vendredi 20 septembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

libavcodec 12.3 Subtitle Decoder libavcodec/srtdec.c srt_to_ass Video File memory corruption

A vulnerability, which was classified as critical, has been found in libavcodec 12.3 (Multimedia Player Software). This issue affects the function srt_to_ass of the file libavcodec/srtdec.c of the component Subtitle Decoder. There is no...
Auteur: VulDB

libav 12.3 Subtitle Decoder libavcodec/srtdec.c srt_to_ass Video File memory corruption

A vulnerability classified as critical was found in libav 12.3 (Multimedia Player Software). This vulnerability affects the function srt_to_ass of the file libavcodec/srtdec.c of the component Subtitle Decoder. There is no information about...
Auteur: VulDB

libav 12.3 Subtitle Decoder libavcodec/srtdec.c srt_to_ass Video File denial of service

A vulnerability classified as problematic has been found in libav 12.3 (Multimedia Player Software). This affects the function srt_to_ass of the file libavcodec/srtdec.c of the component Subtitle Decoder. There is no information about possible...
Auteur: VulDB

LayerBB up to 1.1.3 System Settings admin/general.php cross site request forgery

A vulnerability was found in LayerBB up to 1.1.3. It has been declared as problematic. Affected by this vulnerability is an unknown function of the file admin/general.php of the component System Settings. Upgrading to version 1.1.4 eliminates...
Auteur: VulDB

checklist Plugin up to 1.1.8 on WordPress checklist-icon.php fill cross site scripting

A vulnerability was found in checklist Plugin up to 1.1.8 on WordPress (WordPress Plugin). It has been classified as problematic. Affected is some unknown processing of the file checklist-icon.php. Upgrading to version 1.1.9 eliminates this...
Auteur: VulDB

Linux Kernel up to 5.3 KVM Hypervisor /dev/kvm memory corruption

A vulnerability was found in Linux Kernel up to 5.3 (Operating System) and classified as critical. This issue affects an unknown code block of the file /dev/kvm of the component KVM Hypervisor. There is no information about possible...
Auteur: VulDB

LINE up to 9.15.1 on Android Integer Overflow memory corruption

A vulnerability has been found in LINE up to 9.15.1 on Android (Android App Software) and classified as critical. This vulnerability affects an unknown code. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

SuSE Linux Enterprise Server 15/up to 12 nfs-utils Package /var/lib/nfs privilege escalation

A vulnerability, which was classified as critical, was found in SuSE Linux Enterprise Server up to 12/15 (Operating System). This affects an unknown part in the library /var/lib/nfs of the component nfs-utils Package. Applying a patch is able to...
Auteur: VulDB

FireGiant WiX Toolset up to 3.11.1 DTF Microsoft.Deployment.Compression.Cab.dll Archive File directory traversal

A vulnerability, which was classified as critical, has been found in FireGiant WiX Toolset up to 3.11.1. Affected by this issue is some unknown functionality in the library Microsoft.Deployment.Compression.Cab.dll of the component DTF. Upgrading...
Auteur: VulDB

libIEC61850 up to 1.3.3 mms_server.c MmsServer_waitReady memory corruption

A vulnerability classified as critical was found in libIEC61850 up to 1.3.3. Affected by this vulnerability is the function MmsServer_waitReady of the file mms/iso_mms/server/mms_server.c. There is no information about possible countermeasures...
Auteur: VulDB

Tenda N301 Wireless Router wanMTU goform/setSysTools denial of service

A vulnerability classified as critical has been found in Tenda N301 Wireless Router (Router Operating System) (version unknown). Affected is an unknown function of the file goform/setSysTools of the component wanMTU Handler. There is no...
Auteur: VulDB

Keeper K5 20.1.0.25/20.1.0.63 SD Card Data zskj_script_run.sh File Name Code Execution

A vulnerability was found in Keeper K5 20.1.0.25/20.1.0.63. It has been rated as critical. This issue affects some unknown processing of the file zskj_script_run.sh of the component SD Card Data Handler. There is no information about possible...
Auteur: VulDB

Counter-Strike: Global Offensive up to 1.37.1.0 Map vphysics.dll memory corruption

A vulnerability was found in Counter-Strike: Global Offensive up to 1.37.1.0. It has been declared as critical. This vulnerability affects an unknown code block in the library vphysics.dll of the component Map Handler. Upgrading to version...
Auteur: VulDB

Pydio 6.0.8 Remote Link index.php file Server-Side Request Forgery

A vulnerability was found in Pydio 6.0.8. It has been classified as critical. This affects an unknown code of the file index.php of the component Remote Link Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Pydio 6.0.8 Error Reporting information disclosure

A vulnerability was found in Pydio 6.0.8 and classified as problematic. Affected by this issue is an unknown part of the component Error Reporting. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Atlassian JIRA Server/Data Center up to 8.4.0 Jira Importers Plugin PUT Request Remote Code Execution

A vulnerability has been found in Atlassian JIRA Server and Data Center up to 8.4.0 (Bug Tracking Software) and classified as critical. Affected by this vulnerability is some unknown functionality of the component Jira Importers Plugin. Upgrading...
Auteur: VulDB

Bitbucket Server/Data Center up to 6.5.1 REST Endpoint Argument privilege escalation

A vulnerability, which was classified as critical, was found in Bitbucket Server and Data Center up to 6.5.1. Affected is an unknown functionality of the component REST Endpoint. Upgrading to version 5.16.10, 6.0.10, 6.1.8, 6.2.6, 6.3.5, 6.4.3 or...
Auteur: VulDB

Atlassian Jira Service Desk Server up to 3.9.15/3.16.8/4.1.2/4.2.4/4.3.3 Customer Context Filter Request directory traversal

A vulnerability, which was classified as problematic, has been found in Atlassian Jira Service Desk Server and Jira Service Desk Data Center up to 3.9.15/3.16.8/4.1.2/4.2.4/4.3.3 (Bug Tracking Software). This issue affects an unknown function of...
Auteur: VulDB

Eclipse Mosquitto up to 1.6.5 Subscribe Packet Stack-based memory corruption

A vulnerability classified as critical was found in Eclipse Mosquitto up to 1.6.5. This vulnerability affects some unknown processing of the component Subscribe Packet Handler. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Google Releases Security Updates for Chrome

Original release date: September 19, 2019Google has released Chrome 77.0.3865.90 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker can exploit to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

Linux Kernel up to 5.0.3 p9 Filesystem i_size_write() denial of service

A vulnerability classified as problematic has been found in Linux Kernel up to 5.0.3 (Operating System). This affects the function i_size_write() of the component p9 Filesystem. Upgrading to version 5.0.4 eliminates this vulnerability.
Auteur: VulDB

Dahua IPC-HDW1X2X Packet IP Address information disclosure

A vulnerability was found in Dahua IPC-HDW1X2X, IPC-HFW1X2X, IPC-HDW2X2X, IPC-HFW2X2X, IPC-HDW4X2X, IPC-HFW4X2X, IPC-HDBW4X2X, IPC-HDW5X2X and IPC-HFW5X2X. It has been rated as problematic. Affected by this issue is an unknown code. Upgrading...
Auteur: VulDB

Dahua IPC-HDW1X2X Debug Function privilege escalation

A vulnerability was found in Dahua IPC-HDW1X2X, IPC-HFW1X2X, IPC-HDW2X2X, IPC-HFW2X2X, IPC-HDW4X2X, IPC-HFW4X2X, IPC-HDBW4X2X, IPC-HDW5X2X and IPC-HFW5X2X. It has been declared as critical. Affected by this vulnerability is an unknown part of the...
Auteur: VulDB

Dahua IPC-HDW1X2X Login Packet Crash denial of service

A vulnerability was found in Dahua IPC-HDW1X2X, IPC-HFW1X2X, IPC-HDW2X2X, IPC-HFW2X2X, IPC-HDW4X2X, IPC-HFW4X2X, IPC-HDBW4X2X, IPC-HDW5X2X and IPC-HFW5X2X. It has been classified as problematic. Affected is some unknown functionality of the...
Auteur: VulDB

Dahua IPC-HDW1X2X CGI Interface memory corruption

A vulnerability was found in Dahua IPC-HDW1X2X, IPC-HFW1X2X, IPC-HDW2X2X, IPC-HFW2X2X, IPC-HDW4X2X, IPC-HFW4X2X, IPC-HDBW4X2X, IPC-HDW5X2X and IPC-HFW5X2X and classified as critical. This issue affects an unknown functionality of the component...
Auteur: VulDB
12345678910Last

Événements SSI

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS