mercredi 3 juin 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

websocket-extensions up to 0.1.4 on Ruby Regex Backslash ReDoS denial of service

A vulnerability was found in websocket-extensions up to 0.1.4 on Ruby (Ruby Gem). It has been classified as problematic. This affects an unknown code of the component Regex Handler. Upgrading to version 0.1.5 eliminates this vulnerability.
Auteur: VulDB

websocket-extensions up to 1.0.3 on npm Regex Backslash ReDoS denial of service

A vulnerability was found in websocket-extensions up to 1.0.3 on npm and classified as problematic. Affected by this issue is an unknown part of the component Regex Handler. Upgrading to version 1.0.4 eliminates this vulnerability.
Auteur: VulDB

Spring Cloud Config up to 2.1.8/2.2.2 spring-cloud-config-server directory traversal

A vulnerability has been found in Spring Cloud Config up to 2.1.8/2.2.2 (Cloud Software) and classified as problematic. Affected by this vulnerability is some unknown functionality of the component spring-cloud-config-server. Upgrading to version...
Auteur: VulDB

IBM Planning Analytics 2.0 Web UI cross site scripting

A vulnerability, which was classified as problematic, was found in IBM Planning Analytics 2.0. Affected is an unknown functionality of the component Web UI. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

IBM Planning Analytics 2.0 Web UI cross site scripting

A vulnerability, which was classified as problematic, has been found in IBM Planning Analytics 2.0. This issue affects an unknown function of the component Web UI. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

IBM Planning Analytics 2.0 weak encryption [CVE-2020-4367]

A vulnerability classified as problematic was found in IBM Planning Analytics 2.0. This vulnerability affects some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

IBM Planning Analytics 2.0 Web UI cross site scripting

A vulnerability classified as problematic has been found in IBM Planning Analytics 2.0. This affects an unknown code block of the component Web UI. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

IBM Planning Analytics 2.0 Web UI cross site scripting

A vulnerability was found in IBM Planning Analytics 2.0. It has been rated as problematic. Affected by this issue is an unknown code of the component Web UI. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR1130 fastrpc Memory Mapping API race condition

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wearables (Chip Software). It has been declared as problematic. Affected by this...
Auteur: VulDB

Qualcomm Snapdragon Compute WLAN Response Assertion unknown vulnerability

A vulnerability was found in Qualcomm Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wired...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130 Integer Overflow memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wearables and classified as critical. This issue affects an...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130 MP3 File memory corruption

A vulnerability has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wearables and classified as critical. This...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130 Video Response Out-of-Bounds memory corruption

A vulnerability, which was classified as critical, was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon...
Auteur: VulDB

Qualcomm Snapdragon Auto SM8250/SXR2130 DSP Attribute Out-of-Bounds memory corruption

A vulnerability, which was classified as critical, has been found in Qualcomm Snapdragon Auto, Snapdragon Consumer IOT and Snapdragon Mobile SM8250/SXR2130. Affected by this issue is an unknown code block of the component DSP Handler. Upgrading...
Auteur: VulDB

Qualcomm Snapdragon Mobile SM8250/SXR2130 Kernel unknown vulnerability

A vulnerability classified as problematic was found in Qualcomm Snapdragon Mobile SM8250/SXR2130. Affected by this vulnerability is an unknown code of the component Kernel. Upgrading eliminates this vulnerability.
Auteur: VulDB

Qualcomm Snapdragon Compute IPQ6018/IPQ8074/QCA8081/SC8180X/SXR2130 Event NULL Pointer Dereference memory corruption

A vulnerability classified as critical has been found in Qualcomm Snapdragon Compute, Snapdragon Mobile and Snapdragon Wired Infrastructure and Networking IPQ6018/IPQ8074/QCA8081/SC8180X/SXR2130. Affected is an unknown part of the component Event...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SM8150 strcpy memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wearables. It has been rated as critical....
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR1130 RMF unknown vulnerability

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT and Snapdragon Mobile. It has been declared as problematic. This...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130 drawobj IOCTL Command Double-Free memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wearables. It...
Auteur: VulDB

ZNC up to 1.8.0 NULL Pointer Dereference denial of service

A vulnerability was found in ZNC up to 1.8.0 and classified as problematic. Affected by this issue is some unknown processing. Upgrading to version 1.8.1-rc1 eliminates this vulnerability.
Auteur: VulDB

Gravity Forms Plugin up to 2.4.8 on WordPress common.php current_user->get($property) information disclosure

A vulnerability has been found in Gravity Forms Plugin up to 2.4.8 on WordPress (WordPress Plugin) and classified as problematic. Affected by this vulnerability is an unknown code block of the file common.php. Upgrading to version 2.4.9...
Auteur: VulDB

Joomla CMS up to 3.9.18 Textfilter cross site scripting

A vulnerability, which was classified as problematic, was found in Joomla CMS up to 3.9.18 (Content Management System). Affected is an unknown code of the component Textfilter Handler. Upgrading to version 3.9.19 eliminates this vulnerability.
Auteur: VulDB

Joomla CMS up to 3.9.18 com_modules cross site scripting

A vulnerability, which was classified as problematic, has been found in Joomla CMS up to 3.9.18 (Content Management System). This issue affects an unknown part of the component com_modules. Upgrading to version 3.9.19 eliminates this...
Auteur: VulDB

Joomla CMS up to 3.9.18 Articles cross site scripting

A vulnerability classified as problematic was found in Joomla CMS up to 3.9.18 (Content Management System). This vulnerability affects some unknown functionality of the component Articles Handler. Upgrading to version 3.9.19 eliminates this...
Auteur: VulDB

Joomla CMS up to 3.9.18 com_postinstall cross site request forgery

A vulnerability classified as problematic has been found in Joomla CMS up to 3.9.18. This affects an unknown functionality of the component com_postinstall. Upgrading to version 3.9.19 eliminates this vulnerability.
Auteur: VulDB
12345678910Last

Événements SSI