Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

CERTFR-2021-AVI-169 : Multiples vulnérabilités dans GitLab (05 mars 2021)

De multiples vulnérabilités ont été découvertes dans GitLab. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, un contournement de la politique de sécurité et une atteinte à l'intégrité...
Auteur: Cert FR

NetApp Clustered Data ONTAP up to 9.3P20/9.5P15/9.6P11/9.7P8 SMB Access denial of service

A vulnerability, which was classified as problematic, was found in NetApp Clustered Data ONTAP up to 9.3P20/9.5P15/9.6P11/9.7P8. This affects an unknown function of the component SMB Access Handler. Upgrading to version 9.3P21, 9.5P16, 9.6P12,...
Auteur: VulDB

NetApp Clustered Data ONTAP up to 9.3P20/9.5P15/9.6P11/9.7P7 information disclosure

A vulnerability, which was classified as problematic, has been found in NetApp Clustered Data ONTAP up to 9.3P20/9.5P15/9.6P11/9.7P7. Affected by this issue is some unknown processing. Upgrading to version 9.3P21, 9.5P16, 9.6P12, 9.7P8 or 9.8...
Auteur: VulDB

CERTFR-2021-AVI-168 : Vulnérabilité dans Sonicwall Directory Service Connector (05 mars 2021)

Une vulnérabilité a été découverte dans Sonicwall Directory Service Connector. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité, une atteinte à l'intégrité des données et une atteinte à la confidentialité des...
Auteur: Cert FR

AfterLogic Aurora/WebMail Pro up to 8.5.3 DAV DAVServer.php pathname traversal

A vulnerability classified as critical was found in AfterLogic Aurora and WebMail Pro up to 8.5.3. Affected by this vulnerability is an unknown code block of the file DAVServer.php of the component DAV. There is no information about possible...
Auteur: VulDB

Joomla! up to 3.9.24 Form Filter Remote Privilege Escalation

A vulnerability classified as critical has been found in Joomla! up to 3.9.24 (Content Management System). Affected is an unknown code of the component Form Filter. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

CERTFR-2021-AVI-167 : Multiples vulnérabilités dans Microsoft Edge (05 mars 2021)

De multiples vulnérabilités ont été découvertes dans Microsoft Edge. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Auteur: Cert FR

Joomla! up to 3.9.24 ZIP Package path traversal

A vulnerability was found in Joomla! up to 3.9.24 (Content Management System). It has been rated as critical. This issue affects an unknown part of the component ZIP Package Handler. There is no information about possible countermeasures known....
Auteur: VulDB

Joomla! up to 3.9.24 Category unknown vulnerability [CVE-2021-26027]

A vulnerability was found in Joomla! up to 3.9.24 (Content Management System). It has been declared as critical. This vulnerability affects some unknown functionality of the component Category Handler. There is no information about possible...
Auteur: VulDB

Samsung Internet prior 13.0.1.60 Permission permission

A vulnerability was found in Samsung Internet. It has been classified as problematic. This affects an unknown functionality of the component Permission Handler. Upgrading to version 13.0.1.60 eliminates this vulnerability.
Auteur: VulDB

Samsung Mobile Device prior SMR Feb-2021 Release 1 Email App improper authentication

A vulnerability was found in Samsung Mobile Device (Smartphone Operating System) and classified as critical. Affected by this issue is an unknown function of the component Email App. Upgrading to version SMR Feb-2021 Release 1 eliminates this...
Auteur: VulDB

Samsung Mobile Device prior SMR Jan-2021 Release 1 quram Library memory corruption

A vulnerability has been found in Samsung Mobile Device (Smartphone Operating System) and classified as critical. Affected by this vulnerability is some unknown processing of the component quram Library. Upgrading to version SMR Jan-2021 Release...
Auteur: VulDB

Samsung Mobile Device prior SMR Mar-2021 Release 1 hwcomposer denial of service

A vulnerability, which was classified as problematic, was found in Samsung Mobile Device (Smartphone Operating System). Affected is an unknown code block of the component hwcomposer. Upgrading to version SMR Mar-2021 Release 1 eliminates this...
Auteur: VulDB

Samsung Mobile Device prior SMR Mar-2021 Release 1 knox_custom Service permission

A vulnerability, which was classified as problematic, has been found in Samsung Mobile Device (Smartphone Operating System). This issue affects an unknown code of the component knox_custom Service. Upgrading to version SMR Mar-2021 Release 1...
Auteur: VulDB

Samsung Mobile Device prior 2.4.81.13/3.8.00.13 memory corruption

A vulnerability classified as problematic was found in Samsung Mobile Device (Smartphone Operating System). This vulnerability affects an unknown part. Upgrading to version 2.4.81.13 or 3.8.00.13 eliminates this vulnerability.
Auteur: VulDB

Samsung SMP SDK prior 3.0.9 Provider denial of service

A vulnerability classified as problematic has been found in Samsung SMP SDK. This affects some unknown functionality of the component Provider Handler. Upgrading to version 3.0.9 eliminates this vulnerability.
Auteur: VulDB

Samsung S Assistant prior 6.5.01.22 denial of service [CVE-2021-25341]

A vulnerability was found in Samsung S Assistant. It has been rated as problematic. Affected by this issue is an unknown functionality. Upgrading to version 6.5.01.22 eliminates this vulnerability.
Auteur: VulDB

Samsung Mobile Device prior SMR Feb-2021 Release 1 Keyboard access control

A vulnerability was found in Samsung Mobile Device (Smartphone Operating System). It has been declared as critical. Affected by this vulnerability is an unknown function of the component Keyboard. Upgrading to version SMR Feb-2021 Release 1...
Auteur: VulDB

Samsung Mobile Devices prior SMR Mar-2021 Release 1 HArx memory corruption

A vulnerability was found in Samsung Mobile Devices (Smartphone Operating System). It has been classified as critical. Affected is some unknown processing of the component HArx. Upgrading to version SMR Mar-2021 Release 1 eliminates this...
Auteur: VulDB

Samsung Mobile Devices prior SMR Mar-2021 Release 1 RKP access control

A vulnerability was found in Samsung Mobile Devices (Smartphone Operating System) and classified as critical. This issue affects an unknown code block of the component RKP. Upgrading to version SMR Mar-2021 Release 1 eliminates this vulnerability.
Auteur: VulDB

Samsung Mobile Devices prior SMR Mar-2021 Release 1 Clipboard Service access control

A vulnerability has been found in Samsung Mobile Devices (Smartphone Operating System) and classified as critical. This vulnerability affects an unknown code of the component Clipboard Service. Upgrading to version SMR Mar-2021 Release 1...
Auteur: VulDB

Samsung Mobile Devices prior SMR Mar-2021 Release 1 NotificationManagerService privileges management

A vulnerability, which was classified as critical, was found in Samsung Mobile Devices (Smartphone Operating System). This affects the function NotificationManagerService. Upgrading to version SMR Mar-2021 Release 1 eliminates this vulnerability.
Auteur: VulDB

Samsung Mobile Devices prior SMR Mar-2021 Release 1 Lockscreen access control

A vulnerability, which was classified as problematic, has been found in Samsung Mobile Devices (Smartphone Operating System). Affected by this issue is some unknown functionality of the component Lockscreen Handler. Upgrading to version SMR...
Auteur: VulDB

Samsung Mobile Devices prior SMR Feb-2021 Release 1 Application denial of service

A vulnerability classified as problematic was found in Samsung Mobile Devices (Smartphone Operating System). Affected by this vulnerability is an unknown functionality of the component Application Handler. Upgrading to version SMR Feb-2021...
Auteur: VulDB

Samsung Pay Mini Application up to 4.0.13 Lockscreen access control

A vulnerability classified as problematic has been found in Samsung Pay Mini Application up to 4.0.13. Affected is an unknown function of the component Lockscreen Handler. Upgrading to version 4.0.14 eliminates this vulnerability.
Auteur: VulDB
12345678910Last

Événements SSI