Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Stockdio Historical Chart Plugin up to 2.8.0 on WordPress stockdio_chart_historical-wp.js postMessage cross site scripting

A vulnerability has been found in Stockdio Historical Chart Plugin up to 2.8.0 on WordPress (WordPress Plugin) and classified as problematic. Affected by this vulnerability is the function postMessage of the file...
Auteur: VulDB

SOOIL Diabecare RS/AnyDana-i/AnyDana-A prior 3.0 Bluetooth LE authentication replay

A vulnerability, which was classified as critical, was found in SOOIL Diabecare RS, AnyDana-i and AnyDana-A (Medical Device Software). Affected is some unknown processing of the component Bluetooth LE Handler. Upgrading to version 3.0 eliminates...
Auteur: VulDB

SOOIL Diabecare RS/AnyDana-i/AnyDana-A up to 2.x Bluetooth LE information disclosure

A vulnerability, which was classified as problematic, has been found in SOOIL Diabecare RS, AnyDana-i and AnyDana-A up to 2.x. This issue affects an unknown code block of the component Bluetooth LE Handler. Upgrading to version 3.0 eliminates...
Auteur: VulDB

SOOIL Diabecare RS/AnyDana-i/AnyDana-A up to 2.x Bluetooth LE improper authentication

A vulnerability classified as critical was found in SOOIL Diabecare RS, AnyDana-i and AnyDana-A up to 2.x (Medical Device Software). This vulnerability affects an unknown code of the component Bluetooth LE Handler. Upgrading to version 3.0...
Auteur: VulDB

SOOIL Diabecare RS/AnyDana-i/AnyDana-A up to 2.x Bluetooth LE random values

A vulnerability classified as problematic has been found in SOOIL Diabecare RS, AnyDana-i and AnyDana-A up to 2.x (Medical Device Software). This affects an unknown part of the component Bluetooth LE Handler. Upgrading to version 3.0 eliminates...
Auteur: VulDB

SOOIL Diabecare RS/AnyDana-i/AnyDana-A up to 2.x Bluetooth LE insufficiently protected credentials

A vulnerability was found in SOOIL Diabecare RS, AnyDana-i and AnyDana-A up to 2.x (Medical Device Software). It has been rated as critical. Affected by this issue is some unknown functionality of the component Bluetooth LE Handler. Upgrading to...
Auteur: VulDB

SOOIL Diabecare RS/AnyDana-i/AnyDana-A up to 2.x Physician Menu hard-coded credentials

A vulnerability was found in SOOIL Diabecare RS, AnyDana-i and AnyDana-A up to 2.x (Medical Device Software). It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Physician Menu. Upgrading...
Auteur: VulDB

Simple DirectMedia Layer up to 2.0.12 BMP File video/SDL_blit_N.c Blit_3or4_to_3or4__inversed_rgb heap-based overflow

A vulnerability was found in Simple DirectMedia Layer up to 2.0.12. It has been classified as critical. Affected is the function Blit_3or4_to_3or4__inversed_rgb of the file video/SDL_blit_N.c of the component BMP File Handler. There is no...
Auteur: VulDB

Simple DirectMedia Layer up to 2.0.12 BMP File video/SDL_blit_copy.c SDL_BlitCopy integer overflow

A vulnerability was found in Simple DirectMedia Layer up to 2.0.12 and classified as critical. This issue affects the function SDL_BlitCopy of the file video/SDL_blit_copy.c of the component BMP File Handler. There is no information about...
Auteur: VulDB

Apache Guacamole up to 1.2.0 Connection History permission

A vulnerability has been found in Apache Guacamole up to 1.2.0 and classified as critical. This vulnerability affects an unknown code block of the component Connection History. There is no information about possible countermeasures known. It may...
Auteur: VulDB

QEMU ATAPI Emulator out-of-bounds read [CVE-2020-29443]

A vulnerability, which was classified as problematic, was found in QEMU (Virtualization Software) (the affected version unknown). This affects an unknown code of the component ATAPI Emulator. Applying a patch is able to eliminate this problem....
Auteur: VulDB

Backdoor.Win32.Whisper.b Service Port 113 C:\Windows\rundll32.exe stack-based overflow

A vulnerability, which was classified as critical, has been found in Backdoor.Win32.Whisper.b (Remote Access Software) (affected version not known). Affected by this issue is an unknown part in the library C:\Windows\rundll32.exe of the component...
Auteur: VulDB

Backdoor.Win32.Whirlpool.10 UDP Datagram user32.dll stack-based overflow

A vulnerability classified as critical was found in Backdoor.Win32.Whirlpool.10 (Remote Access Software) (affected version unknown). Affected by this vulnerability is some unknown functionality in the library user32.dll of the component UDP...
Auteur: VulDB

Backdoor.Win32.Zombam.geq HTTP GET Request stack-based overflow

A vulnerability classified as critical has been found in Backdoor.Win32.Zombam.geq (Remote Access Software) (version unknown). Affected is an unknown functionality of the component HTTP GET Request Handler. There is no information about possible...
Auteur: VulDB

FasterXML jackson-databind up to 2.9.10.6 deserialization [CVE-2021-20190]

A vulnerability was found in FasterXML jackson-databind up to 2.9.10.6 (Programming Language Software). It has been rated as problematic. This issue affects an unknown function. Upgrading to version 2.9.10.7 eliminates this vulnerability.
Auteur: VulDB

NetApp Clustered Data ONTAP up to 9.3P19/9.4 VMware vStorage Support unknown vulnerability

A vulnerability was found in NetApp Clustered Data ONTAP up to 9.3P19/9.4. It has been declared as problematic. This vulnerability affects some unknown processing of the component VMware vStorage Support. Upgrading to version 9.3P20 or 9.5...
Auteur: VulDB

TinyCheck Installation hard-coded credentials [CVE-2020-35929]

A vulnerability was found in TinyCheck (the affected version unknown). It has been classified as critical. This affects an unknown code block of the component Installation Handler. Applying the patch 9fd360d/ea53de8 is able to eliminate this...
Auteur: VulDB

SOOIL DiabecareRS/AnyDana-i/AnyDana-A up to 2.x Bluetooth LE authentication spoofing

A vulnerability was found in SOOIL DiabecareRS, AnyDana-i and AnyDana-A up to 2.x (Medical Device Software) and classified as problematic. Affected by this issue is an unknown code of the component Bluetooth LE Handler. Upgrading to version 3.0...
Auteur: VulDB

SOOIL DiabecareRS/AnyDana-i/AnyDana-A Bluetooth LE inadequate encryption

A vulnerability has been found in SOOIL DiabecareRS, AnyDana-i and AnyDana-A (affected version unknown) and classified as problematic. Affected by this vulnerability is an unknown part of the component Bluetooth LE Handler. Upgrading eliminates...
Auteur: VulDB

SOOIL DiabecareRS/AnyDana-i/AnyDana-A Bluetooth LE insufficiently protected credentials

A vulnerability, which was classified as problematic, was found in SOOIL DiabecareRS, AnyDana-i and AnyDana-A (version unknown). Affected is some unknown functionality of the component Bluetooth LE Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

MISP 2.4.136 global_menu.ctp cross site scripting

A vulnerability, which was classified as problematic, has been found in MISP 2.4.136. This issue affects an unknown functionality of the file app/View/Elements/global_menu.ctp. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Files.com Fat Client 3.3.6 improper authentication [CVE-2021-3183]

A vulnerability classified as critical was found in Files.com Fat Client 3.3.6. This vulnerability affects an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected object with...
Auteur: VulDB

D-Link DCS-5220 buffer overflow [CVE-2021-3182]

A vulnerability classified as critical has been found in D-Link DCS-5220 (the affected version unknown). This affects some unknown processing. The problem might be mitigated by replacing the product with as an alternative.
Auteur: VulDB

Mutt up to 2.0.4 Email Message rfc822.c memory allocation

A vulnerability was found in Mutt up to 2.0.4 (Mail Client Software). It has been rated as problematic. Affected by this issue is an unknown code block of the file rfc822.c of the component Email Message Handler. Applying a patch is able to...
Auteur: VulDB

MISP 2.4.136 Galaxy Cluster Element index.ctp cross site scripting

A vulnerability was found in MISP 2.4.136. It has been declared as problematic. Affected by this vulnerability is an unknown code of the file app/View/GalaxyElements/ajax/index.ctp of the component Galaxy Cluster Element Handler. Applying a patch...
Auteur: VulDB
First234567891011Last

Événements SSI