Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Qualcomm Snapdragon Industrial IOT/Snapdragon Mobile SDI Local Privilege Escalation

A vulnerability has been found in Qualcomm Snapdragon Industrial IOT and Snapdragon Mobile (Chip Software) (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown code of the component SDI. Applying a...
Auteur: VulDB

Qualcomm Snapdragon Auto Histogram memory corruption [CVE-2020-11237]

A vulnerability, which was classified as critical, was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity and Snapdragon Mobile (Chip Software) (version unknown). Affected is an unknown part of the component Histogram...
Auteur: VulDB

Qualcomm Snapdragon Auto Dimensions memory corruption [CVE-2020-11236]

A vulnerability, which was classified as critical, has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity and Snapdragon Mobile (Chip Software) (unknown version). This issue affects some unknown functionality of...
Auteur: VulDB

Qualcomm Snapdragon Auto Socket Event use after free [CVE-2020-11234]

A vulnerability classified as critical was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...
Auteur: VulDB

Qualcomm Snapdragon Compute Thread heap-based overflow [CVE-2020-11231]

A vulnerability classified as critical has been found in Qualcomm Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT and Snapdragon Mobile (Chip Software). This affects an unknown function of the...
Auteur: VulDB

Qualcomm Snapdragon Connectivity RPM memory corruption [CVE-2020-11210]

A vulnerability was found in Qualcomm Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wired Infrastructure and Networking (Chip Software) (affected version not known). It has been rated as critical. Affected...
Auteur: VulDB

Qualcomm Snapdragon Auto SDP out-of-bounds read [CVE-2020-11191]

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...
Auteur: VulDB

Linux Kernel up to 5.11.11 SynIC Hyper-V arch/x86/kvm/hyperv.c synic_get null pointer dereference

A vulnerability was found in Linux Kernel up to 5.11.11 (Operating System). It has been classified as problematic. Affected is the function synic_get of the file arch/x86/kvm/hyperv.c of the component SynIC Hyper-V. Applying a patch is able to...
Auteur: VulDB

DMA Softlab Radius Manager 4.4.0 admin.php cross-site request forgery

A vulnerability was found in DMA Softlab Radius Manager 4.4.0 and classified as problematic. This issue affects an unknown part of the file admin.php. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Linux Kernel up to 5.6 KVM Subsystem arch/s390/kvm/kvm-s390.c unknown vulnerability

A vulnerability has been found in Linux Kernel up to 5.6 (Operating System) and classified as problematic. This vulnerability affects some unknown functionality of the file arch/s390/kvm/kvm-s390.c of the component KVM Subsystem. Upgrading to...
Auteur: VulDB

Linux Kernel up to 5.8.9 virt/kvm/kvm_main.c kvm_io_bus_unregister_dev memory leak

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.8.9 (Operating System). This affects the function kvm_io_bus_unregister_dev of the file virt/kvm/kvm_main.c. Upgrading to version 5.8.10 eliminates this...
Auteur: VulDB

Linux Kernel up to 5.8 SEV VM arch/x86/kvm/svm/sev.c denial of service

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.8 (Operating System). Affected by this issue is an unknown function of the file arch/x86/kvm/svm/sev.c of the component SEV VM Handler. Upgrading to...
Auteur: VulDB

Linux Kernel up to 5.7 arch/x86/kvm/svm/svm.c set_memory_region_test infinite loop

A vulnerability classified as problematic was found in Linux Kernel up to 5.7 (Operating System). Affected by this vulnerability is the function set_memory_region_test of the file arch/x86/kvm/svm/svm.c. Upgrading to version 5.8 eliminates this...
Auteur: VulDB

CERTFR-2021-AVI-244 : Multiples vulnérabilités dans les produits Fortinet (07 avril 2021)

De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Elles permettent à un attaquant de provoquer un déni de service à distance et une atteinte à la confidentialité des données.

Auteur: Cert FR

CERTFR-2021-AVI-243 : Vulnérabilité dans MongoDB Compass (07 avril 2021)

Une vulnérabilité a été découverte dans MongoDB Compass. Elle permet à un attaquant de provoquer une élévation de privilèges.

Auteur: Cert FR

CERTFR-2021-AVI-242 : Multiples vulnérabilités dans le noyau Linux de Red Hat (07 avril 2021)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la...
Auteur: Cert FR

CERTFR-2021-AVI-241 : Multiples vulnérabilités dans le noyau Linux d’Ubuntu (07 avril 2021)

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à l'intégrité des données.

Auteur: Cert FR

Proofpoint Insider Threat Management Server up to 7.11.0 Web Console improper authorization

A vulnerability classified as critical has been found in Proofpoint Insider Threat Management Server up to 7.11.0. Affected is an unknown code block of the component Web Console. Upgrading to version 7.11.1 eliminates this vulnerability.
Auteur: VulDB

Proofpoint Insider Threat Management Agents up to 7.11.0 on macOS/Linux channel accessible

A vulnerability was found in Proofpoint Insider Threat Management Agents up to 7.11.0 on macOS/Linux. It has been rated as critical. This issue affects an unknown code. Upgrading to version 7.11.1 eliminates this vulnerability.
Auteur: VulDB

Teradici PCoIP Connection Manager and Security Gateway prior 21.01.3 log file

A vulnerability was found in Teradici PCoIP Connection Manager and Security Gateway. It has been declared as problematic. This vulnerability affects an unknown part. Upgrading to version 21.01.3 eliminates this vulnerability.
Auteur: VulDB

Proofpoint Insider Threat Management Server up to 7.10 Web Console xml external entity reference

A vulnerability was found in Proofpoint Insider Threat Management Server up to 7.10. It has been classified as critical. This affects some unknown functionality of the component Web Console. Upgrading to version 7.11 eliminates this vulnerability.
Auteur: VulDB

Proofpoint Insider Threat Management Server up to 7.11.0 cross site scripting

A vulnerability was found in Proofpoint Insider Threat Management Server up to 7.11.0 and classified as problematic. Affected by this issue is an unknown functionality. Upgrading to version 7.11.1 eliminates this vulnerability.
Auteur: VulDB

projen Project Configuration Remote Privilege Escalation [CVE-2021-21423]

A vulnerability has been found in projen (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown function of the component Project Configuration Handler. Applying a patch is able to eliminate this...
Auteur: VulDB

Syncthing up to 1.14.x Relay Messages denial of service

A vulnerability, which was classified as problematic, was found in Syncthing up to 1.14.x. Affected is some unknown processing of the component Relay Messages Handler. Upgrading to version 1.15.0 eliminates this vulnerability. The upgrade is...
Auteur: VulDB

ngx_http_lua_module up to 0.10.15 API an unknown vulnerability

A vulnerability, which was classified as problematic, has been found in ngx_http_lua_module up to 0.10.15. This issue affects an unknown code block of the component API. Upgrading to version 0.10.16 eliminates this vulnerability. The upgrade is...
Auteur: VulDB
First234567891011Last

Événements SSI