Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Schneider Electric IGSS Definition up to 15.0.0.21140 WSP File Def.exe out-of-bounds write

A vulnerability classified as critical was found in Schneider Electric IGSS Definition up to 15.0.0.21140 (SCADA Software). Affected by this vulnerability is an unknown code of the file Def.exe of the component WSP File Handler. Applying a patch...
Auteur: VulDB

Schneider Electric IGSS Definition up to 15.0.0.21041 CGF File Def.exe out-of-bounds write

A vulnerability classified as critical has been found in Schneider Electric IGSS Definition up to 15.0.0.21041 (SCADA Software). Affected is an unknown part of the file Def.exe of the component CGF File Handler. Upgrading eliminates this...
Auteur: VulDB

Google Android 10.0/11.0 Bluetooth btif_sock_l2cap.cc on_l2cap_data_ind use after free

A vulnerability was found in Google Android 10.0/11.0 (Smartphone Operating System). It has been rated as critical. This issue affects the function on_l2cap_data_ind of the file btif_sock_l2cap.cc of the component Bluetooth Handler. Applying a...
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 avrc_api.cc avrc_msg_cback out-of-bounds write

A vulnerability was found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). It has been declared as critical. This vulnerability affects the function avrc_msg_cback of the file avrc_api.cc. Applying a patch is able to eliminate...
Auteur: VulDB

Google Android 8.1/9.0/10.0/11.0 NFC rw_t3t.cc rw_t3t_process_error uninitialized pointer

A vulnerability was found in Google Android 8.1/9.0/10.0/11.0 (Smartphone Operating System). It has been classified as critical. This affects the function rw_t3t_process_error of the file rw_t3t.cc of the component NFC. Applying a patch is able...
Auteur: VulDB

Google Android 10.0 ClientModeImpl.java startIpClient information disclosure

A vulnerability was found in Google Android 10.0 (Smartphone Operating System) and classified as problematic. Affected by this issue is the function startIpClient of the file ClientModeImpl.java. Applying a patch is able to eliminate this problem.
Auteur: VulDB

UnEGG up to 0.5 on Linux integer overflow [CVE-2020-7860]

A vulnerability has been found in UnEGG up to 0.5 on Linux and classified as critical. Affected by this vulnerability is an unknown code block. Upgrading to version 1.0 eliminates this vulnerability.
Auteur: VulDB

NetApp E-Series SANtricity OS Controller Software up to 11.70.0 Web Server denial of service

A vulnerability, which was classified as problematic, was found in NetApp E-Series SANtricity OS Controller Software up to 11.70.0. Affected is an unknown code of the component Web Server. Upgrading to version 11.70.1 eliminates this...
Auteur: VulDB

OpenPLC ScadaBR JSP File view_edit.shtm unrestricted upload

A vulnerability, which was classified as critical, has been found in OpenPLC ScadaBR (SCADA Software) (unknown version). This issue affects an unknown part of the file view_edit.shtm of the component JSP File Handler. There is no information...
Auteur: VulDB

Xen initialization [CVE-2021-28687]

A vulnerability classified as critical was found in Xen (Virtualization Software) (the affected version is unknown). This vulnerability affects some unknown functionality. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Schneider Electric IGSS Definition up to 15.0.0.21140 CGF File Def.exe path traversal

A vulnerability classified as critical has been found in Schneider Electric IGSS Definition up to 15.0.0.21140 (SCADA Software). This affects an unknown functionality of the file Def.exe of the component CGF File Handler. There is no information...
Auteur: VulDB

Schneider Electric IGSS Definition up to 15.0.0.21140 Def.exe memory corruption

A vulnerability was found in Schneider Electric IGSS Definition up to 15.0.0.21140 (SCADA Software). It has been rated as critical. Affected by this issue is an unknown function of the file Def.exe. There is no information about possible...
Auteur: VulDB

Schneider Electric IGSS Definition up to 15.0.0.21140 CGF File Def.exe out-of-bounds read

A vulnerability was found in Schneider Electric IGSS Definition up to 15.0.0.21140 (SCADA Software). It has been declared as problematic. Affected by this vulnerability is some unknown processing of the file Def.exe of the component CGF File...
Auteur: VulDB

Schneider Electric IGSS Definition up to 15.0.0.21140 CGF File Def.exe out-of-bounds read

A vulnerability was found in Schneider Electric IGSS Definition up to 15.0.0.21140 (SCADA Software). It has been classified as problematic. Affected is an unknown code block of the file Def.exe of the component CGF File Handler. There is no...
Auteur: VulDB

Schneider Electric IGSS Definition up to 15.0.0.21140 CGF File Def.exe out-of-bounds write

A vulnerability was found in Schneider Electric IGSS Definition up to 15.0.0.21140 (SCADA Software) and classified as critical. This issue affects an unknown code of the file Def.exe of the component CGF File Handler. There is no information...
Auteur: VulDB

Mitsubishi Electricssion MELSEC iQ-R series CPU Module MELSOFT Transmission Port resource consumption

A vulnerability has been found in Mitsubishi Electricssion MELSEC iQ-R series CPU Module (Chip Software) (the affected version is unknown) and classified as problematic. This vulnerability affects an unknown part of the component MELSOFT...
Auteur: VulDB

NetApp E-Series SANtricity OS Controller Software up to 11.70.0 Configuration information disclosure

A vulnerability, which was classified as problematic, was found in NetApp E-Series SANtricity OS Controller Software up to 11.70.0. This affects some unknown functionality of the component Configuration Handler. Upgrading to version 11.70.1...
Auteur: VulDB

actionpack Gem up to 5.2.4.5/5.2.5/6.0.3.6/6.1.3.1 on Ruby Action Controller resource consumption

A vulnerability, which was classified as problematic, has been found in actionpack Gem up to 5.2.4.5/5.2.5/6.0.3.6/6.1.3.1 on Ruby (Ruby Gem). Affected by this issue is the function...
Auteur: VulDB

actionpack Gem up to 6.0.3.6/6.1.3.1 on Ruby Mime Type Parser resource consumption

A vulnerability classified as problematic was found in actionpack Gem up to 6.0.3.6/6.1.3.1 on Ruby (Ruby Gem). Affected by this vulnerability is an unknown function of the component Mime Type Parser. Upgrading to version 6.0.3.7 or 6.1.3.2...
Auteur: VulDB

Drupal Form API cross-site request forgery [CVE-2020-13663]

A vulnerability classified as problematic has been found in Drupal (Content Management System) (version unknown). Affected is some unknown processing of the component Form API. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Drupal up to 8.8.9/8.9.5/9.0.5 Forms cross site scripting

A vulnerability was found in Drupal up to 8.8.9/8.9.5/9.0.5 (Content Management System). It has been rated as problematic. This issue affects an unknown code block of the component Forms Handler. Upgrading to version 8.8.10, 8.9.6 or 9.0.6...
Auteur: VulDB

actionpack Gem up to 6.1.3.1 on Ruby Host Authorization Middleware redirect

A vulnerability was found in actionpack Gem up to 6.1.3.1 on Ruby (Ruby Gem). It has been declared as critical. This vulnerability affects an unknown code of the component Host Authorization Middleware. Upgrading to version 6.1.3.2 eliminates...
Auteur: VulDB

IBM QRadar Analyst Workflow App up to 1.18.0 information disclosure

A vulnerability was found in IBM QRadar Analyst Workflow App up to 1.18.0 (Log Management Software). It has been classified as problematic. This affects an unknown part. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

cURL up to 7.76.1 TLS 1.3 Session Ticket use after free

A vulnerability was found in cURL up to 7.76.1 (Network Utility Software) and classified as critical. Affected by this issue is some unknown functionality of the component TLS 1.3 Session Ticket Handler. Applying a patch is able to eliminate this...
Auteur: VulDB

IBM Financial Transaction Manager 3.2.4 xml external entity reference

A vulnerability has been found in IBM Financial Transaction Manager 3.2.4 (Financial Software) and classified as critical. Affected by this vulnerability is an unknown functionality. There is no information about possible countermeasures known....
Auteur: VulDB
12345678910Last

Événements SSI