samedi 6 juin 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Qualcomm Snapdragon Auto up to SDX20 Loop Out-of-Bounds memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Voice & Music (Chip Software) and...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDX20 Camera Driver Out-of-Bounds memory corruption

A vulnerability has been found in Qualcomm Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wearables (Chip Software) and...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SM8150 Ressource Lock Out-of-Bounds memory corruption

A vulnerability, which was classified as critical, was found in Qualcomm Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &...
Auteur: VulDB

Fotinet FortiOS 5.6/6.0 URL/SPAM/AV Default Key weak encryption

A vulnerability, which was classified as problematic, has been found in Fotinet FortiOS 5.6/6.0 (Firewall Software). This issue affects an unknown code of the component URL/SPAM/AV. There is no information about possible countermeasures known. It...
Auteur: VulDB

Asuswrt-Merlin up to 384.3 blocking.asp flag/mac/cat_id memory corruption

A vulnerability classified as critical was found in Asuswrt-Merlin up to 384.3. This vulnerability affects an unknown part of the file blocking.asp. Upgrading to version 384.4 eliminates this vulnerability.
Auteur: VulDB

Synametrics SynaMan/Syncrify/SynTail cross site request forgery

A vulnerability classified as problematic has been found in Synametrics SynaMan, Syncrify and SynTail (the affected version unknown). This affects some unknown functionality. Upgrading eliminates this vulnerability.
Auteur: VulDB

Ikiwiki prior 3.20150329 openid-selector.tmpl openid_identifier cross site scripting

A vulnerability was found in Ikiwiki. It has been rated as problematic. Affected by this issue is an unknown functionality of the file templates/openid-selector.tmpl. Upgrading to version 3.20150329 eliminates this vulnerability. A possible...
Auteur: VulDB

Zhone zNID 2426A prior S3.0.501 Web Administrative Portal Response privilege escalation

A vulnerability was found in Zhone zNID 2426A. It has been declared as critical. Affected by this vulnerability is an unknown function of the component Web Administrative Portal. Upgrading to version S3.0.501 eliminates this vulnerability.
Auteur: VulDB

xcfa up to 5.0.0 Temp File Symlink privilege escalation

A vulnerability was found in xcfa up to 5.0.0. It has been classified as critical. Affected is some unknown processing of the component Temp File Handler. Upgrading to version 5.0.1 eliminates this vulnerability. Applying a patch is able to...
Auteur: VulDB

Qualcomm QCA6174_9377 Registry privilege escalation [CVE-2019-10617]

A vulnerability was found in Qualcomm QCA6174_9377 (unknown version). It has been rated as critical. This issue affects an unknown part of the component Registry Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

xcfa up to 5.0.0 Temp File Symlink privilege escalation

A vulnerability was found in xcfa up to 5.0.0 and classified as critical. This issue affects an unknown code block of the component Temp File Handler. Upgrading to version 5.0.1 eliminates this vulnerability. Applying a patch is able to eliminate...
Auteur: VulDB

eDeploy up to 2014-10-14 eval() Remote Code Execution

A vulnerability has been found in eDeploy up to 2014-10-14 and classified as critical. This vulnerability affects the function eval(). There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

wolfSSL up to 3.1.x Server Certificate weak authentication

A vulnerability, which was classified as critical, was found in wolfSSL up to 3.1.x. This affects an unknown part of the component Server Certificate Handler. Upgrading to version 3.2.0 eliminates this vulnerability.
Auteur: VulDB

wolfSSL up to 3.1.x CA Certificate weak authentication

A vulnerability, which was classified as critical, has been found in wolfSSL up to 3.1.x. Affected by this issue is some unknown functionality of the component CA Certificate Handler. Upgrading to version 3.2.0 eliminates this vulnerability.
Auteur: VulDB

wolfSSL up to 3.1.x Certificate Hostname weak authentication

A vulnerability classified as critical was found in wolfSSL up to 3.1.x. Affected by this vulnerability is an unknown functionality of the component Certificate Handler. Upgrading to version 3.2.0 eliminates this vulnerability.
Auteur: VulDB

python-rply up to 0.7.3 Temp File /tmp/rply-*.json privilege escalation

A vulnerability classified as critical has been found in python-rply up to 0.7.3. Affected is an unknown function of the file /tmp/rply-*.json of the component Temp File Handler. Upgrading to version 0.7.4 eliminates this vulnerability.
Auteur: VulDB

Gamera up to 3.4.0 Temp File io.py tempfile.mktemp() privilege escalation

A vulnerability was found in Gamera up to 3.4.0. It has been rated as critical. This issue affects the function tempfile.mktemp() of the file io.py of the component Temp File Handler. Upgrading to version 3.4.1 eliminates this vulnerability.
Auteur: VulDB

rc up to 1.7.1-4 Temp File privilege escalation

A vulnerability was found in rc up to 1.7.1-4. It has been declared as critical. This vulnerability affects an unknown code block of the component Temp File Handler. Upgrading to version 1.7.1-5 eliminates this vulnerability.
Auteur: VulDB

9base 1:6-6/1:6-7 Temp File privilege escalation

A vulnerability was found in 9base 1:6-6/1:6-7. It has been classified as critical. This affects an unknown code of the component Temp File Handler. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

openshift-origin-node Gem on Ruby cronjob Timeout denial of service

A vulnerability was found in openshift-origin-node Gem on Ruby (affected version not known) and classified as problematic. Affected by this issue is an unknown part of the component cronjob Timeout Handler. Upgrading eliminates this...
Auteur: VulDB

net-ldap gem up to 0.16.1 SSHA Password Generation lib/net/ldap/password.rb Net::LDAP weak encryption

A vulnerability has been found in net-ldap gem up to 0.16.1 and classified as critical. Affected by this vulnerability is the function Net::LDAP in the library lib/net/ldap/password.rb of the component SSHA Password Generation. Upgrading to...
Auteur: VulDB

Slackware 13.1/13.37/14.0/14.1 iodbctest/iodbctestw privilege escalation

A vulnerability, which was classified as critical, was found in Slackware 13.1/13.37/14.0/14.1. Affected is an unknown functionality of the component iodbctest/iodbctestw. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Slackware/Slackware LLVM Privileges /tmp privilege escalation

A vulnerability, which was classified as critical, has been found in Slackware and Slackware LLVM (unknown version). This issue affects an unknown function of the file /tmp of the component Privileges. There is no information about possible...
Auteur: VulDB

Loftek Nexus 543 IP Camera get_realip.cgi information disclosure

A vulnerability classified as problematic was found in Loftek Nexus 543 IP Camera (the affected version is unknown). This vulnerability affects some unknown processing of the file get_realip.cgi. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Loftek Nexus 543 IP Camera check_users.cgi HTTP GET Request weak encryption

A vulnerability classified as critical has been found in Loftek Nexus 543 IP Camera (the affected version unknown). This affects an unknown code block of the file check_users.cgi. Applying a patch is able to eliminate this problem.
Auteur: VulDB
First395396397398399400401402403404Last

Événements SSI