Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

QNAP QTS prior 4.4.3.1421 Build 20200907 command injection [CVE-2020-2490]

A vulnerability was found in QNAP QTS (Network Attached Storage Software). It has been rated as critical. This issue affects an unknown part. Upgrading to version 4.4.3.1421 Build 20200907 eliminates this vulnerability.
Auteur: VulDB

Daimler Mercedes HERMES 2.1 Debug Interface information disclosure

A vulnerability was found in Daimler Mercedes HERMES 2.1 (Vehicle Software). It has been declared as problematic. This vulnerability affects some unknown functionality of the component Debug Interface. There is no information about possible...
Auteur: VulDB

Daimler Mercedes HERMES 2.1 improper authentication [CVE-2019-19562]

A vulnerability was found in Daimler Mercedes HERMES 2.1 (Vehicle Software). It has been classified as problematic. This affects an unknown functionality. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Daimler Mercedes HERMES 1.5 Debug Interface information disclosure

A vulnerability was found in Daimler Mercedes HERMES 1.5 (Vehicle Software) and classified as problematic. Affected by this issue is an unknown function of the component Debug Interface. There is no information about possible countermeasures...
Auteur: VulDB

Daimler Mercedes HERMES 1.5 Debug Interface improper authentication

A vulnerability has been found in Daimler Mercedes HERMES 1.5 (Vehicle Software) and classified as problematic. Affected by this vulnerability is some unknown processing of the component Debug Interface. There is no information about possible...
Auteur: VulDB

Daimler Mercedes HERMES 1 Debug Interface information disclosure

A vulnerability, which was classified as problematic, was found in Daimler Mercedes HERMES 1 (Vehicle Software). Affected is an unknown code block of the component Debug Interface. There is no information about possible countermeasures known. It...
Auteur: VulDB

Daimler Mercedes HERMES 1 Debug Interface improper authentication

A vulnerability, which was classified as critical, has been found in Daimler Mercedes HERMES 1 (Vehicle Software). This issue affects an unknown code of the component Debug Interface. There is no information about possible countermeasures known....
Auteur: VulDB

air2020 : retrouvez l'évènement en vidéo

La CNIL publie la rediffusion du colloque air2020 sur le thème « Droit(s) et libertés numériques au travail : réalités et horizons » qui a eu lieu le 9 novembre 2020 en ligne.
Auteur: Cnil

Reddoxx MailDepot 2033 cross site scripting [CVE-2020-26554]

A vulnerability classified as problematic was found in Reddoxx MailDepot 2033. This vulnerability affects an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

doc-path up to 2.1.1 denial of service [CVE-2020-7772]

A vulnerability classified as problematic has been found in doc-path up to 2.1.1. This affects some unknown functionality. Upgrading to version 2.1.2 eliminates this vulnerability.
Auteur: VulDB

One Identity Password Manager 5.8 insertion of sensitive information into sent data

A vulnerability was found in One Identity Password Manager 5.8. It has been rated as problematic. Affected by this issue is an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Opera Touch up to 2.4.4 on iOS Address Bar clickjacking

A vulnerability was found in Opera Touch up to 2.4.4 on iOS (iOS App Software). It has been declared as problematic. Affected by this vulnerability is an unknown function of the component Address Bar Handler. Upgrading to version 2.4.5 eliminates...
Auteur: VulDB

Nagios XI 5.7.4 permission [CVE-2020-5796]

A vulnerability was found in Nagios XI 5.7.4 (Log Management Software). It has been classified as critical. Affected is some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Tomb up to 2.7 ask_password information disclosure

A vulnerability was found in Tomb up to 2.7 and classified as problematic. This issue affects the function ask_password. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Eclipse Hono 1.3.0/1.4.0 AMQP Protocol Adapter resource consumption

A vulnerability has been found in Eclipse Hono 1.3.0/1.4.0 and classified as problematic. This vulnerability affects an unknown code of the component AMQP Protocol Adapter. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Radar COVID on iOS/Android Notification information disclosure

A vulnerability, which was classified as problematic, was found in Radar COVID on iOS/Android (the affected version unknown). This affects an unknown part of the component Notification Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

Spree APIv2 authorization [CVE-2020-26223]

A vulnerability, which was classified as critical, has been found in Spree (affected version not known). Affected by this issue is some unknown functionality of the component APIv2. Applying a patch is able to eliminate this problem.
Auteur: VulDB

PassMark BurnInTest/OSForensics/PerformanceTest IOCTL DirectIo32.sys memory corruption

A vulnerability classified as critical was found in PassMark BurnInTest, OSForensics and PerformanceTest (affected version unknown). Affected by this vulnerability is an unknown functionality in the library DirectIo32.sys of the component IOCTL...
Auteur: VulDB

rConfig up to 3.9.6 lib/crud/userprocess.php improper authentication

A vulnerability classified as critical has been found in rConfig up to 3.9.6. Affected is an unknown function in the library lib/crud/userprocess.php. Upgrading to version 3.9.7 eliminates this vulnerability.
Auteur: VulDB

Intel Open WebRTC Toolkit up to 4.3.0 control flow [CVE-2020-12338]

A vulnerability was found in Intel Open WebRTC Toolkit up to 4.3.0. It has been rated as critical. Upgrading to version 4.3.1 eliminates this vulnerability.
Auteur: VulDB

Intel PROSet/Wireless WiFi prior 21.110 control flow [CVE-2020-12313]

A vulnerability was found in Intel PROSet and Wireless WiFi (Wireless LAN Software). It has been declared as critical. Upgrading to version 21.110 eliminates this vulnerability.
Auteur: VulDB

Intel CPU PMC access control [CVE-2020-0599]

A vulnerability was found in Intel CPU (Chip Software) (the affected version unknown). It has been classified as critical. This affects an unknown code of the component PMC. Upgrading eliminates this vulnerability.
Auteur: VulDB

Huawei Mate 30 prior 10.1.0.159(C00E159R7P2) buffer overflow

A vulnerability was found in Huawei Mate 30 (Smartphone Operating System) and classified as critical. Affected by this issue is an unknown part. Upgrading to version 10.1.0.159(C00E159R7P2) eliminates this vulnerability.
Auteur: VulDB

Huawei Secospace USG9500 injection.Affected command injection

A vulnerability has been found in Huawei NIP6300, NIP6600, Secospace USG6300, Secospace USG6500, Secospace USG6600 and Secospace USG9500 and classified as critical. Affected by this vulnerability is some unknown functionality of the file...
Auteur: VulDB

NetApp Element Software inadequate encryption [CVE-2020-8583]

A vulnerability, which was classified as problematic, was found in NetApp Element Software (version unknown). Affected is an unknown functionality. Upgrading eliminates this vulnerability.
Auteur: VulDB
First396397398399400401402403404405Last

Événements SSI