FACTUALRISK Cyber Intelligence
Mise à jour : 15 Jul 2026 · 00:03
← Accueil
🗞 Briefing
💥 Menaces
🛡 Vulnérabilités
📋 Conformité
📚 Guides
← Retour FactualRisk
Total bulletins
50
Critique
3
Élevé
1
Exploités ITW
4
Action immédiate
0
Domaine
Catégorie
Sévérité
Visible : 50
🟢 il y a 22h BleepingComputer
SonicWall warns that threat actors have been exploiting two SMA1000 vulnerabilities, tracked as CVE-2026-15409 and CVE-2026-15410, in zero-day attacks and urges…
🟢 il y a 22h BleepingComputer
A threat actor has published hundreds of fake GitHub repositories impersonating legitimate software and security projects to distribute infostealer malware. [..…
🟢 il y a 22h BleepingComputer
Microsoft has released the Windows 10 KB5099539 extended security update, which includes the July 2026 Patch Tuesday security updates for 570 vulnerabilities, a…
🟢 il y a 22h BleepingComputer
Today is Microsoft's July 2026 Patch Tuesday, and with it comes security updates for a record-breaking 570 flaws, including two zero-day vulnerabilities exploit…
MODÉRÉ MEDIUM Other
🟢 il y a 22h Ubuntu
Yiwei Hou discovered that Dnsmasq incorrectly handled logging of DS or DNSKEY. A remote attacker could possibly use this issue to cause a denial of service. (CV…
🟢 il y a 22h BleepingComputer
Microsoft has released Windows 11 KB5101650 and KB5099414 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new …
MODÉRÉ MEDIUM Linux
🟢 il y a 22h Ubuntu
USN-8526-1 fixed vulnerabilities in libheif. This update provides the corresponding updates for CVE-2026-47709 and CVE-2026-47714 in Ubuntu 24.04 LTS. Original…
MODÉRÉ MEDIUM Linux
🟢 il y a 22h Ubuntu
Hirohito Higashi discovered that Vim incorrectly escaped class or trait names when performing PHP omni-completion. An attacker could possibly use this issue to …
🟢 il y a 22h BleepingComputer
Progress Software has confirmed that a high-severity zero-day vulnerability is behind the emergency shutdown of ShareFile Storage Zone Controllers last week and…
MODÉRÉ MEDIUM Network
🟢 il y a 22h Ubuntu
It was discovered that OpenVPN had a 1-byte buffer overrun when handling NTLMv2 proxy responses. An attacker could use this issue to cause a denial of service o…
MODÉRÉ MEDIUM 🔴 EXPLOITÉ ITW Other
🟢 il y a 22h BleepingComputer
LastPass is warning users about an ongoing phishing campaign that is using fake security notices to direct them to fraudulent websites. [...]
MODÉRÉ MEDIUM Other
🟢 il y a 22h Ubuntu
Haruto Kimura discovered that GnuTLS did not properly apply permitted name constraints in certain certificate validation paths. A remote attacker could possibly…
🟢 il y a 22h BleepingComputer
Many vulnerabilities cannot be safely validated with live exploits, either because no exploit exists or the affected systems are too critical to test. Picus exp…
MODÉRÉ MEDIUM Other
🟢 il y a 22h Ubuntu
It was discovered that alsa-lib incorrectly handled certain ALSA configuration text. An attacker could use this issue to cause alsa-lib to crash, resulting in a…
MODÉRÉ MEDIUM Other
🟢 il y a 22h Ubuntu
It was discovered that httplib2 performed unbounded decompression of HTTP response bodies when the server used gzip or deflate Content-Encoding. A remote attack…
MODÉRÉ MEDIUM Other
🟢 il y a 22h Ubuntu
It was discovered that MariaDB did not properly validate parameters supplied by a joiner node during a State Snapshot Transfer using the mariabackup method. An …
🟢 il y a 22h BleepingComputer
SAP has addressed 16 vulnerabilities across multiple products as part of its July 2026 security updates, including three critical flaws in NetWeaver, Commerce C…
MODÉRÉ MEDIUM Other
🟢 il y a 22h Fortinet
CVSSv3 Score: 4.1 A buffer over-read vulnerability [CWE-126] in FortiOS, FortiProxy, and FortiSASE may allow an authenticated remote attacker to return…
MODÉRÉ MEDIUM Security
🟢 il y a 22h Fortinet
CVSSv3 Score: 5.3 An Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability [CWE-80] in FortiSIEM may allow a priv…
🟢 il y a 22h Fortinet
CVSSv3 Score: 3.4 An Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') vulnerability [CWE-113] in FortiOS and Forti…
🟢 il y a 22h Fortinet
CVSSv3 Score: 3.1 An Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') vulnerability [CWE-113] in FortiOS and Forti…
🟢 il y a 22h Fortinet
CVSSv3 Score: 6.7 An Improper Certificate Validation vulnerability [CWE-295] in FortiClient EMS may allow a remote unauthenticated attacker to imperson…
MODÉRÉ MEDIUM Other
🟢 il y a 22h Fortinet
CVSSv3 Score: 7.0 An out of bounds read [CWE-125] vulnerability in FortiAuthenticator may allow a remote unauthenticated attacker to retrieve sensitive…
🟢 il y a 22h Fortinet
CVSSv3 Score: 5.0 An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in FortiOS, FortiPAM, FortiP…
MODÉRÉ MEDIUM Network
🟢 il y a 22h Fortinet
CVSSv3 Score: 6.1 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiOS, FortiProxy…
MODÉRÉ MEDIUM Other
🟢 il y a 22h Fortinet
CVSSv3 Score: 5.9 A Stack-based Buffer Overflow vulnerability [CWE-121] in FortiOS, FortiProxy and FortiPAM may allow a privileged authenticated attack…
🟢 il y a 22h Fortinet
CVSSv3 Score: 6.9 An Improper Restriction of Communication Channel to Intended Endpoints [CWE-923] vulnerability in FortiSIEM Windows Agent may allow a…
🟢 il y a 22h Fortinet
CVSSv3 Score: 7.7 An Exposure of Resource to Wrong Sphere vulnerability [CWE-668] in FortiSanbox may allow an unauthenticated attacker to access the VN…
🟡 hier Ubuntu
It was discovered that PipeWire accepted unbounded Content-Length values in its RAOP module. A remote attacker could possibly use this issue to cause a denial o…
🟡 hier Ubuntu
It was discovered that LibreOffice incorrectly handled importing DXF drawings. An attacker could use this issue to cause LibreOffice to crash, resulting in a de…
🟡 hier CERT-FR
English version : 🇬🇧 Les membres du Centre de Coordination des Crises Cyber (C4) ont observé le ciblage et la compromission d’entités françaises au moyen du mod…
🟡 hier CERT-FR
Version française: 🇫🇷 Members of the Cyber Crisis Coordination Centre (C4) have observed the targeting and compromise of French entities using the Turla intrusi…
🟡 hier CERT-FR
Ce bulletin d'actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas l'anal…
🟡 il y a 4j Chrome
The ChromeOS Stable channel is being updated to OS version 16667.62.0 (Browser version 149.0.7827.238 ) for most ChromeOS devices. If you find new issues, pl…
🟡 il y a 4j Chrome
The Dev channel has been updated to 152.0.7939.3 for Windows, Mac and Linux. A partial list of changes is available in the Git log . Interested in switching …
🟡 il y a 4j Chrome
Hi everyone! We've just released Chrome Dev 152 (152.0.7940.2) for Android. It's now available on Google Play . You can see a partial list of the changes in th…
🟡 il y a 4j CERT-FR
De multiples vulnérabilités ont été découvertes dans Microsoft Azure Linux. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié pa…
🟡 il y a 4j CERT-FR
De multiples vulnérabilités ont été découvertes dans Suricata. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
🟡 il y a 4j CERT-FR
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de pr…
🟡 il y a 4j CERT-FR
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la co…
🟡 il y a 5j Chrome
The Beta channel has been updated to 151.0.7922.19 for Windows, Mac and Linux. A partial list of changes is available in the Git log . Interested in switching…
🟡 il y a 5j Chrome
Hi everyone! We've just released Chrome Beta 151 (151.0.7922.18) for Android. It's now available on Google Play . You can see a partial list of the changes in …
MODÉRÉ MEDIUM Browser
🟡 il y a 5j Chrome
Hi everyone! We've just released Chrome Beta 151 (151.0.7922.17) for iOS; it'll become available on App Store in the next few days. You can see a partial list o…
🟡 il y a 5j Chrome
A new LTS-144  version 144.0.7559.257 (Platform Version: 16503.90.0), is being rolled out for most ChromeOS devices.   This version includes selected securit…
🟡 il y a 5j CERT-FR
Une vulnérabilité a été découverte dans Microsoft Edge. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
🟡 il y a 5j CERT-FR
De multiples vulnérabilités ont été découvertes dans Traefik. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité.
🟡 il y a 5j CERT-FR
De multiples vulnérabilités ont été découvertes dans Microsoft Azure Linux. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié pa…
🟡 il y a 5j CERT-FR
De multiples vulnérabilités ont été découvertes dans GitLab. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité de…
🟡 il y a 5j CERT-FR
De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'édit…
🟡 il y a 6j Chrome
Hi, everyone! We've just released Chrome 150 (150.0.7871.114) for Android. It'll become available on Google Play over the next few days.  This release inclu…

L'écosystème

Digimoove ESN Paris — Cyber · Cloud · Automatisation IA · Observabilité NAIvigate Veille & formation IA FactualRisk est une marque de l'écosystème Digimoove