Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Exiv2 up to 0.27.3 Metadata heap-based overflow

A vulnerability was found in Exiv2 up to 0.27.3 (Image Processing Software) and classified as critical. This issue affects an unknown code block of the component Metadata Handler. Upgrading to version 0.27.4 eliminates this vulnerability....
Auteur: VulDB

Dell EMC Networking X-Series/PowerEdge VRTX Switch Module access control

A vulnerability has been found in Dell EMC Networking X-Series and PowerEdge VRTX Switch Module (the affected version is unknown) and classified as critical. This vulnerability affects an unknown code. Upgrading eliminates this vulnerability.
Auteur: VulDB

cumulative-distribution-function up to 1.x on npm infinite loop

A vulnerability, which was classified as problematic, was found in cumulative-distribution-function up to 1.x on npm (NPM Package). This affects an unknown part. Upgrading to version 2.0.0 eliminates this vulnerability. Applying a patch is able...
Auteur: VulDB

IBM Informix Dynamic Server 14.10 stack-based overflow [CVE-2021-20515]

A vulnerability, which was classified as critical, has been found in IBM Informix Dynamic Server 14.10 (Information Management Software). Affected by this issue is some unknown functionality. There is no information about possible countermeasures...
Auteur: VulDB

Google Chrome prior 90.0.4430.93 on Windows ANGLE heap-based overflow

A vulnerability classified as critical was found in Google Chrome on Windows (Web Browser). Affected by this vulnerability is an unknown functionality of the component ANGLE. Upgrading to version 90.0.4430.93 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 90.0.4430.93 Dev Tools use after free

A vulnerability classified as critical has been found in Google Chrome (Web Browser). Affected is an unknown function of the component Dev Tools. Upgrading to version 90.0.4430.93 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 90.0.4430.93 V8 heap-based overflow

A vulnerability was found in Google Chrome (Web Browser). It has been rated as critical. This issue affects some unknown processing of the component V8. Upgrading to version 90.0.4430.93 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 90.0.4430.93 V8 type confusion

A vulnerability was found in Google Chrome (Web Browser). It has been declared as critical. This vulnerability affects an unknown code block of the component V8. Upgrading to version 90.0.4430.93 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 90.0.4430.93 Extensions access control

A vulnerability was found in Google Chrome (Web Browser). It has been classified as critical. This affects an unknown code of the component Extensions. Upgrading to version 90.0.4430.93 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 90.0.4430.93 V8 heap-based overflow

A vulnerability was found in Google Chrome (Web Browser) and classified as critical. Affected by this issue is an unknown part of the component V8. Upgrading to version 90.0.4430.93 eliminates this vulnerability.
Auteur: VulDB

Chamilo up to 1.11.14 fileUpload.lib.php pathname traversal

A vulnerability has been found in Chamilo up to 1.11.14 (Content Management System) and classified as critical. Affected by this vulnerability is some unknown functionality in the library main/inc/lib/fileUpload.lib.php. Applying a patch is able...
Auteur: VulDB

Google Chrome prior 90.0.4430.93 on Android Downloads clickjacking

A vulnerability, which was classified as problematic, was found in Google Chrome on Android (Web Browser). Affected is an unknown functionality of the component Downloads. Upgrading to version 90.0.4430.93 eliminates this vulnerability.
Auteur: VulDB

Pritunl Client 1.2.2550.20 pritunl-service neutralization for logs

A vulnerability, which was classified as critical, has been found in Pritunl Client 1.2.2550.20. This issue affects an unknown function of the component pritunl-service. Applying a patch is able to eliminate this problem. The bugfix is ready for...
Auteur: VulDB

pki-core 10.10.5 KRA Agent Service cross site scripting

A vulnerability classified as problematic was found in pki-core 10.10.5. This vulnerability affects some unknown processing of the component KRA Agent Service. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

RPM rpmdb lib/header.c hdrblobInit out-of-bounds read

A vulnerability classified as problematic has been found in RPM (the affected version unknown). This affects the function hdrblobInit in the library lib/header.c of the component rpmdb. There is no information about possible countermeasures...
Auteur: VulDB

CNCF Cortex up to 1.8.0 Alertmanager password_file information disclosure

A vulnerability was found in CNCF Cortex up to 1.8.0. It has been rated as problematic. Affected by this issue is the function password_file of the component Alertmanager. Upgrading to version 1.8.1 eliminates this vulnerability. Applying a patch...
Auteur: VulDB

Grafana Enterprise up to 1.2.0 Alertmanager password_file information disclosure

A vulnerability was found in Grafana Enterprise up to 1.2.0. It has been declared as problematic. Affected by this vulnerability is the function password_file of the component Alertmanager. Upgrading to version 1.2.1 eliminates this vulnerability.
Auteur: VulDB

Ambarella Oryx RTSP Server 2020-01-07 RTSP Request libamprotocol-rtsp.so.1 parse_authentication_header buffer overflow

A vulnerability was found in Ambarella Oryx RTSP Server 2020-01-07. It has been classified as critical. Affected is the function parse_authentication_header of the file libamprotocol-rtsp.so.1 of the component RTSP Request Handler. There is no...
Auteur: VulDB

Zoho ManageEngine EventLog Analyzer up to 12147 ZIP Archive pathname traversal

A vulnerability was found in Zoho ManageEngine EventLog Analyzer up to 12147 and classified as critical. This issue affects an unknown functionality of the component ZIP Archive Handler. There is no information about possible countermeasures...
Auteur: VulDB

GOG GalaxyClient 2.0.28.9 DLL Loader zlib1.dll untrusted search path

A vulnerability has been found in GOG GalaxyClient 2.0.28.9 and classified as problematic. This vulnerability affects an unknown function in the library zlib1.dll of the component DLL Loader. There is no information about possible countermeasures...
Auteur: VulDB

MongoDB Server up to 4.4.3 Find Query denial of service

A vulnerability, which was classified as problematic, was found in MongoDB Server up to 4.4.3 (Database Software). This affects some unknown processing of the component Find Query Handler. Upgrading to version 4.4.4 eliminates this vulnerability.
Auteur: VulDB

klibc up to 2.0.8 malloc integer overflow

A vulnerability, which was classified as critical, has been found in klibc up to 2.0.8. Affected by this issue is the function malloc. Upgrading to version 2.0.9 eliminates this vulnerability. Applying a patch is able to eliminate this problem....
Auteur: VulDB

klibc up to 2.0.8 on 32-bit cpio Command integer overflow

A vulnerability classified as critical was found in klibc up to 2.0.8 on 32-bit. Affected by this vulnerability is an unknown code of the component cpio Command. Upgrading to version 2.0.9 eliminates this vulnerability. Applying a patch is able...
Auteur: VulDB

klibc up to 2.0.8 on 64-bit cpio Command integer overflow

A vulnerability classified as critical has been found in klibc up to 2.0.8 on 64-bit. Affected is an unknown part of the component cpio Command. Upgrading to version 2.0.9 eliminates this vulnerability. Applying a patch is able to eliminate this...
Auteur: VulDB

klibc up to 2.0.8 calloc integer overflow

A vulnerability was found in klibc up to 2.0.8. It has been rated as critical. This issue affects the function calloc. Upgrading to version 2.0.9 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is...
Auteur: VulDB
12345678910Last

Événements SSI