Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

NTPsec 1.2.0 ntpkeygen inadequate encryption

A vulnerability classified as problematic has been found in NTPsec 1.2.0. This affects some unknown functionality of the component ntpkeygen. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Squid Web Proxy up to 4.14/5.0.5 HTTP Range Request denial of service

A vulnerability was found in Squid Web Proxy up to 4.14/5.0.5 (Firewall Software). It has been rated as problematic. Affected by this issue is an unknown functionality of the component HTTP Range Request Handler. Upgrading to version 4.15 or...
Auteur: VulDB

GitLab up to 13.10.4/13.11.4/13.12.1 Password Expiration improper authentication

A vulnerability was found in GitLab up to 13.10.4/13.11.4/13.12.1 (Bug Tracking Software). It has been declared as critical. Affected by this vulnerability is an unknown function of the component Password Expiration Handler. Upgrading to version...
Auteur: VulDB

Google Asylo up to 0.6.1 uninitialized pointer [CVE-2021-22549]

A vulnerability was found in Google Asylo up to 0.6.1. It has been classified as problematic. Upgrading to version 0.6.2 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at...
Auteur: VulDB

Google Asylo up to 0.6.1 Pointer out-of-bounds write

A vulnerability was found in Google Asylo up to 0.6.1 and classified as critical. This issue affects an unknown code block of the component Pointer Handler. Upgrading to version 0.6.2 eliminates this vulnerability. Applying a patch is able to...
Auteur: VulDB

Apache APISIX Dashboard up to 2.6.0 excessive authentication

A vulnerability has been found in Apache APISIX Dashboard up to 2.6.0 (Forum Software) and classified as problematic. This vulnerability affects an unknown code. Upgrading to version 2.6.1 eliminates this vulnerability.
Auteur: VulDB

Google Asylo up to 0.6.2 UntrustedCacheMalloc memory corruption

A vulnerability, which was classified as critical, was found in Google Asylo up to 0.6.2. This affects the function UntrustedCacheMalloc. Upgrading to version 0.6.3 eliminates this vulnerability. Applying a patch is able to eliminate this...
Auteur: VulDB

Django up to 2.2.23/3.1.11/3.2.3 access control [CVE-2021-33571]

A vulnerability, which was classified as critical, has been found in Django up to 2.2.23/3.1.11/3.2.3 (Content Management System). Affected by this issue is the function URLValidator/validate_ipv4_address/validate_ipv46_address. Upgrading to...
Auteur: VulDB

Zope up to 4.6.0/5.20 TAL Expression pathname traversal

A vulnerability classified as critical was found in Zope up to 4.6.0/5.20 (Application Server Software). Affected by this vulnerability is an unknown functionality of the component TAL Expression Handler. Upgrading to version 4.6.1 or 5.21...
Auteur: VulDB

Linux Kernel 3.13 HCI Device Initialization Subsystem use after free

A vulnerability classified as critical has been found in Linux Kernel 3.13 (Operating System). Affected is an unknown function of the component HCI Device Initialization Subsystem. There is no information about possible countermeasures known. It...
Auteur: VulDB

ICEcoder 8.0 multipe-results.php replace cross site scripting

A vulnerability was found in ICEcoder 8.0. It has been rated as problematic. This issue affects some unknown processing of the file multipe-results.php. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Backdoor.Win32.Wuca.nz C:\112.vbe permission

A vulnerability was found in Backdoor.Win32.Wuca.nz (Remote Access Software) (the affected version is unknown). It has been declared as critical. This vulnerability affects an unknown code block of the file C:\112.vbe. There is no information...
Auteur: VulDB

Backdoor.Win32.XRat.d Service Port 20888 backdoor

A vulnerability was found in Backdoor.Win32.XRat.d (Remote Access Software) (the affected version unknown). It has been classified as critical. This affects an unknown code of the component Service Port 20888. It is possible to mitigate the...
Auteur: VulDB

Microsoft Windows 7 SP1 up to Server 2019 MSHTML Platform Remote Code Execution

A vulnerability was found in Microsoft Windows (Operating System) and classified as critical. Affected by this issue is an unknown part of the component MSHTML Platform. Applying a patch is able to eliminate this problem. A possible mitigation...
Auteur: VulDB

Microsoft Edge Remote Code Execution [CVE-2021-33741]

A vulnerability has been found in Microsoft Edge (Web Browser) (affected version unknown) and classified as critical. Applying a patch is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of...
Auteur: VulDB

Microsoft Windows 10 20H2 up to Server 2004 DWM Core Library Remote Privilege Escalation

A vulnerability, which was classified as very critical, was found in Microsoft Windows 10 1909 up to Server 2004 (Operating System). Affected is an unknown functionality of the component DWM Core Library. Applying a patch is able to eliminate...
Auteur: VulDB

Microsoft Malware Protection Engine Remote Code Execution [CVE-2021-31985]

A vulnerability, which was classified as critical, has been found in Microsoft Malware Protection Engine (Anti-Malware Software) (unknown version). Applying a patch is able to eliminate this problem. A possible mitigation has been published...
Auteur: VulDB

Microsoft Paint 3D Remote Code Execution [CVE-2021-31983]

A vulnerability classified as critical was found in Microsoft Paint 3D (the affected version is unknown). Applying a patch is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of the...
Auteur: VulDB

Microsoft Intune Management Extension Remote Code Execution [CVE-2021-31980]

A vulnerability classified as critical has been found in Microsoft Intune Management Extension (the affected version unknown). Applying a patch is able to eliminate this problem. A possible mitigation has been published immediately after the...
Auteur: VulDB

Microsoft Malware Protection Engine denial of service [CVE-2021-31978]

A vulnerability was found in Microsoft Malware Protection Engine (Anti-Malware Software) (affected version not known). It has been rated as problematic. Affected by this issue is an unknown code. Applying a patch is able to eliminate this...
Auteur: VulDB

Microsoft Windows 10 up to Server 2019 Hyper-V denial of service

A vulnerability was found in Microsoft Windows (Operating System). It has been declared as critical. Affected by this vulnerability is an unknown part of the component Hyper-V. Applying a patch is able to eliminate this problem. A possible...
Auteur: VulDB

Microsoft Windows 8.1 up to Server 2019 Server for NFS information disclosure

A vulnerability was found in Microsoft Windows (Operating System). It has been classified as problematic. Affected is some unknown functionality of the component Server for NFS. Applying a patch is able to eliminate this problem. A possible...
Auteur: VulDB

Microsoft Windows 8.1 up to Server 2019 Server for NFS information disclosure

A vulnerability was found in Microsoft Windows (Operating System) and classified as problematic. This issue affects an unknown functionality of the component Server for NFS. Applying a patch is able to eliminate this problem. A possible...
Auteur: VulDB

Microsoft Windows 8.1 up to Server 2019 NFS denial of service

A vulnerability has been found in Microsoft Windows (Operating System) and classified as problematic. This vulnerability affects an unknown function of the component NFS. Applying a patch is able to eliminate this problem. A possible mitigation...
Auteur: VulDB

Microsoft Windows 7 SP1 up to Server 2019 GPSVC Remote Privilege Escalation

A vulnerability, which was classified as critical, was found in Microsoft Windows (Operating System). This affects some unknown processing of the component GPSVC. Applying a patch is able to eliminate this problem. A possible mitigation has been...
Auteur: VulDB
First45678910111213Last

Événements SSI