Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

NetApp Element Software information disclosure [CVE-2020-8582]

A vulnerability, which was classified as problematic, has been found in NetApp Element Software (unknown version). This issue affects an unknown function. Upgrading eliminates this vulnerability.
Auteur: VulDB

Pixar OpenUSD 20.05 USD File heap-based buffer overflow

A vulnerability classified as critical was found in Pixar OpenUSD 20.05. This vulnerability affects some unknown processing of the component USD File Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Pixar OpenUSD 20.05 USD File heap-based buffer overflow

A vulnerability classified as critical has been found in Pixar OpenUSD 20.05. This affects an unknown code block of the component USD File Handler. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Pixar OpenUSD 20.05 Decompression heap-based buffer overflow

A vulnerability was found in Pixar OpenUSD 20.05. It has been rated as critical. Affected by this issue is an unknown code of the component Decompression Handler. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Pixar OpenUSD 20.05 USD File heap-based buffer overflow

A vulnerability was found in Pixar OpenUSD 20.05. It has been declared as critical. Affected by this vulnerability is an unknown part of the component USD File Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Pixar OpenUSD 20.05 Decompression heap-based buffer overflow

A vulnerability was found in Pixar OpenUSD 20.05. It has been classified as critical. Affected is some unknown functionality of the component Decompression Handler. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Pixar OpenUSD 20.05 Decompression heap-based buffer overflow

A vulnerability was found in Pixar OpenUSD 20.05 and classified as critical. This issue affects an unknown functionality of the component Decompression Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Valve Game Networking Sockets up to 1.1.x Statistics Message Received_Data denial of service

A vulnerability has been found in Valve Game Networking Sockets up to 1.1.x and classified as problematic. This vulnerability affects the function CConnectionTransportUDPBase::Received_Data of the component Statistics Message Handler. Upgrading...
Auteur: VulDB

IBM InfoSphere Information Server 11.7 History information disclosure

A vulnerability, which was classified as problematic, was found in IBM InfoSphere Information Server 11.7 (Reporting Software). This affects some unknown processing of the component History Handler. There is no information about possible...
Auteur: VulDB

SAP Fiori Launchpad up to 755 News Tile Application cross site scripting

A vulnerability, which was classified as problematic, has been found in SAP Fiori Launchpad up to 755. Affected by this issue is an unknown code block of the component News Tile Application. There is no information about possible countermeasures...
Auteur: VulDB

Dependabot up to 0.125.0 /$({curl injection

A vulnerability classified as critical was found in Dependabot up to 0.125.0. Affected by this vulnerability is an unknown code of the file /$({curl. Upgrading to version 0.125.1 eliminates this vulnerability.
Auteur: VulDB

CMSuno 1.6.2 username injection

A vulnerability classified as critical has been found in CMSuno 1.6.2. Affected is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Auteur: VulDB

CMSuno 1.6.2 /uno/central.php lang injection

A vulnerability was found in CMSuno 1.6.2. It has been rated as critical. This issue affects some unknown functionality of the file /uno/central.php. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

BD Alaris 8015 PC Unit/Alaris Systems Manager improper authentication

A vulnerability was found in BD Alaris 8015 PC Unit and Alaris Systems Manager (Medical Device Software) (the affected version is unknown). It has been declared as critical. This vulnerability affects an unknown functionality. There is no...
Auteur: VulDB

Nexcom NIO 50 cleartext transmission [CVE-2020-25155]

A vulnerability was found in Nexcom NIO 50 (the affected version unknown). It has been classified as problematic. This affects an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Nexcom NIO 50 input validation [CVE-2020-25151]

A vulnerability was found in Nexcom NIO 50 (affected version not known) and classified as problematic. Affected by this issue is some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

fastadmin-tp6 1.0 Ajax.php table sql injection

A vulnerability has been found in fastadmin-tp6 1.0 and classified as critical. Affected by this vulnerability is an unknown code block of the file app/admin/controller/Ajax.php. There is no information about possible countermeasures known. It...
Auteur: VulDB

Huawei Secospace USG6600 Protocol denial of service [CVE-2020-1847]

A vulnerability, which was classified as problematic, was found in Huawei NIP6300, NIP6600, Secospace USG6300, Secospace USG6500 and Secospace USG6600. Affected is an unknown code of the component Protocol Handler. Upgrading eliminates this...
Auteur: VulDB

CERTFR-2020-AVI-746 : Multiples vulnérabilités dans les produits Citrix (13 novembre 2020)

De multiples vulnérabilités ont été découvertes dans les produits Citrix. Elles permettent à un attaquant de provoquer une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.

Auteur: Cert FR

CERTFR-2020-AVI-749 : Multiples vulnérabilités dans Nagios XI (13 novembre 2020)

De multiples vulnérabilités ont été découvertes dans Nagios XI. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une injection de code indirecte à distance (XSS).

Auteur: Cert FR

CERTFR-2020-AVI-748 : Multiples vulnérabilités dans Google Chrome OS (13 novembre 2020)

De multiples vulnérabilités ont été découvertes dans Google Chrome OS. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Auteur: Cert FR

CERTFR-2020-AVI-747 : Multiples vulnérabilités dans les produits Apple (13 novembre 2020)

De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à l'intégrité des données et une atteinte à la confidentialité...
Auteur: Cert FR

Avaya WebLM up to 7.1.3.6/8.1.2 Admin Interface xml external entity reference

A vulnerability, which was classified as critical, has been found in Avaya WebLM up to 7.1.3.6/8.1.2. This issue affects an unknown part of the component Admin Interface. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Apache OpenOffice up to 4.1.7 Document cross site scripting

A vulnerability classified as problematic was found in Apache OpenOffice up to 4.1.7 (Office Suite Software). This vulnerability affects some unknown functionality of the component Document Handler. Upgrading to version 4.1.8 eliminates this...
Auteur: VulDB

CERTFR-2020-AVI-745 : Multiples vulnérabilités dans Palo Alto Networks PAN-OS (13 novembre 2020)

De multiples vulnérabilités ont été découvertes dans Palo Alto Networks PAN-OS. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité.
Auteur: Cert FR
First397398399400401402403404405406Last

Événements SSI