Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Microsoft Windows up to Server 2019 Media Foundation memory corruption

A vulnerability was found in Microsoft Windows (Operating System) and classified as critical. Affected by this issue is some unknown processing of the component Media Foundation. Applying a patch is able to eliminate this problem. A possible...
Auteur: VulDB

IBM QRadar up to 7.2.9 WinCollect Service denial of service

A vulnerability, which was classified as problematic, was found in IBM QRadar up to 7.2.9 (Log Management Software). Affected is an unknown code of the component WinCollect Service. Upgrading eliminates this vulnerability.
Auteur: VulDB

Red Hat CloudForms up to 5.11.6.x Role-Based Access Control API Request privilege escalation

A vulnerability, which was classified as critical, has been found in Red Hat CloudForms up to 5.11.6.x (Cloud Software). This issue affects an unknown part of the component Role-Based Access Control. Upgrading to version 5.11.7.0 eliminates this...
Auteur: VulDB

Red Hat CloudForms up to 5.11.6.x OS Command Injection privilege escalation

A vulnerability classified as critical was found in Red Hat CloudForms up to 5.11.6.x (Cloud Software). This vulnerability affects some unknown functionality. Upgrading to version 5.11.7.0 eliminates this vulnerability.
Auteur: VulDB

Red Hat Quay up to 3.3.0 Build Trigger information disclosure

A vulnerability classified as problematic has been found in Red Hat Quay up to 3.3.0. This affects an unknown functionality of the component Build Trigger Handler. Upgrading to version 3.3.1 eliminates this vulnerability.
Auteur: VulDB

Red Hat CloudForms 4.7/5.0 Server-Side Request Forgery [CVE-2020-14296]

A vulnerability was found in Red Hat CloudForms 4.7/5.0 (Cloud Software). It has been rated as critical. Affected by this issue is an unknown function. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Red Hat CloudForms 4.7/5.0 EVM-Operator Group privilege escalation

A vulnerability was found in Red Hat CloudForms 4.7/5.0 (Cloud Software). It has been declared as critical. Affected by this vulnerability is some unknown processing of the component EVM-Operator Group Handler. There is no information about...
Auteur: VulDB

Red Hat CloudForms 4.7/5.0 CSV Injection privilege escalation

A vulnerability was found in Red Hat CloudForms 4.7/5.0 (Cloud Software). It has been classified as critical. Affected is an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Red Hat CloudForms 4.7/5.0 Access Control privilege escalation

A vulnerability was found in Red Hat CloudForms 4.7/5.0 (Cloud Software) and classified as critical. This issue affects an unknown code of the component Access Control. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Red Hat CloudForms 4.7/5.0 Read-only Widget privilege escalation

A vulnerability has been found in Red Hat CloudForms 4.7/5.0 (Cloud Software) and classified as critical. This vulnerability affects an unknown part of the component Read-only Widget Handler. There is no information about possible countermeasures...
Auteur: VulDB

Red Hat CloudForms 4.7/5.0 Report Menu Stored cross site scripting

A vulnerability, which was classified as problematic, was found in Red Hat CloudForms 4.7/5.0 (Cloud Software). This affects some unknown functionality of the component Report Menu. There is no information about possible countermeasures known. It...
Auteur: VulDB

IBM QRadar up to 7.2.9 WinCollect Service privilege escalation

A vulnerability has been found in IBM QRadar up to 7.2.9 (Log Management Software) and classified as critical. Affected by this vulnerability is an unknown code block of the component WinCollect Service. Upgrading eliminates this vulnerability.
Auteur: VulDB

CERTFR-2020-AVI-496 : Multiples vulnérabilités dans Adobe Reader et Acrobat (11 août 2020)

De multiples vulnérabilités ont été découvertes dans Adobe Reader et Acrobat. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et un contournement de la politique de...
Auteur: Cert FR

CERTFR-2020-AVI-495 : Multiples vulnérabilités dans les produits SAP (11 août 2020)

De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un...
Auteur: Cert FR

CERTFR-2020-AVI-494 : [SCADA] Multiples vulnérabilités dans les produits Siemens (11 août 2020)

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à l'intégrité des données et une atteinte à la...
Auteur: Cert FR

CERTFR-2020-AVI-493 : [SCADA] Multiples vulnérabilités dans les produits Schneider Electric (11 août 2020)

De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de...
Auteur: Cert FR

CERTFR-2020-AVI-492 : Multiples vulnérabilités dans Citrix Endpoint Management (11 août 2020)

De multiples vulnérabilités ont été découvertes dans Citrix Endpoint Management. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Auteur: Cert FR

CERTFR-2020-AVI-491 : Multiples vulnérabilités dans Google Chrome (11 août 2020)

De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Auteur: Cert FR

FusionSphere OpenStack 8.0.0 Protection Mechanism privilege escalation

A vulnerability, which was classified as critical, has been found in FusionSphere OpenStack 8.0.0. Affected by this issue is an unknown functionality of the component Protection Mechanism. There is no information about possible countermeasures...
Auteur: VulDB

Huawei P30/P30 Pro denial of service [CVE-2020-9245]

A vulnerability classified as problematic was found in Huawei P30 and P30 Pro (Smartphone Operating System) (affected version unknown). Affected by this vulnerability is an unknown function. Upgrading eliminates this vulnerability.
Auteur: VulDB

Huawei Mate 30 prior 10.1.0.150(C00E136R5P3) denial of service

A vulnerability classified as problematic has been found in Huawei Mate 30 (Smartphone Operating System). Affected is some unknown processing. Upgrading to version 10.1.0.150(C00E136R5P3) eliminates this vulnerability.
Auteur: VulDB

FusionCompute 8.0.0 privilege escalation [CVE-2020-9078]

A vulnerability was found in FusionCompute 8.0.0. It has been rated as critical. This issue affects an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

TinyMCE up to 4.9.6/5.1.3 Core Parser/Paste Plugin/Visualchars Plugin cross site scripting

A vulnerability was found in TinyMCE up to 4.9.6/5.1.3. It has been declared as problematic. This vulnerability affects an unknown code of the component Core Parser/Paste Plugin/Visualchars Plugin. Upgrading to version 4.9.7 or 5.1.4 eliminates...
Auteur: VulDB

jpv up to 2.2.1 Validator unknown vulnerability [CVE-2020-17479]

A vulnerability was found in jpv up to 2.2.1. It has been classified as problematic. This affects an unknown part of the component Validator. Upgrading to version 2.2.2 eliminates this vulnerability.
Auteur: VulDB

Crypt::Perl up to 0.32 EC Point Multiplication ECDSA/EC/Point.pm Timing information disclosure

A vulnerability was found in Crypt::Perl up to 0.32 (Programming Language Software) and classified as problematic. Affected by this issue is some unknown functionality of the file ECDSA/EC/Point.pm of the component EC Point Multiplication...
Auteur: VulDB
First45678910111213Last

Événements SSI