Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

OpenClinic GA 5.173.3 listImmoLabels.jsp immoCode sql injection

A vulnerability classified as critical was found in OpenClinic GA 5.173.3. This vulnerability affects an unknown function of the file listImmoLabels.jsp. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

OpenClinic GA 5.173.3 listImmoLabels.jsp immoService sql injection

A vulnerability classified as critical has been found in OpenClinic GA 5.173.3. This affects some unknown processing of the file listImmoLabels.jsp. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

OpenClinic GA 5.173.3 listImmoLabels.jsp immoLocation sql injection

A vulnerability was found in OpenClinic GA 5.173.3. It has been rated as critical. Affected by this issue is an unknown code block of the file listImmoLabels.jsp. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

P4 Plugin up to 1.11.4 on Jenkins HTTP Endpoint authorization

A vulnerability was found in P4 Plugin up to 1.11.4 on Jenkins (Jenkins Plugin). It has been declared as critical. Affected by this vulnerability is an unknown code of the component HTTP Endpoint. There is no information about possible...
Auteur: VulDB

JetBrains IntelliJ IDEA up to 2020.3.2 XML information disclosure

A vulnerability was found in JetBrains IntelliJ IDEA up to 2020.3.2. It has been classified as problematic. Affected is an unknown part of the component XML Handler. Upgrading to version 2020.3.3 eliminates this vulnerability.
Auteur: VulDB

JetBrains PyCharm up to 2020.3.3 Project Local Privilege Escalation

A vulnerability was found in JetBrains PyCharm up to 2020.3.3 and classified as problematic. This issue affects some unknown functionality of the component Project Handler. Upgrading to version 2020.3.4 eliminates this vulnerability.
Auteur: VulDB

JetBrains IntelliJ IDEA 2020.3.3 Project Local Privilege Escalation

A vulnerability has been found in JetBrains IntelliJ IDEA 2020.3.3 and classified as problematic. This vulnerability affects an unknown functionality of the component Project Handler. There is no information about possible countermeasures known....
Auteur: VulDB

Samsung Galaxy S3 i9305 4.4.4 WPA/WPA2/WPA3 injection

A vulnerability, which was classified as critical, was found in Samsung Galaxy S3 i9305 4.4.4 (Smartphone Operating System). This affects an unknown function of the component WPA/WPA2/WPA3. There is no information about possible countermeasures...
Auteur: VulDB

Samsung Galaxy S3 i9305 4.4.4 WEP/WPA/WPA2/WPA3 injection

A vulnerability, which was classified as problematic, has been found in Samsung Galaxy S3 i9305 4.4.4 (Smartphone Operating System). Affected by this issue is some unknown processing of the component WEP/WPA/WPA2/WPA3. There is no information...
Auteur: VulDB

ALFA AWUS036ACH Driver 1030.36.604 on Win10 Network Configuration injection

A vulnerability classified as critical was found in ALFA AWUS036ACH Driver 1030.36.604 on Win10 (Hardware Driver Software). Affected by this vulnerability is an unknown code block of the component Network Configuration Handler. There is no...
Auteur: VulDB

ALFA AWUS036H Driver 6.1316.1209 on Win10 TKIP Frame improper enforcement of message integrity

A vulnerability classified as critical has been found in ALFA AWUS036H Driver 6.1316.1209 on Win10 (Hardware Driver Software). Affected is an unknown code of the component TKIP Frame Handler. There is no information about possible countermeasures...
Auteur: VulDB

ALFA AWUS036H Driver 6.1316.1209 on Win10 WEP/WPA/WPA2/WPA3 injection

A vulnerability was found in ALFA AWUS036H Driver 6.1316.1209 on Win10 (Hardware Driver Software). It has been rated as critical. This issue affects an unknown part of the component WEP/WPA/WPA2/WPA3. There is no information about possible...
Auteur: VulDB

SAP Business One Hana Chef Cookbook 8.82 up to 10.0 code injection

A vulnerability was found in SAP Business One Hana Chef Cookbook 8.82 up to 10.0. It has been declared as critical. This vulnerability affects some unknown functionality. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

SAP GUI 7.60/7.70 on Windows Website Remote Code Execution

A vulnerability was found in SAP GUI 7.60/7.70 on Windows. It has been classified as problematic. This affects an unknown functionality of the component Website Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

MikroTik RouterOS up to 6.46 /nova/bin/resolver memory corruption

A vulnerability was found in MikroTik RouterOS up to 6.46 (Router Operating System) and classified as critical. Affected by this issue is an unknown function of the file /nova/bin/resolver. Upgrading to version 6.47 eliminates this vulnerability.
Auteur: VulDB

MikroTik RouterOS up to 6.46 Packet wireless memory corruption

A vulnerability has been found in MikroTik RouterOS up to 6.46 (Router Operating System) and classified as critical. Affected by this vulnerability is some unknown processing of the file /ram/pckg/wireless/nova/bin/wireless of the component...
Auteur: VulDB

JetBrains TeamCity up to 2020.2.3 on Windows unknown vulnerability

A vulnerability, which was classified as problematic, was found in JetBrains TeamCity up to 2020.2.3 on Windows. Upgrading to version 2020.2.4 eliminates this vulnerability.
Auteur: VulDB

JetBrains TeamCity up to 2020.2.2 server-side request forgery

A vulnerability, which was classified as problematic, has been found in JetBrains TeamCity up to 2020.2.2. This issue affects an unknown code. Upgrading to version 2020.2.3 eliminates this vulnerability.
Auteur: VulDB

JetBrains YouTrack prior 2020.6.8801 Issue Preview information disclosure

A vulnerability classified as problematic was found in JetBrains YouTrack. This vulnerability affects an unknown part of the component Issue Preview. Upgrading to version 2020.6.8801 eliminates this vulnerability.
Auteur: VulDB

JetBrains WebStorm prior 2021.1 Untrusted Project Remote Code Execution

A vulnerability classified as critical has been found in JetBrains WebStorm. This affects some unknown functionality of the component Untrusted Project Handler. Upgrading to version 2021.1 eliminates this vulnerability.
Auteur: VulDB

JetBrains IntelliJ IDEA prior 2021.1 allocation of resources

A vulnerability was found in JetBrains IntelliJ IDEA. It has been rated as problematic. Affected by this issue is an unknown functionality. Upgrading to version 2021.1 eliminates this vulnerability.
Auteur: VulDB

CERTFR-2021-AVI-358 : Vulnérabilité dans VMware ONE UEM console (11 mai 2021)

Une vulnérabilité a été découverte dans VMware ONE UEM console. Elle permet à un attaquant de provoquer une injection de code indirecte à distance (XSS).

Auteur: Cert FR

CERTFR-2021-AVI-357 : [SCADA] Multiples vulnérabilités dans les produits Siemens (11 mai 2021)

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une élévation de privilèges.
Auteur: Cert FR

CERTFR-2021-AVI-356 : Multiples vulnérabilités dans les produits SAP (11 mai 2021)

De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité...
Auteur: Cert FR

CERTFR-2021-AVI-355 : Multiples vulnérabilités dans Google Chrome (11 mai 2021)

De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Auteur: Cert FR
First3456789101112Last

Événements SSI