jeudi 2 juillet 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

BIOTRONIK CardioMessenger II Network Authentication Credentials weak encryption

A vulnerability was found in BIOTRONIK CardioMessenger II (the affected version unknown). It has been classified as problematic. This affects an unknown code block of the component Network Authentication. There is no information about possible...
Auteur: VulDB

BIOTRONIK CardioMessenger II weak encryption [CVE-2019-18254]

A vulnerability was found in BIOTRONIK CardioMessenger II (affected version not known) and classified as problematic. Affected by this issue is an unknown code. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

BIOTRONIK CardioMessenger II Reuse weak authentication [CVE-2019-18252]

A vulnerability has been found in BIOTRONIK CardioMessenger II (affected version unknown) and classified as problematic. Affected by this vulnerability is an unknown part. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

BIOTRONIK CardioMessenger II weak encryption [CVE-2019-18248]

A vulnerability, which was classified as problematic, was found in BIOTRONIK CardioMessenger II (version unknown). Affected is some unknown functionality. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

BIOTRONIK CardioMessenger II weak authentication [CVE-2019-18246]

A vulnerability, which was classified as critical, has been found in BIOTRONIK CardioMessenger II (Messaging Software) (unknown version). This issue affects an unknown functionality. There is no information about possible countermeasures known....
Auteur: VulDB

Brocade Network Advisor 14.3.1 JBoss Administration Interface Default Credentials privilege escalation

A vulnerability classified as critical was found in Brocade Network Advisor 14.3.1. This vulnerability affects an unknown function of the component JBoss Administration Interface. There is no information about possible countermeasures known. It...
Auteur: VulDB

Lancement de la 5e édition du prix CNIL-Inria

La cinquième édition du prix CNIL-Inria « protection de la vie privée » commence le 1er juillet 2020. Ce prix européen a vocation à récompenser un article scientifique sur la protection des données personnelles et la vie privée paru entre janvier...
Auteur: Cnil

CERTFR-2020-AVI-394 : Multiples vulnérabilités dans le noyau Linux de SUSE (29 juin 2020)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire et un déni de service...
Auteur: Cert FR

CERTFR-2020-AVI-393 : Vulnérabilité dans Squid (29 juin 2020)

Une vulnérabilité a été découverte dans Squid. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Auteur: Cert FR

openSUSE Leap hylafax+ Package privilege escalation [CVE-2020-8024]

A vulnerability classified as critical has been found in openSUSE Leap (the affected version unknown). This affects some unknown processing of the component hylafax+ Package. Upgrading eliminates this vulnerability.
Auteur: VulDB

SuSE Enterprise Storage Tomcat Package privilege escalation [CVE-2020-8022]

A vulnerability was found in SuSE Enterprise Storage, Linux Enterprise Server, Linux Enterprise Server for SAP, OpenStack Cloud and OpenStack Cloud Crowbar (Operating System). It has been rated as critical. Affected by this issue is an unknown...
Auteur: VulDB

Atlassian JIRA Server/Data Center up to 7.13.8/8.4.1 Issue Navigator Basic Search cross site scripting

A vulnerability was found in Atlassian JIRA Server and Data Center up to 7.13.8/8.4.1 (Bug Tracking Software). It has been declared as problematic. Affected by this vulnerability is an unknown code of the component Issue Navigator Basic Search....
Auteur: VulDB

Atlassian JIRA Server/Data Center up to 7.13.8/8.4.1 UserPickerBrowser.jspa denial of service

A vulnerability was found in Atlassian JIRA Server and Data Center up to 7.13.8/8.4.1 (Bug Tracking Software). It has been classified as problematic. Affected is an unknown part of the file UserPickerBrowser.jspa. Upgrading to version 7.13.9 or...
Auteur: VulDB

Atlassian JIRA Server/Data Center up to 7.13.8/8.4.1 Convert Sub-Task to Issue Page information disclosure

A vulnerability was found in Atlassian JIRA Server and Data Center up to 7.13.8/8.4.1 (Bug Tracking Software) and classified as problematic. This issue affects some unknown functionality of the component Convert Sub-Task to Issue Page. Upgrading...
Auteur: VulDB

Atlassian JIRA Server/Data Center up to 7.13.8/8.4.1 cross site request forgery

A vulnerability has been found in Atlassian JIRA Server and Data Center up to 7.13.8/8.4.1 (Bug Tracking Software) and classified as problematic. This vulnerability affects an unknown functionality. Upgrading to version 7.13.9 or 8.4.2 eliminates...
Auteur: VulDB

Atlassian JIRA Server/Data Center up to 7.6.16/7.13.8/8.4.1 Comment information disclosure

A vulnerability, which was classified as problematic, was found in Atlassian JIRA Server and Data Center up to 7.6.16/7.13.8/8.4.1 (Bug Tracking Software). This affects an unknown function of the component Comment Handler. Upgrading to version...
Auteur: VulDB

LibRaw up to 0.20-Beta2 metadata\exif_gps.cpp parse_exif() tiff_nifds memory corruption

A vulnerability, which was classified as critical, has been found in LibRaw up to 0.20-Beta2 (Image Processing Software). Affected by this issue is the function parse_exif() of the file metadata\exif_gps.cpp. Upgrading to version 0.20-Beta3...
Auteur: VulDB

Nexos Theme up to 1.7 on WordPress top-map/ search_location cross site scripting

A vulnerability classified as problematic was found in Nexos Theme up to 1.7 on WordPress (WordPress Plugin). Affected by this vulnerability is an unknown code block of the file top-map/. There is no information about possible countermeasures...
Auteur: VulDB

Nexos Theme up to 1.7 on WordPress side-map/ search_order sql injection

A vulnerability classified as critical has been found in Nexos Theme up to 1.7 on WordPress (WordPress Plugin). Affected is an unknown code of the file side-map/. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Docker Desktop 2.3.0.3 com.docker.vmnetd privilege escalation

A vulnerability was found in Docker Desktop 2.3.0.3 (Virtualization Software). It has been rated as critical. This issue affects an unknown part of the component com.docker.vmnetd. There is no information about possible countermeasures known. It...
Auteur: VulDB

SQLite up to 3.32.2 Query Optimizer select.c multiSelectOrderBy memory corruption

A vulnerability was found in SQLite up to 3.32.2. It has been declared as critical. This vulnerability affects the function multiSelectOrderBy of the file select.c of the component Query Optimizer. Upgrading to version 3.32.3 eliminates this...
Auteur: VulDB

Magento up to 1.9.4.4/1.14.4.4/2.2.11/2.3.4 Remote Code Execution

A vulnerability was found in Magento up to 1.9.4.4/1.14.4.4/2.2.11/2.3.4. It has been classified as critical. This affects an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Magento up to 1.9.4.4/1.14.4.4/2.2.11/2.3.4 Remote Code Execution

A vulnerability was found in Magento up to 1.9.4.4/1.14.4.4/2.2.11/2.3.4 and classified as critical. Affected by this issue is an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Magento up to 1.9.4.4/1.14.4.4/2.2.11/2.3.4 Business Logic privilege escalation

A vulnerability has been found in Magento up to 1.9.4.4/1.14.4.4/2.2.11/2.3.4 and classified as critical. Affected by this vulnerability is some unknown processing of the component Business Logic Handler. There is no information about possible...
Auteur: VulDB

Adobe DNG Software Development Kit up to 1.5 Out-of-Bounds information disclosure

A vulnerability, which was classified as problematic, was found in Adobe DNG Software Development Kit up to 1.5. Affected is an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB
First45678910111213Last

Événements SSI