Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Samsung Smart Manager prior 11.0.05.0 Configuration improper authorization

A vulnerability was found in Samsung Smart Manager. It has been classified as critical. This affects an unknown code block of the component Configuration Handler. Upgrading to version 11.0.05.0 eliminates this vulnerability. The upgrade is hosted...
Auteur: VulDB

Samsung Bixby Voice up to 3.1.11 Intents access control

A vulnerability was found in Samsung Bixby Voice up to 3.1.11 and classified as critical. Affected by this issue is an unknown code of the component Intents Handler. Upgrading to version 3.1.12 eliminates this vulnerability. The upgrade is hosted...
Auteur: VulDB

Samsung Smart Phone prior MR MAY-2021 Release 1 MFC Charger Driver use after free

A vulnerability has been found in Samsung Smart Phone (Smartphone Operating System) and classified as critical. Affected by this vulnerability is an unknown part of the component MFC Charger Driver. Upgrading to version MR MAY-2021 Release 1...
Auteur: VulDB

Samsung Smart Phone prior SMR MAY-2021 Release 1 Secure Folder information disclosure

A vulnerability, which was classified as problematic, was found in Samsung Smart Phone (Smartphone Operating System). Affected is some unknown functionality of the component Secure Folder Handler. Upgrading to version SMR MAY-2021 Release 1...
Auteur: VulDB

Samsung Smart Phone prior SMR MAY-2021 Release 1 PhotoTable Local Privilege Escalation

A vulnerability, which was classified as problematic, has been found in Samsung Smart Phone (Smartphone Operating System). This issue affects an unknown functionality of the component PhotoTable. Upgrading to version SMR MAY-2021 Release 1...
Auteur: VulDB

Samsung Smart Phone prior SMR MAY-2021 Release 1 Knox Core Local Privilege Escalation

A vulnerability classified as problematic was found in Samsung Smart Phone (Smartphone Operating System). This vulnerability affects an unknown function of the component Knox Core. Upgrading to version SMR MAY-2021 Release 1 eliminates this...
Auteur: VulDB

Samsung Smart Phone prior SMR MAY-2021 Release 1 libsflacextractor sflacfd_get_frm heap-based overflow

A vulnerability classified as critical has been found in Samsung Smart Phone (Smartphone Operating System). This affects the function sflacfd_get_frm of the component libsflacextractor. Upgrading to version SMR MAY-2021 Release 1 eliminates this...
Auteur: VulDB

Samsung Smart Phone prior SMR MAY-2021 Release 1 libsdffextractor sdfffd_parse_chunk_FVER stack-based overflow

A vulnerability was found in Samsung Smart Phone (Smartphone Operating System). It has been rated as critical. Affected by this issue is the function sdfffd_parse_chunk_FVER of the component libsdffextractor. Upgrading to version SMR MAY-2021...
Auteur: VulDB

Samsung Smart Phone prior SMR MAY-2021 Release 1 libsdffextractor sdfffd_parse_chunk_PROP stack-based overflow

A vulnerability was found in Samsung Smart Phone (Smartphone Operating System). It has been declared as critical. Affected by this vulnerability is the function sdfffd_parse_chunk_PROP of the component libsdffextractor. Upgrading to version SMR...
Auteur: VulDB

Samsung Smart Phone prior SMR MAY-2021 Release 1 libsdffextractor sdfffd_parse_chunk_PROP heap-based overflow

A vulnerability was found in Samsung Smart Phone (Smartphone Operating System). It has been classified as critical. Affected is the function sdfffd_parse_chunk_PROP of the component libsdffextractor. Upgrading to version SMR MAY-2021 Release 1...
Auteur: VulDB

Samsung Smart Phone prior SMR MAY-2021 Release 1 libsapeextractor Library scmn_mfal_read heap-based overflow

A vulnerability was found in Samsung Smart Phone (Smartphone Operating System) and classified as critical. This issue affects the function scmn_mfal_read of the component libsapeextractor Library. Upgrading to version SMR MAY-2021 Release 1...
Auteur: VulDB

Western Digital EdgeRover up to 0.24 Node.js unknown vulnerability

A vulnerability has been found in Western Digital EdgeRover up to 0.24 and classified as problematic. This vulnerability affects an unknown functionality of the component Node.js. Upgrading to version 0.25 eliminates this vulnerability.
Auteur: VulDB

ripgrep up to 12 -z/--search-zip/--pre unknown vulnerability

A vulnerability, which was classified as problematic, was found in ripgrep up to 12. Upgrading to version 13 eliminates this vulnerability. The upgrade is hosted for download at github.com.
Auteur: VulDB

Nextcloud Deck up to 1.2.6/1.4.0 Lookup Server information disclosure

A vulnerability, which was classified as problematic, has been found in Nextcloud Deck up to 1.2.6/1.4.0 (Cloud Software). Affected by this issue is some unknown processing of the component Lookup Server Handler. Upgrading to version 1.2.7 or...
Auteur: VulDB

Nextcloud up to 3.4.1 on iOS Lookup Server information disclosure

A vulnerability classified as problematic was found in Nextcloud up to 3.4.1 on iOS (iOS App Software). Affected by this vulnerability is an unknown code block of the component Lookup Server Handler. Upgrading to version 3.4.2 eliminates this...
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 IMediaPlayer.cpp readVector information disclosure

A vulnerability classified as problematic has been found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). Affected is the function readVector of the file IMediaPlayer.cpp. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 Broadcast Intent SnoozeHelper.java createPendingetent information disclosure

A vulnerability was found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). It has been rated as problematic. This issue affects the function createPendingetent of the file SnoozeHelper.java of the component Broadcast Intent...
Auteur: VulDB

Samsung Smart Phone prior SMR JUN-2021 Release 1 EL1 code injection

A vulnerability was found in Samsung Smart Phone (Smartphone Operating System). It has been declared as critical. This vulnerability affects some unknown functionality of the component EL1. Upgrading to version SMR JUN-2021 Release 1 eliminates...
Auteur: VulDB

Advantech WebAccess 8.4.2/8.4.4 bwRoot.asp WADashboard username cross site scripting

A vulnerability was found in Advantech WebAccess 8.4.2/8.4.4 (SCADA Software). It has been classified as problematic. This affects the function WADashboard of the file bwRoot.asp. There is no information about possible countermeasures known. It...
Auteur: VulDB

OpenPLC ScadaBR system_settings.shtm cross site scripting

A vulnerability was found in OpenPLC ScadaBR (SCADA Software) (affected version not known) and classified as problematic. Affected by this issue is an unknown function of the file system_settings.shtm. There is no information about possible...
Auteur: VulDB

Advantech iView prior 5.7.03.6182 sql injection [CVE-2021-32932]

A vulnerability has been found in Advantech iView and classified as critical. Affected by this vulnerability is some unknown processing. Upgrading to version 5.7.03.6182 eliminates this vulnerability.
Auteur: VulDB

Tianocore EDK II DxeCore recursion [CVE-2021-28210]

A vulnerability, which was classified as problematic, was found in Tianocore EDK II (version unknown). Affected is an unknown code block of the component DxeCore. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Hillrom Welch Allyn Medical Device Management Tools out-of-bounds write

A vulnerability, which was classified as critical, has been found in Hillrom Welch Allyn Medical Device Management Tools (Medical Device Software) (unknown version). This issue affects an unknown code. Upgrading eliminates this vulnerability.
Auteur: VulDB

Hillrom Welch Allyn Medical Device Management Tools out-of-bounds read

A vulnerability classified as problematic was found in Hillrom Welch Allyn Medical Device Management Tools (Medical Device Software) (the affected version is unknown). This vulnerability affects an unknown part. Upgrading eliminates this...
Auteur: VulDB

Gallagher Command Centre Server prior 8.40.1888 Cloud End-to-End Encryption Key cleartext storage

A vulnerability classified as problematic has been found in Gallagher Command Centre Server. This affects some unknown functionality of the component Cloud End-to-End Encryption Key Handler. Upgrading to version 8.40.1888 eliminates this...
Auteur: VulDB
12345678910Last

Événements SSI