Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Delta Industrial Automation CNCSoft ScreenEditor up to 1.01.23 Project File Uninitialized Memory memory corruption

A vulnerability, which was classified as critical, was found in Delta Industrial Automation CNCSoft ScreenEditor up to 1.01.23. This affects an unknown code of the component Project File Handler. There is no information about possible...
Auteur: VulDB

Delta Industrial Automation CNCSoft ScreenEditor up to 1.01.23 Project File Out-of-Bounds memory corruption

A vulnerability, which was classified as critical, has been found in Delta Industrial Automation CNCSoft ScreenEditor up to 1.01.23. Affected by this issue is an unknown part of the component Project File Handler. There is no information about...
Auteur: VulDB

Delta Industrial Automation CNCSoft ScreenEditor up to 1.01.23 Project File Stack-based memory corruption

A vulnerability classified as critical was found in Delta Industrial Automation CNCSoft ScreenEditor up to 1.01.23. Affected by this vulnerability is some unknown functionality of the component Project File Handler. There is no information about...
Auteur: VulDB

Swisscom Internet Box 2 Sysbus-API Backdoor privilege escalation

A vulnerability classified as critical has been found in Swisscom Internet Box 2, Internet Box Standard and Internet Box Plus (version unknown). Affected is an unknown functionality of the component Sysbus-API. Upgrading eliminates this...
Auteur: VulDB

ACTi NVR3 Standard Server 3.0.12.42 ActiveMediaServer.exe memory corruption

A vulnerability was found in ACTi NVR3 Standard Server 3.0.12.42. It has been rated as critical. This issue affects an unknown function of the file ActiveMediaServer.exe. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Gantt-Chart Module up to 5.5.4 on Jira Dashboard Persistent cross site scripting

A vulnerability was found in Gantt-Chart Module up to 5.5.4 on Jira (Atlassian Jira App Software). It has been declared as problematic. This vulnerability affects some unknown processing of the component Dashboard. Upgrading to version 5.5.5...
Auteur: VulDB

Gantt-Chart Module up to 5.5.3 on Jira Privilege Check privilege escalation

A vulnerability was found in Gantt-Chart Module up to 5.5.3 on Jira (Atlassian Jira App Software). It has been classified as critical. This affects an unknown code block of the component Privilege Check. Upgrading to version 5.5.4 eliminates this...
Auteur: VulDB

Cohesive Networks VNS3:vpn up to 4.11.0 Administrative Interface Remote Code Execution

A vulnerability was found in Cohesive Networks VNS3:vpn up to 4.11.0 (Network Encryption Software) and classified as critical. Affected by this issue is an unknown code of the component Administrative Interface. Upgrading to version 4.11.1...
Auteur: VulDB

save-server up to 1.04 on npm cross site request forgery [CVE-2020-15135]

A vulnerability has been found in save-server up to 1.04 on npm and classified as problematic. Affected by this vulnerability is an unknown part. Upgrading to version 1.05 eliminates this vulnerability.
Auteur: VulDB

Solidus up to 2.8.5/2.9.5/2.10.1 Parameter privilege escalation

A vulnerability, which was classified as critical, was found in Solidus up to 2.8.5/2.9.5/2.10.1. Affected is some unknown functionality. Upgrading to version 2.8.6, 2.9.6 or 2.10.2 eliminates this vulnerability.
Auteur: VulDB

SoftPerfect RAM Disk 4.1 Driver spvve.sys Request information disclosure

A vulnerability, which was classified as problematic, has been found in SoftPerfect RAM Disk 4.1. This issue affects an unknown functionality in the library spvve.sys of the component Driver. There is no information about possible countermeasures...
Auteur: VulDB

SoftPerfect RAM Disk 4.1 Driver spvve.sys Request denial of service

A vulnerability classified as problematic was found in SoftPerfect RAM Disk 4.1. This vulnerability affects an unknown function in the library spvve.sys of the component Driver. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Ricoh Streamline NX Client Tool/Streamline NX PC Client privilege escalation

A vulnerability classified as critical has been found in Ricoh Streamline NX Client Tool and Streamline NX PC Client (the affected version unknown). This affects some unknown processing. There is no information about possible countermeasures...
Auteur: VulDB

SPARTOO : sanction de 250 000 euros et injonction sous astreinte de se conformer au RGPD

La CNIL, en tant que « chef de file », a adopté sa première décision de sanction en coopération avec d’autres autorités de contrôle européennes, en réponse à plusieurs manquements au RGPD par la société SPARTOO.
Auteur: Cnil

CERTFR-2020-AVI-484 : Multiples vulnérabilités dans Google Android (04 août 2020)

De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de...
Auteur: Cert FR

CERTFR-2020-AVI-483 : Multiples vulnérabilités dans le noyau Linux de SUSE (04 août 2020)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni...
Auteur: Cert FR

CERTFR-2020-AVI-482 : Vulnérabilité dans le noyau Linux de Red Hat (04 août 2020)

Une vulnérabilité a été découverte dans le noyau Linux de Red Hat. Elle permet à un attaquant de provoquer une élévation de privilèges.

Auteur: Cert FR

NetApp Active IQ Unified Manager for VMware vSphere up to 9.4 denial of service

A vulnerability was found in NetApp Active IQ Unified Manager for VMware vSphere and Active IQ Unified Manager for VMware Windows up to 9.4 (Virtualization Software). It has been rated as problematic. Affected by this issue is an unknown code...
Auteur: VulDB

NetApp Active IQ Unified Manager up to 9.5 on Linux JMX RMI Service Code Execution

A vulnerability was found in NetApp Active IQ Unified Manager up to 9.5 on Linux. It has been declared as critical. Affected by this vulnerability is an unknown code of the component JMX RMI Service. Upgrading to version 9.6 eliminates this...
Auteur: VulDB

Teltonika Firmware TRB2_R_00.02.04.01 Access Control privilege escalation

A vulnerability was found in Teltonika Firmware TRB2_R_00.02.04.01 (Firmware Software). It has been classified as critical. Affected is an unknown part of the component Access Control. There is no information about possible countermeasures known....
Auteur: VulDB

Teltonika Firmware TRB2_R_00.02.04.01 Package File privilege escalation

A vulnerability was found in Teltonika Firmware TRB2_R_00.02.04.01 (Firmware Software) and classified as critical. This issue affects some unknown functionality of the component Package File Handler. There is no information about possible...
Auteur: VulDB

Teltonika Firmware TRB2_R_00.02.04.01 Backup Archive privilege escalation

A vulnerability has been found in Teltonika Firmware TRB2_R_00.02.04.01 (Firmware Software) and classified as critical. This vulnerability affects an unknown functionality of the component Backup Archive Handler. There is no information about...
Auteur: VulDB

Teltonika Firmware TRB2_R_00.02.04.01 cross site request forgery

A vulnerability, which was classified as problematic, was found in Teltonika Firmware TRB2_R_00.02.04.01 (Firmware Software). This affects an unknown function. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

SKYSEA Client View up to 15.210.05f privilege escalation [CVE-2020-5617]

A vulnerability, which was classified as critical, has been found in SKYSEA Client View up to 15.210.05f. Affected by this issue is some unknown processing. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Link01 up to 1.0.0 weak authentication [CVE-2020-5616]

A vulnerability classified as critical was found in Calendar01, Calendar02, PKOBO-News01, PKOBO-vote01, Telop01, Gallery01, CalendarForm01 and Link01 up to 1.0.0 (Calendar Software). Affected by this vulnerability is an unknown code block. There...
Auteur: VulDB
12345678910Last

Événements SSI