mardi 21 mai 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

BMC Patrol Agent up to 11.3.01 Encryption Key weak encryption

A vulnerability, which was classified as critical, has been found in BMC Patrol Agent up to 11.3.01. Affected by this issue is some functionality of the component Encryption Key. The manipulation with an unknown input leads to a weak encryption...
Auteur: VulDB

IBM Storwize V7000 1.6 Configuration Version information disclosure

A vulnerability classified as problematic was found in IBM Storwize V7000 1.6. Affected by this vulnerability is the functionality of the component Configuration. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

IBM BigFix Platform 9.2/9.5 User Interface privilege escalation

A vulnerability classified as critical has been found in IBM BigFix Platform 9.2/9.5. Affected is an unknown function of the component User Interface. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is...
Auteur: VulDB

IBM BigFix Platform 9.2/9.5 Web UI cross site scripting

A vulnerability was found in IBM BigFix Platform 9.2/9.5. It has been rated as problematic. This issue affects some processing of the component Web UI. The manipulation with an unknown input leads to a cross site scripting vulnerability. Using...
Auteur: VulDB

Carts Guru Plugin 1.4.5 on WordPress Deserialization wc-cartsguru-event-handler.php Cookie unknown vulnerability

A vulnerability was found in Carts Guru Plugin 1.4.5 on WordPress (Plugin Software). It has been declared as critical. This vulnerability affects a code block of the file classes/wc-cartsguru-event-handler.php of the component Deserialization....
Auteur: VulDB

Virim Plugin 0.4 on WordPress Deserialization graph.php s_values/t_values/c_values unknown vulnerability

A vulnerability was found in Virim Plugin 0.4 on WordPress (Plugin Software). It has been classified as critical. This affects code of the file graph.php of the component Deserialization. The manipulation of the argument...
Auteur: VulDB

WP Booking System 1.5.1 on WordPress sql injection [CVE-2019-12239]

A vulnerability was found in WP Booking System 1.5.1 on WordPress (WordPress Plugin) and classified as critical. Affected by this issue is a part. The manipulation with an unknown input leads to a sql injection vulnerability. Using CWE to...
Auteur: VulDB

Simple DirectMedia Layer 2.0.9 libSDL2.a SDL_InvalidateMap memory corruption

A vulnerability has been found in Simple DirectMedia Layer 2.0.9 and classified as critical. Affected by this vulnerability is the function SDL_InvalidateMap of the file libSDL2.a. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

Simple DirectMedia Layer 2.0.9 libSDL2.a SDL memory corruption

A vulnerability, which was classified as critical, was found in Simple DirectMedia Layer 2.0.9. Affected is the function SDL in the library stdlib/SDL_malloc.c of the file libSDL2.a. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

Simple DirectMedia Layer 2.0.9 libSDL2.a SDL memory corruption

A vulnerability, which was classified as critical, has been found in Simple DirectMedia Layer 2.0.9. This issue affects the function SDL of the file libSDL2.a. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

Simple DirectMedia Layer 2.0.9 libSDL2.a SDL unknown vulnerability

A vulnerability classified as critical was found in Simple DirectMedia Layer 2.0.9. This vulnerability affects the function SDL of the file libSDL2.a. The impact remains unknown. CVE summarizes:An issue was discovered in libSDL2.a in Simple...
Auteur: VulDB

Simple DirectMedia Layer 2.0.9 libSDL2.a SDL2_image denial of service

A vulnerability classified as problematic has been found in Simple DirectMedia Layer 2.0.9. This affects the function SDL2_image of the file libSDL2.a. The manipulation with an unknown input leads to a denial of service vulnerability (NULL...
Auteur: VulDB

Simple DirectMedia Layer 2.0.9 libSDL2.a stdio_read denial of service

A vulnerability was found in Simple DirectMedia Layer 2.0.9. It has been rated as problematic. Affected by this issue is the function stdio_read of the file libSDL2.a. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

Simple DirectMedia Layer 2.0.9 libSDL2.a SDL2_image memory corruption

A vulnerability was found in Simple DirectMedia Layer 2.0.9. It has been declared as critical. Affected by this vulnerability is the function SDL2_image of the file libSDL2.a. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Matomo 3.9.1 safemode.twig information disclosure [Disputed]

A vulnerability was found in Matomo 3.9.1. It has been classified as problematic. Affected is code of the file plugins/CorePluginsAdmin/templates/safemode.twig. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

FreeImage 3.18.0 j2k.c j2k_read_ppm_v3 l_N_ppm memory corruption

A vulnerability was found in FreeImage 3.18.0 and classified as critical. This issue affects the function j2k_read_ppm_v3 of the file j2k.c. The manipulation of the argument l_N_ppm with an unknown input leads to a memory corruption...
Auteur: VulDB

FreeImage 3.18.0 TIFF File PluginTIFF.cpp TIFFReadDirectory denial of service

A vulnerability has been found in FreeImage 3.18.0 and classified as problematic. This vulnerability affects the function TIFFReadDirectory of the file PluginTIFF.cpp of the component TIFF File Handler. The manipulation with an unknown input...
Auteur: VulDB

FreeImage 3.18.0 JXR File JXRMeta.c StreamCalcIFDSize denial of service

A vulnerability, which was classified as problematic, was found in FreeImage 3.18.0. This affects the function StreamCalcIFDSize of the file JXRMeta.c of the component JXR File Handler. The manipulation with an unknown input leads to a denial of...
Auteur: VulDB

FreeImage 3.18.0 TIFF File PluginTIFF.cpp Load memory corruption

A vulnerability, which was classified as critical, has been found in FreeImage 3.18.0. Affected by this issue is the function Load of the file PluginTIFF.cpp of the component TIFF File Handler. The manipulation with an unknown input leads to a...
Auteur: VulDB

OPNsense/pfsense WebUI Request privilege escalation

A vulnerability classified as critical was found in OPNsense and pfsense (Firewall Software) (affected version unknown). Affected by this vulnerability is the functionality of the component WebUI. The manipulation as part of a Request leads to...
Auteur: VulDB

Apache JSPWiki up to 2.11.0.M3 Plugin Link cross site scripting

A vulnerability classified as problematic has been found in Apache JSPWiki up to 2.11.0.M3 (Content Management System). Affected is an unknown function of the component Plugin Link Handler. The manipulation with an unknown input leads to a cross...
Auteur: VulDB

Apache JSPWiki up to 2.11.0.M3 Attachment cross site scripting

A vulnerability was found in Apache JSPWiki up to 2.11.0.M3 (Content Management System). It has been declared as problematic. This vulnerability affects a code block of the component Attachment Handler. The manipulation with an unknown input...
Auteur: VulDB

IBM BigFix Platform 9.2/9.5 Memory information disclosure

A vulnerability was found in IBM BigFix Platform 9.2/9.5. It has been classified as problematic. This affects code. The manipulation with an unknown input leads to a information disclosure vulnerability (Memory). CWE is classifying the issue as...
Auteur: VulDB

Apache JSPWiki up to 2.11.0.M3 InterWiki Link cross site scripting

A vulnerability was found in Apache JSPWiki up to 2.11.0.M3 (Content Management System). It has been rated as problematic. This issue affects some processing of the component InterWiki Link Handler. The manipulation with an unknown input leads...
Auteur: VulDB

Staying Cyber Safe During Memorial Day

Original release date: May 20, 2019 As Memorial Day approaches, the Cybersecurity and Infrastructure Security Agency (CISA) reminds users to stay cyber safe. Users should be cautious of potential scams, such as unsolicited emails that...
Auteur: US Cert
12345678910Last

Événements SSI

READY FOR IT

La première édition de Ready For IT se déroule du 20 au 22 mai 2019 à Monaco (Grimaldi Forum) : conférences, keynotes, ateliers et rendez-vous one-to-one. Organisé par DG Consultants.

Présentation de l'événement par l'organisateur

DG Consultants, l’organisateur depuis 18 ans des Assises de la Sécurité, innove en lançant Ready For It, un nouveau rendez-vous business, centré sur la convergence des technologies et l’expérience client.
Pourquoi ce nouvel événement ?
Parce que la demande explose de la part des entreprises qui sont toutes engagées dans la transformation numérique.
Tandis que les fournisseurs font évoluer leurs offres et s’organisent en écosystèmes technologiques afin d’ être au plus proches des besoins de leurs clients.
Entre les impératifs business, les demandes des métiers, les contraintes techniques, les promesses des nouveaux concepts (IA, BlockChain…), les organisations sont en attente de solutions, de conseils et de service.
S’engager dans le Cloud ?
Oui mais comment et avec quel partenaire ?
Structurer les données mais avec quelles technologies et dans quel cadre ? Et quid de la sécurité qui doit désormais être au cœur de tous les processus IT ?
Voilà pourquoi DG Consultants, la référence dans le monde des rencontres d’affaires a conçu Ready For It.
Pour réunir dans un cadre convivial et autour de contenu de qualité tous les acteurs importants de l’IT, mais également les start-ups qui savent apporter l’innovation et la « disruption ».
Rendez-vous du 20 au 22 mai 2019 à Monaco !

Plus d'infos sur le site dédié à l'événement.

 

HACK IN PARIS

Pour sa 9ème édition la conférence Hack In Paris sur la sécurité IT se tient du 16 au 20 juin 2019 à Paris, Maison de la Chimie. Organisée par Sysdream.

RSS