L'équipe Vigil@nce veille les vulnérabilités publiques qui affectent votre parc informatique, puis propose des correctifs sécurité, une base de données de vigilance et des outils pour y remédier.

Vulnérabilités informatiques de Dell EMC NetWorker

Oracle Java, OpenJDK : vulnérabilités de octobre 2020
Plusieurs vulnérabilités ont été annoncées dans les produits Oracle...
6379260, 6410566, 6410876, 6411251, 6411255, 6415639, CERTFR-2020-AVI-663, cpuoct2020, CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14798, CVE-2020-14803, DLA-2412-1, DLA-2412-2, DSA-2020-278, DSA-2021-001, DSA-4779-1, FEDORA-2020-421f817e5f, FEDORA-2020-81e511d0d8, FEDORA-2020-84137f197e, FEDORA-2020-a405eea76a, FEDORA-2020-d1b8d3f94a, FEDORA-2020-fdc79d8e5b, FEDORA-2020-febe36c3ac, openSUSE-SU-2020:1893-1, openSUSE-SU-2020:1984-1, openSUSE-SU-2020:1994-1, openSUSE-SU-2020:2048-1, openSUSE-SU-2020:2083-1, openSUSE-SU-2020:2170-1, RHSA-2020:4305-01, RHSA-2020:4306-01, RHSA-2020:4307-01, RHSA-2020:4316-01, RHSA-2020:4347-01, RHSA-2020:4348-01, RHSA-2020:4349-01, RHSA-2020:4350-01, RHSA-2020:4352-01, RHSA-2020:5585-01, RHSA-2020:5586-01, RHSA-2021:0530-01, SUSE-SU-2020:14587-1, SUSE-SU-2020:14588-1, SUSE-SU-2020:3159-1, SUSE-SU-2020:3191-1, SUSE-SU-2020:3310-1, SUSE-SU-2020:3359-1, SUSE-SU-2020:3460-1, SUSE-SU-2020:3591-1, SUSE-SU-2020:3932-1, SUSE-SU-2021:0019-1, SUSE-SU-2021:0032-1, SUSE-SU-2021:0512-1, SUSE-SU-2021:0652-1, SUSE-SU-2021:14634-1, SUSE-SU-2021:14640-1, USN-4607-1, VIGILANCE-VUL-33649
Dell EMC NetWorker : élévation de privilèges
Un attaquant peut contourner les restrictions de Dell EMC NetWorker, afin d'élever ses privilèges...
CVE-2020-26182, CVE-2020-26183, DSA-2020-229, VIGILANCE-VUL-33620
Apache Tomcat : obtention d'information via HTTP/2 Concurrent Streams Request Mix-up
Un attaquant peut contourner les restrictions d'accès aux données via HTTP/2 Concurrent Streams Request Mix-up de Apache Tomcat, afin d'obtenir des informations sensibles...
CVE-2020-13943, DLA-2407-1, DSA-2021-001, DSA-4835-1, openSUSE-SU-2020:1799-1, openSUSE-SU-2020:1842-1, SUSE-SU-2020:2996-1, SUSE-SU-2020:3068-1, SUSE-SU-2020:3069-1, VIGILANCE-VUL-33544
PostgreSQL JDBC : injection d'entité XML externe
Un attaquant peut transmettre des données XML malveillantes à PostgreSQL JDBC, afin de lire un fichier, de scanner des sites, ou de mener un déni de service...
6382286, CVE-2020-13692, DSA-2020-262, FEDORA-2020-5a31ccfe66, K23157312, RHSA-2020:3176-01, RHSA-2020:3283-01, RHSA-2020:3284-01, RHSA-2020:3285-01, RHSA-2020:3286-01, SUSE-SU-2021:0599-1, VIGILANCE-VUL-32936
Oracle Java, OpenJDK : vulnérabilités de avril 2020
Plusieurs vulnérabilités ont été annoncées dans les produits Oracle...
6206850, 6235886, 6247119, 6247141, 6250529, 6369095, 6370579, 6371646, 6382282, 6415639, CERTFR-2020-AVI-217, cpuapr2020, CVE-2020-2754, CVE-2020-2755, CVE-2020-2756, CVE-2020-2757, CVE-2020-2764, CVE-2020-2767, CVE-2020-2773, CVE-2020-2778, CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2816, CVE-2020-2830, DLA-2193-1, DSA-2020-130, DSA-2020-135, DSA-2020-151, DSA-2020-160, DSA-2020-198, DSA-4662-1, DSA-4668-1, FEDORA-2020-07aa58121a, FEDORA-2020-21ca991b3b, FEDORA-2020-36298e20f7, FEDORA-2020-372eeb28f3, FEDORA-2020-4578c4a082, FEDORA-2020-5386fe3bbb, FEDORA-2020-73341c894c, FEDORA-2020-755e4213b5, FEDORA-2020-831ec85119, FEDORA-2020-92ed6d99e4, FEDORA-2020-a60ad9d4ec, JSA11110, KB0085480, NTAP-20200416-0004, openSUSE-SU-2020:0757-1, openSUSE-SU-2020:0800-1, openSUSE-SU-2020:0841-1, RHSA-2020:1506-01, RHSA-2020:1507-01, RHSA-2020:1508-01, RHSA-2020:1509-01, RHSA-2020:1512-01, RHSA-2020:1514-01, RHSA-2020:1515-01, RHSA-2020:1516-01, RHSA-2020:1517-01, RHSA-2020:2236-01, RHSA-2020:2237-01, RHSA-2020:2238-01, RHSA-2020:2239-01, RHSA-2020:2241-01, SB10332, SUSE-SU-2020:14398-1, SUSE-SU-2020:1511-2, SUSE-SU-2020:1571-1, SUSE-SU-2020:1683-1, SUSE-SU-2020:1684-1, SUSE-SU-2020:1685-1, SUSE-SU-2020:1686-1, USN-4337-1, VIGILANCE-VUL-32028
jQuery Core : Cross Site Scripting via HtmlPrefilter Regex
Un attaquant peut provoquer un Cross Site Scripting via HtmlPrefilter Regex de jQuery Core, afin d'exécuter du code JavaScript dans le contexte du site web...
20200601, 20200602, 20200603, 20200604, 20200605, 6217392, 6253319, 6344075, 6367943, 6413705, CERTFR-2020-AVI-310, CERTFR-2020-AVI-335, CERTFR-2020-AVI-797, cpujan2021, cpujul2020, cpuoct2020, CVE-2020-11022, CVE-2020-11023, DRUPAL-SA-CORE-2020-002, DRUPAL-SA-CORE-2020-003, DSA-2020-262, DSA-2020-270, DSA-4693-1, FEDORA-2020-0b32a59b54, FEDORA-2020-11be4b36d4, FEDORA-2020-7dddce530c, FEDORA-2020-8a15713da2, FEDORA-2020-fbb94073a1, JRASERVER-72052, K02453220, K66544153, KM03758436, NPM-1518, openSUSE-SU-2020:1060-1, openSUSE-SU-2020:1106-1, openSUSE-SU-2020:1888-1, OSA-2020-14, RHSA-2020:3936-01, RHSA-2020:4670-01, RHSA-2020:4847-01, TNS-2020-10, VIGILANCE-VUL-32007
Oracle Java : vulnérabilités de janvier 2020
Plusieurs vulnérabilités ont été annoncées dans les produits Oracle...
1289194, 3260187, 5694963, 6120873, 6121041, 6199287, 6199289, 6201679, 6210521, 6210522, 6217590, 6235912, 6245356, 6248703, 6248705, 6250533, 6256052, 6257207, 6338657, 6338659, 6356017, 6356021, 6356023, 6356025, 6359169, 6369095, 6369245, 6382282, CERTFR-2020-AVI-035, CERTFR-2020-AVI-176, cpujan2020, CVE-2020-2583, CVE-2020-2585, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2655, CVE-2020-2659, DLA-2128-1, DSA-2020-062, DSA-2020-135, DSA-2020-198, DSA-4605-1, DSA-4621-1, FEDORA-2020-0a2dd63bf0, FEDORA-2020-202cb87e26, FEDORA-2020-2ed6716c30, FEDORA-2020-7e042e371a, FEDORA-2020-d735a887d1, FEDORA-2020-ebbf986d01, JSA11110, openSUSE-SU-2020:0113-1, openSUSE-SU-2020:0147-1, RHSA-2020:0122-01, RHSA-2020:0128-01, RHSA-2020:0157-01, RHSA-2020:0196-01, RHSA-2020:0202-01, RHSA-2020:0231-01, RHSA-2020:0232-01, RHSA-2020:0465-01, RHSA-2020:0467-01, RHSA-2020:0468-01, RHSA-2020:0469-01, RHSA-2020:0470-01, RHSA-2020:0541-01, RHSA-2020:0632-01, RHSA-2020:2236-01, RHSA-2020:2237-01, RHSA-2020:2238-01, RHSA-2020:2239-01, RHSA-2020:2241-01, RHSA-2020:3386-01, RHSA-2020:3387-01, RHSA-2020:3388-01, RHSA-2020:5585-01, SB10315, SUSE-SU-2020:0140-1, SUSE-SU-2020:0213-1, SUSE-SU-2020:0261-1, SUSE-SU-2020:0456-1, SUSE-SU-2020:0466-1, SUSE-SU-2020:0528-1, SUSE-SU-2020:0628-1, SUSE-SU-2020:14286-1, SUSE-SU-2020:14287-1, SUSE-SU-2020:14398-1, SUSE-SU-2020:1683-1, SUSE-SU-2020:1684-1, SUSE-SU-2020:1685-1, USN-4257-1, VIGILANCE-VUL-31331
libxslt : buffer overflow via xsltCopyText
Un attaquant peut provoquer un buffer overflow via xsltCopyText() de libxslt, afin de mener un déni de service, et éventuellement d'exécuter du code...
ADV200002, cpuapr2020, CVE-2019-18197, DLA-1973-1, DSA-2020-130, DSA-2020-160, DSA-2020-198, openSUSE-SU-2020:0189-1, openSUSE-SU-2020:0210-1, openSUSE-SU-2020:0233-1, openSUSE-SU-2020:0731-1, RHSA-2020:0514-01, RHSA-2020:4005-01, RHSA-2020:4464-01, SUSE-SU-2020:0920-2, USN-4164-1, VIGILANCE-VUL-30693
Oracle Java : vulnérabilités de octobre 2019
Plusieurs vulnérabilités ont été annoncées dans les produits Oracle...
1126887, 1288366, 3013353, 3260187, 3511029, 4790613, 5695563, 5695611, 5695629, 5695653, 5695665, 5695851, 6116194, 6210349, 6221706, 6248711, 6250817, 6256634, 6330711, CERTFR-2019-AVI-508, cpuoct2019, CVE-2019-2933, CVE-2019-2945, CVE-2019-2949, CVE-2019-2958, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2977, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2996, CVE-2019-2999, DLA-2023-1, DSA-2019-168, DSA-2019-169, DSA-2019-186, DSA-2019-201, DSA-2020-003, DSA-2020-105, DSA-2020-198, DSA-4546-1, DSA-4548-1, FEDORA-2019-119312dbfc, FEDORA-2019-4bafcdb85f, FEDORA-2019-a87aba290f, FEDORA-2019-ba59b4b9f1, FEDORA-2019-c170ad0c6b, FEDORA-2019-d03db48dca, FEDORA-2019-d81be00640, FEDORA-2019-e8695f5e6c, FEDORA-2019-e87dd3ca51, FEDORA-2019-f36ac0db92, FG-VD-19-091, NTAP-20191017-0001, openSUSE-SU-2019:2557-1, openSUSE-SU-2019:2565-1, openSUSE-SU-2019:2687-1, RHSA-2019:3127-01, RHSA-2019:3128-01, RHSA-2019:3134-01, RHSA-2019:3135-01, RHSA-2019:3136-01, RHSA-2019:3157-01, RHSA-2019:3158-01, RHSA-2019:4109-01, RHSA-2019:4110-01, RHSA-2019:4113-01, RHSA-2019:4115-01, RHSA-2020:0046-01, RHSA-2020:2237-01, RHSA-2020:2239-01, RHSA-2020:2241-01, SB10315, SUSE-SU-2019:2998-1, SUSE-SU-2019:3083-1, SUSE-SU-2019:3084-1, SUSE-SU-2019:3238-1, SUSE-SU-2020:0001-1, SUSE-SU-2020:0024-1, SUSE-SU-2020:0051-1, SUSE-SU-2020:14263-1, SUSE-SU-2020:14265-1, SUSE-SU-2020:1684-1, SUSE-SU-2020:1685-1, USN-4223-1, VIGILANCE-VUL-30635
Sudo : élévation de privilèges via Runas User -1
Un attaquant peut contourner les restrictions via Runas User -1 de Sudo, afin d'élever ses privilèges...
CVE-2019-14287, DLA-1964-1, DSA-2019-201, DSA-4543-1, FEDORA-2019-72755db9c7, FEDORA-2019-9cb221f2be, openSUSE-SU-2019:2316-1, openSUSE-SU-2019:2333-1, RHSA-2019:3197-01, RHSA-2019:3204-01, RHSA-2019:3205-01, RHSA-2019:3209-01, RHSA-2019:3219-01, RHSA-2019:3278-01, RHSA-2019:3694-01, RHSA-2019:3754-01, RHSA-2019:3755-01, RHSA-2019:3895-01, RHSA-2019:4191-01, RHSA-2020:0388-01, SSA:2019-287-01, SUSE-SU-2019:14193-1, SUSE-SU-2019:2656-1, SUSE-SU-2019:2666-1, SUSE-SU-2019:2667-1, SUSE-SU-2019:2668-1, USN-4154-1, VIGILANCE-VUL-30611
Notre base de données contient d'autres bulletins. Vous pouvez utiliser un essai gratuit pour les consulter.

Consulter les informations sur Dell EMC NetWorker :