jeudi 12 décembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Google Chrome prior 79.0.3945.79 Blink privilege escalation

A vulnerability was found in Google Chrome (Web Browser). It has been rated as problematic. This issue affects some unknown functionality of the component Blink. Upgrading to version 79.0.3945.79 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 79.0.3945.79 Security UI HTML Page Domain spoofing

A vulnerability was found in Google Chrome (Web Browser). It has been declared as critical. This vulnerability affects an unknown functionality of the component Security UI. Upgrading to version 79.0.3945.79 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 79.0.3945.79 Policy Enforcement Domain spoofing

A vulnerability was found in Google Chrome (Web Browser). It has been classified as critical. This affects an unknown function of the component Policy Enforcement. Upgrading to version 79.0.3945.79 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 79.0.3945.79 Policy Enforcement HTML Page privilege escalation

A vulnerability was found in Google Chrome (Web Browser) and classified as critical. Affected by this issue is some unknown processing of the component Policy Enforcement. Upgrading to version 79.0.3945.79 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 79.0.3945.79 Policy Enforcement HTML Page information disclosure

A vulnerability has been found in Google Chrome and classified as problematic. Affected by this vulnerability is an unknown code block of the component Policy Enforcement. Upgrading to version 79.0.3945.79 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 79.0.3945.79 PDFium PDF File Integer Overflow memory corruption

A vulnerability, which was classified as critical, was found in Google Chrome. Affected is an unknown code of the component PDFium. Upgrading to version 79.0.3945.79 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 79.0.3945.79 Javascript HTML Page Out-of-Bounds memory corruption

A vulnerability, which was classified as critical, has been found in Google Chrome. This issue affects an unknown part of the component Javascript. Upgrading to version 79.0.3945.79 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 79.0.3945.79 SQLite HTML Page Out-of-Bounds memory corruption

A vulnerability classified as critical was found in Google Chrome. This vulnerability affects some unknown functionality of the component SQLite. Upgrading to version 79.0.3945.79 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 79.0.3945.79 WebAudio HTML Page Use-After-Free memory corruption

A vulnerability classified as critical has been found in Google Chrome. This affects an unknown functionality of the component WebAudio. Upgrading to version 79.0.3945.79 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 79.0.3945.79 Javascript HTML Page Heap-based memory corruption

A vulnerability was found in Google Chrome. It has been rated as critical. Affected by this issue is an unknown function of the component Javascript. Upgrading to version 79.0.3945.79 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 79.0.3945.79 WebSocket HTML Page Use-After-Free memory corruption

A vulnerability was found in Google Chrome. It has been declared as critical. Affected by this vulnerability is some unknown processing of the component WebSocket. Upgrading to version 79.0.3945.79 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 79.0.3945.79 Javascript HTML Page Out-of-Bounds memory corruption

A vulnerability was found in Google Chrome. It has been classified as critical. Affected is an unknown code block of the component Javascript. Upgrading to version 79.0.3945.79 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 79.0.3945.79 WebSocket HTML Page Same-Origin Policy privilege escalation

A vulnerability was found in Google Chrome and classified as critical. This issue affects an unknown code of the component WebSocket. Upgrading to version 79.0.3945.79 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 79.0.3945.79 Password Manager HTML Page memory corruption

A vulnerability has been found in Google Chrome and classified as critical. This vulnerability affects an unknown part of the component Password Manager. Upgrading to version 79.0.3945.79 eliminates this vulnerability.
Auteur: VulDB

CERTFR-2019-AVI-616 : Vulnérabilité dans Adobe ColdFusion (11 décembre 2019)

Une vulnérabilité a été découverte dans Adobe ColdFusion. Elle permet à un attaquant de provoquer une élévation de privilèges.

Auteur: Cert FR

Google Chrome prior 79.0.3945.79 Bluetooth HTML Page Use-After-Free memory corruption

A vulnerability, which was classified as critical, was found in Google Chrome. This affects some unknown functionality of the component Bluetooth. Upgrading to version 79.0.3945.79 eliminates this vulnerability.
Auteur: VulDB

Google Chrome prior 77.0.3865.75 on iOS Omnibox HTML Page spoofing

A vulnerability, which was classified as critical, has been found in Google Chrome on iOS. Affected by this issue is an unknown functionality of the component Omnibox. Upgrading to version 77.0.3865.75 eliminates this vulnerability.
Auteur: VulDB

OpenBSD Random Number Generator lib/libc/stdlib/random.c information disclosure

A vulnerability classified as problematic has been found in OpenBSD (version unknown). Affected is some unknown processing in the library lib/libc/stdlib/random.c of the component Random Number Generator. There is no information about possible...
Auteur: VulDB

Lenovo Power Management Driver up to 1.67 memory corruption [CVE-2019-6192]

A vulnerability classified as critical was found in Lenovo Power Management Driver up to 1.67 (Hardware Driver Software). This vulnerability affects an unknown functionality. Upgrading to version 1.67.17.48 eliminates this vulnerability.
Auteur: VulDB

Lenovo Energy Management Driver up to 15.11 on Windows 10 denial of service

A vulnerability classified as problematic has been found in Lenovo Energy Management Driver up to 15.11 on Windows 10 (Hardware Driver Software). This affects an unknown function. Upgrading to version 15.11.29.7 eliminates this vulnerability.
Auteur: VulDB

IBM WebSphere Application Server Web UI cross site scripting

A vulnerability was found in IBM WebSphere Application Server (affected version not known). It has been rated as problematic. Affected by this issue is some unknown processing of the component Web UI. There is no information about possible...
Auteur: VulDB

IBM Cloud Pak System 2.3 Platform System Manager CSV File CSV Injection privilege escalation

A vulnerability was found in IBM Cloud Pak System 2.3 (Cloud Software). It has been declared as critical. Affected by this vulnerability is an unknown code block of the component Platform System Manager. There is no information about possible...
Auteur: VulDB

IBM SmartCloud Analytics 1.3.1/1.3.2/1.3.3/1.3.4/1.3.5 Zookeeper privilege escalation

A vulnerability was found in IBM SmartCloud Analytics 1.3.1/1.3.2/1.3.3/1.3.4/1.3.5 (Cloud Software). It has been classified as critical. Affected is an unknown code of the component Zookeeper Handler. There is no information about possible...
Auteur: VulDB

IBM Cloud Pak System 2.3 cross site request forgery [CVE-2019-4095]

A vulnerability was found in IBM Cloud Pak System 2.3 and classified as problematic. This issue affects an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Last.fm Scrobbler up to 2.1.39 on macOS HTTP Requests Cleartext weak encryption

A vulnerability has been found in Last.fm Scrobbler up to 2.1.39 on macOS and classified as problematic. This vulnerability affects some unknown functionality. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB
First3456789101112Last

Événements SSI

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS