Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Apple iOS/iPadOS up to 14.2.1 FontParser memory corruption

A vulnerability was found in Apple iOS and iPadOS up to 14.2.1 (Smartphone Operating System). It has been classified as critical. This affects an unknown code block of the component FontParser. Upgrading to version 14.3 eliminates this...
Auteur: VulDB

Apple iOS/iPadOS up to 14.2.1 FontParser memory corruption

A vulnerability was found in Apple iOS and iPadOS up to 14.2.1 (Smartphone Operating System) and classified as critical. Affected by this issue is an unknown code of the component FontParser. Upgrading to version 14.3 eliminates this...
Auteur: VulDB

Apple iOS/iPadOS up to 14.2.1 FontParser information disclosure

A vulnerability has been found in Apple iOS and iPadOS up to 14.2.1 (Smartphone Operating System) and classified as critical. Affected by this vulnerability is an unknown part of the component FontParser. Upgrading to version 14.3 eliminates this...
Auteur: VulDB

Apple iOS/iPadOS up to 14.2.1 CoreAudio out-of-bounds read

A vulnerability, which was classified as critical, was found in Apple iOS and iPadOS up to 14.2.1 (Smartphone Operating System). Affected is some unknown functionality of the component CoreAudio. Upgrading to version 14.3 eliminates this...
Auteur: VulDB

Apple iOS/iPadOS up to 14.2.1 App Store state issue

A vulnerability, which was classified as problematic, has been found in Apple iOS and iPadOS up to 14.2.1 (Smartphone Operating System). This issue affects an unknown functionality of the component App Store. Upgrading to version 14.3 eliminates...
Auteur: VulDB

CERTFR-2020-AVI-821 : Multiples vulnérabilités dans les produits Apple (15 décembre 2020)

De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un contournement de la politique de sécurité et une atteinte à l'intégrité...
Auteur: Cert FR

curl up to 7.73.0 Certificate Revocation certificate validation

A vulnerability classified as critical was found in curl up to 7.73.0 (Network Utility Software). This vulnerability affects an unknown function of the component Certificate Revocation Handler. There is no information about possible...
Auteur: VulDB

haxx.se cURL up to 7.73.0 FTP Wildcard stack-based overflow

A vulnerability classified as critical has been found in haxx.se cURL up to 7.73.0 (Network Utility Software). This affects some unknown processing of the component FTP Wildcard Handler. There is no information about possible countermeasures...
Auteur: VulDB

curl up to 7.73.0 FTP PASV information disclosure

A vulnerability was found in curl up to 7.73.0 (Network Utility Software). It has been rated as problematic. Affected by this issue is an unknown code block of the component FTP PASV Handler. There is no information about possible countermeasures...
Auteur: VulDB

Citrix Virtual Apps/Virtual Desktops/XenApp/XenDesktop on Windows Universal Print Server privileges management

A vulnerability was found in Citrix Virtual Apps, Virtual Desktops, XenApp and XenDesktop on Windows (Connectivity Software) (affected version unknown). It has been declared as critical. Affected by this vulnerability is an unknown code of the...
Auteur: VulDB

Ubiquiti EdgePower 24V-54V up to 1.7.0 cross-site request forgery

A vulnerability was found in Ubiquiti EdgePower 24V-54V up to 1.7.0. It has been classified as problematic. Affected is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Citrix Gateway Plug-in up to 12.1-58.15/13.0-61.48 on Windows Services privileges management

A vulnerability was found in Citrix Gateway Plug-in up to 12.1-58.15/13.0-61.48 on Windows (Connectivity Software) and classified as critical. This issue affects some unknown functionality of the component Services. Upgrading eliminates this...
Auteur: VulDB

Citrix Gateway Plug-in up to 12.1-58.15/13.0-61.48 on Windows access control

A vulnerability has been found in Citrix Gateway Plug-in up to 12.1-58.15/13.0-61.48 on Windows (Connectivity Software) and classified as critical. This vulnerability affects an unknown functionality. Upgrading eliminates this vulnerability.
Auteur: VulDB

libcURL up to 7.71.1 Connection use after free

A vulnerability, which was classified as critical, was found in libcURL up to 7.71.1 (Network Utility Software). This affects an unknown function of the component Connection Handler. There is no information about possible countermeasures known....
Auteur: VulDB

curl up to 7.70.0 File Name injection

A vulnerability, which was classified as problematic, has been found in curl up to 7.70.0 (Network Utility Software). Affected by this issue is some unknown processing of the component File Name Handler. There is no information about possible...
Auteur: VulDB

curl up to 7.70.0 DNS Server information disclosure

A vulnerability classified as problematic was found in curl up to 7.70.0 (Network Utility Software). Affected by this vulnerability is an unknown code block of the component DNS Server Handler. There is no information about possible...
Auteur: VulDB

Jon Iles Packwood MPXJ up to 8.3.4 ZIP Stream InputStreamHelper.java pathname traversal

A vulnerability classified as critical has been found in Jon Iles Packwood MPXJ up to 8.3.4. Affected is an unknown code of the file common/InputStreamHelper.java of the component ZIP Stream Handler. Upgrading to version 8.3.5 eliminates this...
Auteur: VulDB

Gnome GLib up to 2.65.2 g_option_group_add_entries integer overflow [Disputed]

A vulnerability was found in Gnome GLib up to 2.65.2. It has been rated as critical. This issue affects the function g_option_group_add_entries. Upgrading to version 2.65.3 eliminates this vulnerability. The upgrade is hosted for download at...
Auteur: VulDB

Google Go Encoding XML Package encoding error [CVE-2020-29511]

A vulnerability was found in Google Go (Programming Language Software) (the affected version is unknown). It has been declared as critical. This vulnerability affects some unknown functionality of the component Encoding XML Package. The best...
Auteur: VulDB

Google Go up to 1.15 Encoding XML Package encoding error

A vulnerability was found in Google Go up to 1.15 (Programming Language Software). It has been classified as critical. This affects an unknown functionality of the component Encoding XML Package. The best possible mitigation is suggested to be...
Auteur: VulDB

Google Go Encoding XML Package encoding error [CVE-2020-29509]

A vulnerability was found in Google Go (Programming Language Software) (affected version not known) and classified as critical. Affected by this issue is an unknown function of the component Encoding XML Package. The best possible mitigation is...
Auteur: VulDB

SabaiApp Directories Pro Plugin up to 1.3.45 on WordPress CSV File cross site scripting

A vulnerability has been found in SabaiApp Directories Pro Plugin up to 1.3.45 on WordPress (WordPress Plugin) and classified as problematic. Affected by this vulnerability is some unknown processing of the component CSV File Handler. There is no...
Auteur: VulDB

SabaiApp Directories Pro Plugin 1.3.45 on WordPress _drts_form_build_id cross site scripting

A vulnerability, which was classified as problematic, was found in SabaiApp Directories Pro Plugin 1.3.45 on WordPress (WordPress Plugin). Affected is an unknown code block of the file /wp-admin/admin.php?page=drts/directories&q=%2F. There is no...
Auteur: VulDB

OpenAsset Digital Asset Management up to 12.0.19 /Stream/ProjectsCSV access control

A vulnerability, which was classified as critical, has been found in OpenAsset Digital Asset Management up to 12.0.19. This issue affects an unknown code of the file /Stream/ProjectsCSV. There is no information about possible countermeasures...
Auteur: VulDB

Unicenter Asset Management up to 12.0.19 sql injection [CVE-2020-28860]

A vulnerability classified as critical was found in Unicenter Asset Management up to 12.0.19. This vulnerability affects an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB
First405406407408409410411412413414Last

Événements SSI