Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Red Hat CloudForms HTTP Request cross-site request forgery [CVE-2020-14369]

A vulnerability classified as problematic was found in Red Hat CloudForms (Cloud Software) (affected version unknown). Affected by this vulnerability is an unknown function of the component HTTP Request Handler. There is no information about...
Auteur: VulDB

Apache HttpClient up to 4.5.12/5.0.2 URI Object unknown vulnerability

A vulnerability classified as problematic has been found in Apache HttpClient up to 4.5.12/5.0.2. Affected is some unknown processing of the component URI Object Handler. Upgrading to version 4.5.13 or 5.0.3 eliminates this vulnerability.
Auteur: VulDB

Pixar OpenUSD 20.05 Encoding out-of-bounds read

A vulnerability was found in Pixar OpenUSD 20.05. It has been rated as problematic. This issue affects an unknown code block of the component Encoding Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Pixar OpenUSD 20.05 Encoding out-of-bounds read

A vulnerability was found in Pixar OpenUSD 20.05. It has been declared as problematic. This vulnerability affects an unknown code of the component Encoding Handler. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Pixar OpenUSD 20.05 Encoding out-of-bounds read

A vulnerability was found in Pixar OpenUSD 20.05. It has been classified as problematic. This affects an unknown part of the component Encoding Handler. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Pixar OpenUSD 20.05 USD File out-of-bounds read

A vulnerability was found in Pixar OpenUSD 20.05 and classified as problematic. Affected by this issue is some unknown functionality of the component USD File Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Pixar OpenUSD 20.05 USD File heap-based buffer overflow

A vulnerability has been found in Pixar OpenUSD 20.05 and classified as critical. Affected by this vulnerability is an unknown functionality of the component USD File Handler. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Phoenix Contact BTP 2043W/BTP 2070W/BTP 2102W resource consumption

A vulnerability, which was classified as problematic, was found in Phoenix Contact BTP 2043W, BTP 2070W and BTP 2102W (version unknown). Affected is an unknown function. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

libxls 2.0 XLS File xls_addCell out-of-bounds write

A vulnerability, which was classified as critical, has been found in libxls 2.0. This issue affects the function xls_addCell of the component XLS File Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

cpp-ethereum libevm Smart Contract Code out-of-bounds write [CVE-2017-14451]

A vulnerability classified as critical was found in cpp-ethereum libevm (the affected version is unknown). This vulnerability affects an unknown code block of the component Smart Contract Code Handler. There is no information about possible...
Auteur: VulDB

FreeBSD up to 11.4/12.1/12.2 ICMPv6 use after free

A vulnerability classified as critical has been found in FreeBSD up to 11.4/12.1/12.2 (Operating System). This affects an unknown code of the component ICMPv6. Applying a patch is able to eliminate this problem.
Auteur: VulDB

FreeBSD up to 11.4/12.1/12.2 rtsold memory corruption

A vulnerability was found in FreeBSD up to 11.4/12.1/12.2 (Operating System). It has been rated as critical. Affected by this issue is an unknown part of the component rtsold. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Textpattern CMS 4.6.2 prefs Subsystem cross-site request forgery

A vulnerability was found in Textpattern CMS 4.6.2 (Content Management System). It has been declared as problematic. Affected by this vulnerability is some unknown functionality of the component prefs Subsystem. There is no information about...
Auteur: VulDB

Papermerge up to 1.5.1 rename/tag/upload/create folder cross site scripting

A vulnerability was found in Papermerge up to 1.5.1. It has been classified as problematic. Affected is the function rename/tag/upload/create folder. Upgrading to version 1.5.2 eliminates this vulnerability. The upgrade is hosted for download at...
Auteur: VulDB

HPE Edgeline Infrastructure Manager Remote Privilege Escalation

A vulnerability was found in HPE Edgeline Infrastructure Manager (unknown version) and classified as critical. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative...
Auteur: VulDB

Valve Game Networking Sockets up to 1.1.x libsodium Decrypt stack-based buffer overflow

A vulnerability has been found in Valve Game Networking Sockets up to 1.1.x and classified as critical. This vulnerability affects the function AES_GCM_DecryptContext::Decrypt of the component libsodium. Upgrading to version 1.2.0 eliminates this...
Auteur: VulDB

CAPI up to 1.100.x YAML Parser resource consumption

A vulnerability, which was classified as problematic, was found in CAPI up to 1.100.x. This affects an unknown code block of the component YAML Parser. Upgrading to version 1.101.0 eliminates this vulnerability.
Auteur: VulDB

HCL Notes DXL buffer overflow [CVE-2020-4102]

A vulnerability, which was classified as critical, has been found in HCL Notes (affected version not known). Affected by this issue is an unknown code of the component DXL. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Umbraco up to 8.9.1 LogViewerController.cs access control

A vulnerability classified as critical was found in Umbraco up to 8.9.1. Affected by this vulnerability is an unknown part of the file Editors/LogViewerController.cs. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

elasticsearch-operator-container up to 4.6 Namespace Validator redirect

A vulnerability classified as critical has been found in elasticsearch-operator-container up to 4.6 (Virtualization Software). Affected is some unknown functionality of the component Namespace Validator. Upgrading to version 4.7 eliminates this...
Auteur: VulDB

Gorilla Websocket up to 1.4.0 Frame integer overflow

A vulnerability was found in Gorilla Websocket up to 1.4.0. It has been rated as problematic. This issue affects an unknown functionality of the component Frame Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

QEMU on the USB EHCI Emulation assertion

A vulnerability was found in QEMU on the (Virtualization Software) (the affected version is unknown). It has been declared as problematic. This vulnerability affects an unknown function of the component USB EHCI Emulation. There is no information...
Auteur: VulDB

Linux Kernel Performance Monitoring Subsystem resource consumption

A vulnerability was found in Linux Kernel (Operating System) (the affected version unknown). It has been classified as problematic. This affects some unknown processing of the component Performance Monitoring Subsystem. Applying a patch is able...
Auteur: VulDB

Samba DNS Server denial of service [CVE-2020-14383]

A vulnerability was found in Samba (File Transfer Software) (affected version not known) and classified as problematic. Affected by this issue is an unknown code block of the component DNS Server. There is no information about possible...
Auteur: VulDB

Linux Kernel Voice over IP H.323 Connection Tracking out-of-bounds write

A vulnerability has been found in Linux Kernel (Operating System) (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown code of the component Voice over IP H.323 Connection Tracking. There is no...
Auteur: VulDB
12345678910Last

Événements SSI