samedi 6 juin 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Linux Kernel up to 3.x/4.17.x/5.x Bluetooth Crash denial of service

A vulnerability was found in Linux Kernel up to 3.x/4.17.x/5.x (Operating System). It has been classified as problematic. This affects an unknown code block of the component Bluetooth. Upgrading eliminates this vulnerability.
Auteur: VulDB

IBM Spectrum Protect Backup-Archive Client 7.1/8.1 CIT privilege escalation

A vulnerability was found in IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments 7.1/8.1 (Backup Software) and classified as critical. Affected by this issue is an unknown code of the component CIT...
Auteur: VulDB

GNU Patch up to 2.7.3 Incomplete Fix Symlink directory traversal

A vulnerability has been found in GNU Patch up to 2.7.3 and classified as critical. Affected by this vulnerability is an unknown part of the component Incomplete Fix. Upgrading to version 2.7.4 eliminates this vulnerability. A possible mitigation...
Auteur: VulDB

cloud-init up to 0.6.x EC2 Instance Data Request privilege escalation

A vulnerability, which was classified as critical, has been found in cloud-init up to 0.6.x (Cloud Software). This issue affects an unknown functionality of the component EC2 Instance Data Handler. Upgrading to version 0.7.0 eliminates this...
Auteur: VulDB

libuser 0.58-3.fc18 Home Directory information disclosure

A vulnerability classified as problematic was found in libuser 0.58-3.fc18. This vulnerability affects an unknown function of the component Home Directory Handler. Upgrading eliminates this vulnerability. A possible mitigation has been published...
Auteur: VulDB

thttpd .htpasswd File denial of service [CVE-2012-5640]

A vulnerability classified as problematic has been found in thttpd (Web Server) (the affected version unknown). This affects some unknown processing of the component .htpasswd File Handler. There is no information about possible countermeasures...
Auteur: VulDB

Ipa 3.0 Server Identity Cookie information disclosure

A vulnerability was found in Ipa 3.0. It has been rated as problematic. Affected by this issue is an unknown code block of the component Server Identity Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

libuser 0.56/0.57 Directory Tree TOCTOU race condition

A vulnerability was found in libuser 0.56/0.57. It has been declared as problematic. Affected by this vulnerability is an unknown code of the component Directory Tree Handler. Upgrading eliminates this vulnerability. A possible mitigation has...
Auteur: VulDB

gksu-polkit 0.0.3-8.gitf8ce834c.fc19 PolicyKit Policy Configuration File privilege escalation

A vulnerability was found in gksu-polkit 0.0.3-8.gitf8ce834c.fc19. It has been classified as critical. Affected is an unknown part of the component PolicyKit Policy Configuration File Handler. Applying a patch is able to eliminate this problem. A...
Auteur: VulDB

opendnssec libcurl API unknown vulnerability [CVE-2012-5582]

A vulnerability was found in opendnssec (unknown version) and classified as critical. This issue affects some unknown functionality of the component libcurl API. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Python Keyring information disclosure [CVE-2012-5578]

A vulnerability has been found in Python (the affected version is unknown) and classified as problematic. This vulnerability affects an unknown functionality of the component Keyring. There is no information about possible countermeasures known....
Auteur: VulDB

gnome-system-log 3.4.1-3.fc17 polkit Policy directory traversal

A vulnerability, which was classified as problematic, was found in gnome-system-log 3.4.1-3.fc17. This affects an unknown function of the component polkit Policy. Upgrading eliminates this vulnerability. A possible mitigation has been published...
Auteur: VulDB

Claws Mail vCalendar Plugin Interface Credentials information disclosure

A vulnerability, which was classified as problematic, has been found in Claws Mail vCalendar Plugin (Mail Client Software) (affected version not known). Affected by this issue is some unknown processing of the component Interface. There is no...
Auteur: VulDB

Quagga 0.99.21 ospf6d Crash denial of service

A vulnerability classified as problematic was found in Quagga 0.99.21. Affected by this vulnerability is an unknown code block of the component ospf6d. Applying a patch is able to eliminate this problem.
Auteur: VulDB

vdsm 4.10.0-13.fc17 Certificate Generator privilege escalation

A vulnerability classified as critical has been found in vdsm 4.10.0-13.fc17. Affected is an unknown code of the component Certificate Generator. Upgrading eliminates this vulnerability. A possible mitigation has been published even before and...
Auteur: VulDB

Zope up to 3.4.0 Incomplete Fix CVE-2010-1104 cross site scripting

A vulnerability was found in Zope up to 3.4.0 (Application Server Software). It has been rated as problematic. This issue affects an unknown part of the component Incomplete Fix CVE-2010-1104. Upgrading to version 2.8.12, 2.9.12, 2.10.11, 2.11.6,...
Auteur: VulDB

FUTURA INTERNATIONALE : sanction de 500 000 euros pour démarchage téléphonique illégal

La formation restreinte de la CNIL a prononcé une sanction de 500 000 euros à l’encontre de la société FUTURA INTERNATIONALE. Il lui est notamment reproché de ne pas avoir respecté les droits des personnes sollicitées dans le cadre d’opérations...
Auteur: Cnil

Robots connectés et données personnelles : les conseils de la CNIL

Les robots de cuisine sont devenus une idée de cadeau incontournable en l’espace de quelques années. Certains modèles les plus récents sont connectés. Suivez les conseils de la CNIL avant et après l’achat. 
Auteur: Cnil

Téléviseurs connectés : les conseils de la CNIL

De plus en plus présents dans le commerce et disposant de nombreuses fonctionnalités, les téléviseurs connectés représentaient 67 % des téléviseurs vendus en 2018 mais peuvent avoir un impact sur votre vie privée. La CNIL propose des conseils, de...
Auteur: Cnil

cri-o Container Memory Exhaustion denial of service

A vulnerability was found in cri-o (the affected version is unknown). It has been declared as problematic. This vulnerability affects some unknown functionality of the component Container Handler. There is no information about possible...
Auteur: VulDB

ibus DBus Server privilege escalation [CVE-2019-14822]

A vulnerability was found in ibus (the affected version unknown). It has been classified as critical. This affects an unknown functionality of the component DBus Server Handler. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Linux Kernel WMM privilege escalation [CVE-2019-14815]

A vulnerability was found in Linux Kernel (Operating System) (affected version not known) and classified as critical. Affected by this issue is an unknown function of the component WMM. There is no information about possible countermeasures...
Auteur: VulDB

Red Hat Enterprise Linux 8 Image Library weak encryption

A vulnerability has been found in Red Hat Enterprise Linux 8 (Operating System) and classified as problematic. Affected by this vulnerability is some unknown processing of the component Image Library. There is no information about possible...
Auteur: VulDB

Infinispan up to 9.x invokeAccessibly Application privilege escalation

A vulnerability, which was classified as critical, was found in Infinispan up to 9.x. Affected is the function invokeAccessibly. Upgrading to version 10.0.0 Final eliminates this vulnerability.
Auteur: VulDB

CERTFR-2019-AVI-589 : Vulnérabilité dans Fortinet FortiGate (25 novembre 2019)

Une vulnérabilité a été découverte dans Fortinet FortiGate. Elles permet à un attaquant de provoquer une injection de code indirecte à distance (XSS).

Auteur: Cert FR
First389390391392393394395396397398Last

Événements SSI