Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas …
Une vulnérabilité a été découverte dans VMware NSX-T. Elle permet à un attaquant de provoquer une élévation de privilèges.
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire et un déni de service...
Une vulnérabilité a été découverte dans Juniper Junos OS. Elle permet à un attaquant de provoquer un déni de service à distance.
De multiples vulnérabilités ont été découvertes dans les produits Qnap. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.
Une vulnérabilité a été découverte dans OpenSSH. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
De multiples vulnérabilités ont été découvertes dans Mitel MiCollab. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).
A vulnerability was found in killing (affected version not known). It has been rated as critical. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
A vulnerability was found in roar-pidusage (affected version unknown). It has been declared as critical. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
A vulnerability was found in portkiller (version unknown). It has been classified as critical. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
A vulnerability was found in picotts (unknown version) and classified as critical. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
A vulnerability has been found in onion-oled-js (the affected version is unknown) and classified as critical. This vulnerability affects the function child_process of the component Scroll Handler. There is no information about possible...
A vulnerability, which was classified as critical, was found in ffmpegdotjs (Multimedia Processing Software) (the affected version unknown). There is no information about possible countermeasures known. It may be suggested to replace the affected...
A vulnerability, which was classified as critical, has been found in psnode (affected version not known). Affected by this issue is the function child_process of the component Kill Handler. There is no information about possible countermeasures...
A vulnerability classified as critical was found in ps-visitor (affected version unknown). Affected by this vulnerability is the function child_process of the component Kill Handler. There is no information about possible countermeasures known....
A vulnerability classified as critical has been found in Trojan.Win32.Agent.hsm (version unknown). Affected is an unknown code block of the file C:\LOL\. There is no information about possible countermeasures known. It may be suggested to replace...
A vulnerability was found in Constructor.Win32.Bifrose.ag (unknown version). It has been rated as critical. This issue affects an unknown code of the component Bifrost Setting File Import. There is no information about possible countermeasures...
A vulnerability was found in HEUR.Backdoor.Win32.Generic (Remote Access Software) (the affected version is unknown). It has been declared as critical. This vulnerability affects an unknown part of the file C:\WINDOWS\1314.exe of the component...
A vulnerability was found in Trojan.Win32.Bayrob.dtrg (the affected version unknown). It has been classified as critical. This affects some unknown functionality of the file C:\mnfqzckna0dkc\. There is no information about possible...
A vulnerability was found in Trojan-Dropper.Win32.Agent.bjtzcp (affected version not known) and classified as critical. Affected by this issue is an unknown functionality of the file C:\Isrimss2018\. There is no information about possible...
A vulnerability has been found in Trojan.Win32.NanoBot.onh (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown function of the file C:\AppData\. There is no information about possible...
A vulnerability, which was classified as critical, was found in Trojan.Win32.Agentb.iofv (version unknown). Affected is some unknown processing of the file C:\drivr\. There is no information about possible countermeasures known. It may be...
A vulnerability, which was classified as critical, has been found in overlayfs on Ubuntu (unknown version). This issue affects an unknown code block. Applying a patch is able to eliminate this problem. The bugfix is ready for download at...
A vulnerability classified as critical was found in Shiftfs on Ubuntu (the affected version is unknown). This vulnerability affects the function copy_from_user of the component Kernel Memory Handler. Applying a patch is able to eliminate this...
A vulnerability classified as problematic has been found in ezXML 0.8.6. This affects the function ezxml_parse_str of the file libezxml.a of the component XML File Parser. There is no information about possible countermeasures known. It may be...