Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Kubernetes CLI Plugin up to 1.10.0 on Jenkins HTTP Endpoint authorization

A vulnerability classified as critical was found in Kubernetes CLI Plugin up to 1.10.0 on Jenkins (Virtualization Software). This vulnerability affects an unknown function of the component HTTP Endpoint. There is no information about possible...
Auteur: VulDB

SmartStream Transaction Lifecycle Management Reconciliation Premium cross site scripting

A vulnerability classified as problematic has been found in SmartStream Transaction Lifecycle Management Reconciliation Premium up to 3.0.x. This affects some unknown processing. Upgrading to version 3.1.0 eliminates this vulnerability.
Auteur: VulDB

Grant Averett Cerberus FTP Server up to 10.0.18/11.0.3 Web Client cross site scripting

A vulnerability was found in Grant Averett Cerberus FTP Server up to 10.0.18/11.0.3 (File Transfer Software). It has been rated as problematic. Affected by this issue is an unknown code block of the component Web Client. Upgrading to version...
Auteur: VulDB

Annex Cloud Loyalty Experience Platform prior 2021.1.0.1 Campaign access control

A vulnerability was found in Annex Cloud Loyalty Experience Platform (Cloud Software). It has been declared as critical. Affected by this vulnerability is an unknown code of the component Campaign Handler. Upgrading to version 2021.1.0.1...
Auteur: VulDB

Annex Cloud Loyalty Experience Platform up to 2021.1.0.1 access control

A vulnerability was found in Annex Cloud Loyalty Experience Platform up to 2021.1.0.1 (Cloud Software). It has been classified as critical. Affected is an unknown part. Upgrading to version 2021.1.0.2 eliminates this vulnerability.
Auteur: VulDB

Annex Cloud Loyalty Experience Platform up to 2021.1.0.1 resource injection

A vulnerability was found in Annex Cloud Loyalty Experience Platform up to 2021.1.0.1 (Cloud Software) and classified as critical. This issue affects some unknown functionality. Upgrading to version 2021.1.0.2 eliminates this vulnerability.
Auteur: VulDB

TP-Link TL-SG2005/TL-SG2008 1.0.0 Build 20180529 Rel.40524 Device Description Interface array index

A vulnerability has been found in TP-Link TL-SG2005 and TL-SG2008 1.0.0 Build 20180529 Rel.40524 (Router Operating System) and classified as critical. This vulnerability affects an unknown functionality of the component Device Description...
Auteur: VulDB

LANCOM R&S Unified Firewall 10.5 path traversal [CVE-2021-31538]

A vulnerability, which was classified as critical, was found in LANCOM R&S Unified Firewall 10.5 (Firewall Software). This affects an unknown function. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

F5 BIG-IP APM/BIG-IP APM Clients Windows Installer cachecleaner.dll uncontrolled search path

A vulnerability, which was classified as critical, has been found in F5 BIG-IP APM and BIG-IP APM Clients (Firewall Software) (affected version not known). Affected by this issue is some unknown processing in the library cachecleaner.dll of the...
Auteur: VulDB

ZTE ZXHN HS562 1.0.0.0B2.0000/1.0.0.0B3.0000E Cloud-End App access control

A vulnerability classified as critical was found in ZTE ZXHN HS562 1.0.0.0B2.0000/1.0.0.0B3.0000E. Affected by this vulnerability is an unknown code block of the component Cloud-End App. There is no information about possible countermeasures...
Auteur: VulDB

ZTE ZXHN H168N up to 3.5.0_EG1T4_TE Wizard Page information disclosure

A vulnerability classified as problematic has been found in ZTE ZXHN H168N up to 3.5.0_EG1T4_TE. Affected is an unknown code of the component Wizard Page. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

OpenDMARC 1.4.1.0/1.4.1.1 Header Field null pointer dereference

A vulnerability was found in OpenDMARC 1.4.1.0/1.4.1.1. It has been rated as problematic. This issue affects an unknown part of the component Header Field Handler. Applying a patch is able to eliminate this problem. The bugfix is ready for...
Auteur: VulDB

Google Chrome prior 91.0.4472.101 Network Service use after free

A vulnerability was found in Google Chrome (Web Browser). It has been declared as critical. This vulnerability affects some unknown functionality of the component Network Service. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 Extension use after free

A vulnerability was found in Google Chrome (Web Browser). It has been classified as critical. This affects an unknown functionality of the component Extension. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 V8 type confusion

A vulnerability was found in Google Chrome (Web Browser) and classified as critical. Affected by this issue is an unknown function of the component V8. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 Accessibility use after free

A vulnerability has been found in Google Chrome (Web Browser) and classified as critical. Affected by this vulnerability is some unknown processing of the component Accessibility. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 Spell Check use after free

A vulnerability, which was classified as critical, was found in Google Chrome (Web Browser). Affected is an unknown code block of the component Spell Check. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 Loader use after free

A vulnerability, which was classified as critical, has been found in Google Chrome (Web Browser). This issue affects an unknown code of the component Loader. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 ANGLE out-of-bounds write

A vulnerability classified as critical was found in Google Chrome (Web Browser). This vulnerability affects an unknown part of the component ANGLE. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 Autofill use after free

A vulnerability classified as critical has been found in Google Chrome (Web Browser). This affects some unknown functionality of the component Autofill Handler. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 Extension use after free

A vulnerability was found in Google Chrome (Web Browser). It has been rated as critical. Affected by this issue is an unknown functionality of the component Extension. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 91.0.4472.101 BFCache use after free

A vulnerability was found in Google Chrome (Web Browser). It has been declared as critical. Affected by this vulnerability is an unknown function of the component BFCache. Upgrading to version 91.0.4472.101 eliminates this vulnerability.
Auteur: VulDB

Bridgecrew Checkov up to 2.0.138 Terraform File deserialization

A vulnerability was found in Bridgecrew Checkov up to 2.0.138. It has been classified as critical. Affected is some unknown processing of the component Terraform File Handler. Upgrading to version 2.0.139 eliminates this vulnerability.
Auteur: VulDB

RESTEasy up to 4.6.0.Final URL Encoding cross site scripting

A vulnerability was found in RESTEasy up to 4.6.0.Final and classified as problematic. This issue affects an unknown code block of the component URL Encoding Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Zoho ManageEngine ServiceDesk Plus up to 11204 Disallowed Input List Remote Privilege Escalation

A vulnerability has been found in Zoho ManageEngine ServiceDesk Plus up to 11204 and classified as very critical. This vulnerability affects an unknown code of the component Disallowed Input List Handler. Upgrading to version 11205 eliminates...
Auteur: VulDB
12345678910Last

Événements SSI

FIC

Ayant pour thème cette année " Pour une cybersécurité coopérative et collaborative ", le Forum International de la Cybersécurité occupe les 6, 7 et 8 avril 2021 le Grand Palais de Lille. Organisé ...

FIC (REPORTÉ)

Ayant pour thème cette année " Pour une cybersécurité coopérative et collaborative ", le Forum International de la Cybersécurité occupe les 19, 20 et 21 janvier 2021 le Grand Palais de Lille. ...

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes, palais des festivals, du 1er au 3 décembre 2020 . Organisé par Comexposium.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes, palais des festivals, du 1er au 3 décembre 2020 . Organisé par Comexposium.

TRUSTECH (ANNULÉ)

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes, palais des festivals, du 1er au 3 décembre 2020 . Organisé par Comexposium.

TRUSTECH (ANNULÉ)

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes, palais des festivals, du 1er au 3 décembre 2020 . Organisé par Comexposium.
RSS
12345678910Last