Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Google Chrome prior 86.0.4240.198 Site Isolation use after free

A vulnerability was found in Google Chrome (Web Browser). It has been declared as critical. This vulnerability affects an unknown functionality of the component Site Isolation. Upgrading to version 86.0.4240.198 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 86.0.4240.198 v8 Remote Code Execution

A vulnerability was found in Google Chrome (Web Browser). It has been classified as critical. This affects an unknown function of the component v8. Upgrading to version 86.0.4240.198 eliminates this vulnerability.
Auteur: VulDB

Huawei FusionCompute 8.0.0 Encryption Algorithm information disclosure

A vulnerability was found in Huawei FusionCompute 8.0.0 and classified as problematic. Affected by this issue is some unknown processing of the component Encryption Algorithm. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Good Layers LMS Plugin up to 2.1.4 on WordPress POST Parameter wp_ajax_nopriv id sql injection

A vulnerability has been found in Good Layers LMS Plugin up to 2.1.4 on WordPress (WordPress Plugin) and classified as critical. Affected by this vulnerability is the function wp_ajax_nopriv of the component POST Parameter Handler. There is no...
Auteur: VulDB

Cacti 1.2.13 Template Import templates_import.php xml_path cross site scripting

A vulnerability, which was classified as problematic, was found in Cacti 1.2.13 (Log Management Software). Affected is an unknown code of the file templates_import.php of the component Template Import Handler. Applying a patch is able to...
Auteur: VulDB

Python-RSA information disclosure [CVE-2020-25658]

A vulnerability, which was classified as problematic, has been found in Python-RSA (Programming Language Software) (unknown version). This issue affects an unknown part. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Apache CXF up to 3.3.7/3.4.0 /services cross site scripting

A vulnerability classified as problematic was found in Apache CXF up to 3.3.7/3.4.0 (Application Server Software). This vulnerability affects some unknown functionality of the file /services. Upgrading to version 3.3.8 or 3.4.1 eliminates this...
Auteur: VulDB

json8 up to 1.0.2 Prototype code injection

A vulnerability classified as critical has been found in json8 up to 1.0.2. This affects an unknown functionality of the component Prototype Handler. Upgrading to version 1.0.3 eliminates this vulnerability. Applying a patch is able to eliminate...
Auteur: VulDB

nodemailer up to 6.4.15 Email Address command injection

A vulnerability was found in nodemailer up to 6.4.15. It has been rated as critical. Affected by this issue is an unknown function of the component Email Address Handler. Upgrading to version 6.4.16 eliminates this vulnerability. Applying a patch...
Auteur: VulDB

McAfee Endpoint Security up to 10.7.0 Firewall ePO Extension cross site scripting

A vulnerability was found in McAfee Endpoint Security up to 10.7.0. It has been declared as problematic. Affected by this vulnerability is some unknown processing of the component Firewall ePO Extension. Applying a patch is able to eliminate this...
Auteur: VulDB

McAfee Endpoint Security up to 10.7.0 Firewall ePO Extension cross-site request forgery

A vulnerability was found in McAfee Endpoint Security up to 10.7.0. It has been classified as problematic. Affected is an unknown code block of the component Firewall ePO Extension. Applying a patch is able to eliminate this problem.
Auteur: VulDB

CERTFR-2020-AVI-739 : Multiples vulnérabilités dans les produits Microsoft (12 novembre 2020)

De multiples vulnérabilités ont été corrigées dans les produits Microsoft. Elles permettent à un attaquant de provoquer une élévation de privilèges, une exécution de code à distance, une atteinte à la confidentialité des données, un contournement...
Auteur: Cert FR

CERTFR-2020-AVI-738 : Multiples vulnérabilités dans Microsoft Windows (12 novembre 2020)

De multiples vulnérabilités ont été corrigées dans Microsoft Windows. Elles permettent à un attaquant de provoquer une élévation de privilèges, une exécution de code à distance, un contournement de la fonctionnalité de sécurité, une atteinte à la...
Auteur: Cert FR

CERTFR-2020-AVI-737 : Multiples vulnérabilités dans Microsoft Office (12 novembre 2020)

De multiples vulnérabilités ont été corrigées dans Microsoft Office. Elles permettent à un attaquant de provoquer une exécution de code à distance, un contournement de la fonctionnalité de sécurité, une atteinte à la confidentialité des données...
Auteur: Cert FR

CERTFR-2020-AVI-736 : Multiples vulnérabilités dans Microsoft Edge (12 novembre 2020)

De multiples vulnérabilités ont été corrigées dans Microsoft Edge. Elles permettent à un attaquant de provoquer une exécution de code à distance.

Auteur: Cert FR

CERTFR-2020-AVI-735 : Multiples vulnérabilités dans Microsoft IE (12 novembre 2020)

De multiples vulnérabilités ont été corrigées dans Microsoft IE. Elles permettent à un attaquant de provoquer une exécution de code à distance.

Auteur: Cert FR

McAfee Endpoint Security up to 10.7.0 unquoted search path

A vulnerability was found in McAfee Endpoint Security up to 10.7.0 and classified as problematic. This issue affects an unknown code of the component Security Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR1130 SIP sigcomp Message memory corruption

A vulnerability has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wearables (Chip Software) and classified as critical. This vulnerability affects...
Auteur: VulDB

Qualcomm Snapdragon Compute/Snapdragon Mobile up to SXR2130P memory corruption

A vulnerability, which was classified as critical, was found in Qualcomm Snapdragon Compute and Snapdragon Mobile (Chip Software). This affects some unknown functionality. Upgrading eliminates this vulnerability.
Auteur: VulDB

Qualcomm Snapdragon up to SDA855 DSP Process improper authorization

A vulnerability, which was classified as critical, has been found in Qualcomm Snapdragon (Chip Software). Affected by this issue is an unknown functionality of the component DSP Process Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

Qualcomm Snapdragon up to SDA855 DSP Services received memory corruption

A vulnerability classified as critical was found in Qualcomm Snapdragon (Chip Software). Affected by this vulnerability is an unknown function of the component DSP Services. Upgrading eliminates this vulnerability.
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130P LibFastCV buffer overflow

A vulnerability classified as critical has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT and Snapdragon Mobile (Chip Software). Affected is some unknown processing of the component...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130P Fastrpc received buffer overflow

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT and Snapdragon Mobile (Chip Software). It has been rated as critical. This issue affects an unknown code block of the...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130P integer overflow [CVE-2020-11205]

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute and Snapdragon Mobile (Chip Software). It has been declared as critical. This vulnerability affects an unknown code. Upgrading eliminates this vulnerability.
Auteur: VulDB

Qualcomm Snapdragon Auto up to SM8150P Library buffer overflow

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT and Snapdragon Mobile (Chip Software). It has been classified as critical. This affects an unknown part of the component...
Auteur: VulDB
First403404405406407408409410411412Last

Événements SSI