.25.0 Remote Code Execution

A vulnerability was found in Sonatype Nexus Repository Manager up to 3.25.0 and classified as critical. This issue affects an unknown functionality. Upgrading to version 3.25.1 eliminates this vulnerability.
Auteur: VulDB

Sonatype Nexus Repository Manager up to 3.25.0 cross site scripting

A vulnerability has been found in Sonatype Nexus Repository Manager up to 3.25.0 and classified as problematic. This vulnerability affects an unknown function. Upgrading to version 3.25.1 eliminates this vulnerability.
Auteur: VulDB

Sonatype Nexus Repository Manager up to 3.25.0 cross site scripting

A vulnerability, which was classified as problematic, was found in Sonatype Nexus Repository Manager up to 3.25.0. This affects some unknown processing. Upgrading to version 3.25.1 eliminates this vulnerability.
Auteur: VulDB

faye-websocket up to 0.10.x Certificate Verification Faye::WebSocket::Client TLS Certificate Man-in-the-Middle weak authentication

A vulnerability classified as problematic was found in faye-websocket up to 0.10.x. Affected by this vulnerability is the function Faye::WebSocket::Client of the component Certificate Verification. Upgrading to version 0.11.0 eliminates this...
Auteur: VulDB

October CMS up to 1.0.467 Cookie privilege escalation

A vulnerability classified as problematic has been found in October CMS up to 1.0.467 (Content Management System). Affected is an unknown part of the component Cookie Handler. Upgrading to version 1.0.468 eliminates this vulnerability.
Auteur: VulDB

grub2 up to 2.05 ext Filesystem Symlink memory corruption

A vulnerability was found in grub2 up to 2.05. It has been rated as critical. This issue affects some unknown functionality of the component ext Filesystem Handler. Upgrading to version 2.06 eliminates this vulnerability.
Auteur: VulDB

grub2 up to 2.05 read_section_as_string() Font File Heap-based memory corruption

A vulnerability was found in grub2 up to 2.05. It has been declared as critical. This vulnerability affects the function read_section_as_string(). Upgrading to version 2.06 eliminates this vulnerability.
Auteur: VulDB
12345678910Last

Événements SSI