lundi 18 novembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

F5 BIG-IP up to 14.1.0.6/15.0.0 Management Port privilege escalation

A vulnerability was found in F5 BIG-IP up to 14.1.0.6/15.0.0. It has been rated as critical. This issue affects an unknown functionality of the component Management Port Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

F5 BIG-IP/BIG-IQ/iWorkflow/Enterprise Manager Configuration Utility DNS Rebinding privilege escalation

A vulnerability was found in F5 BIG-IP, BIG-IQ, iWorkflow and Enterprise Manager (the affected version is unknown). It has been declared as critical. This vulnerability affects an unknown function of the component Configuration Utility. There is...
Auteur: VulDB

F5 BIG-IP up to 13.1.1.4 Log information disclosure

A vulnerability was found in F5 BIG-IP up to 13.1.1.4. It has been classified as problematic. This affects some unknown processing of the component Log Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

F5 BIG-IP APM up to 11.6.5/12.1.4.1/13.1.3.1/14.0.1/14.1.2 APD/APMD Request denial of service

A vulnerability was found in F5 BIG-IP APM up to 11.6.5/12.1.4.1/13.1.3.1/14.0.1/14.1.2 and classified as problematic. Affected by this issue is an unknown code block of the component APD/APMD. There is no information about possible...
Auteur: VulDB

F5 BIG-IP up to 13.1.1/14.0.1/14.1.2 HTTP Requests denial of service

A vulnerability has been found in F5 BIG-IP up to 13.1.1/14.0.1/14.1.2 and classified as problematic. Affected by this vulnerability is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

F5 BIG-IP Virtual Server up to 14.1.0.1 Messages denial of service

A vulnerability, which was classified as problematic, was found in F5 BIG-IP Virtual Server up to 14.1.0.1. Affected is an unknown part of the component Virtual Server. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Math Plugin on Limnoria/Supybot Eval privilege escalation

A vulnerability, which was classified as critical, has been found in Math Plugin on Limnoria/Supybot (unknown version). This issue affects some unknown functionality of the component Eval Handler. There is no information about possible...
Auteur: VulDB

AbuseFilter Extension up to 1.34 on MediaWiki information disclosure

A vulnerability classified as problematic was found in AbuseFilter Extension up to 1.34 on MediaWiki. This vulnerability affects an unknown functionality. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Pimcore up to 6.2.1 Forgot Password information disclosure

A vulnerability classified as problematic has been found in Pimcore up to 6.2.1. This affects an unknown function of the component Forgot Password. Upgrading to version 6.2.2 eliminates this vulnerability.
Auteur: VulDB

Pimcore up to 6.2.1 2FA Token weak authentication

A vulnerability was found in Pimcore up to 6.2.1. It has been rated as problematic. Affected by this issue is some unknown processing of the component 2FA Token Handler. Upgrading to version 6.2.2 eliminates this vulnerability.
Auteur: VulDB

Pimcore up to 9.2.x Email Log Preview EmailController.php cross site scripting

A vulnerability was found in Pimcore up to 9.2.x. It has been declared as problematic. Affected by this vulnerability is an unknown code block of the file bundles/AdminBundle/Controller/Admin/EmailController.php of the component Email Log Preview...
Auteur: VulDB

Pimcore up to 6.2.1 ID Notification privilege escalation

A vulnerability was found in Pimcore up to 6.2.1. It has been classified as critical. Affected is an unknown code of the component ID Handler. Upgrading to version 6.2.2 eliminates this vulnerability.
Auteur: VulDB

Cyrus IMAP up to 3.0.11 HTTP Request privilege escalation

A vulnerability was found in Cyrus IMAP and classified as critical. This issue affects an unknown part. Upgrading to version 2.5.14 or 3.0.12 eliminates this vulnerability.
Auteur: VulDB

Symantec Endpoint Protection up to 14.2 RU1 privilege escalation

A vulnerability has been found in Symantec Endpoint Protection up to 14.2 RU1 and classified as critical. This vulnerability affects some unknown functionality. Applying the patch 14.2 RU2 is able to eliminate this problem.
Auteur: VulDB

slpjs up to 0.21.3 on npm Bitcoin Script privilege escalation

A vulnerability, which was classified as problematic, was found in slpjs up to 0.21.3 on npm. This affects an unknown functionality of the component Bitcoin Script. Upgrading to version 0.21.4 eliminates this vulnerability.
Auteur: VulDB

slp-validate 1.0.0 on npm Bitcoin Script privilege escalation

A vulnerability, which was classified as problematic, has been found in slp-validate 1.0.0 on npm. Affected by this issue is an unknown function of the component Bitcoin Script. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Ghostscript up to 9.27 .charkeys PostScript File privilege escalation

A vulnerability classified as critical was found in Ghostscript (Document Processing Software). Affected by this vulnerability is the function .charkeys. Upgrading to version 9.28 eliminates this vulnerability.
Auteur: VulDB

TemaTres 3.0 Administrator Account privilege escalation

A vulnerability classified as critical has been found in TemaTres 3.0. Affected is an unknown code block of the component Administrator Account. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

TemaTres 3.0 admin.php value cross site scripting

A vulnerability was found in TemaTres 3.0. It has been rated as problematic. This issue affects an unknown code of the file vocab/admin.php?vocabulario_id=list. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Marvell 88W8688 up to p51 Parrot Faurecia Automotive FC6050W Stack-based memory corruption

A vulnerability was found in Marvell 88W8688 up to p51. It has been declared as critical. This vulnerability affects an unknown part of the component Parrot Faurecia Automotive FC6050W. Upgrading to version p52 eliminates this vulnerability.
Auteur: VulDB

Marvell 88W8688 up to p51 Parrot Faurecia Automotive FC6050W Heap-based memory corruption

A vulnerability was found in Marvell 88W8688 up to p51. It has been classified as critical. This affects some unknown functionality of the component Parrot Faurecia Automotive FC6050W. Upgrading to version p52 eliminates this vulnerability.
Auteur: VulDB

Symantec Endpoint Protection Manager privilege escalation [CVE-2019-12759]

A vulnerability was found in Symantec Endpoint Protection Manager and Mail Security for MS Exchange (Anti-Malware Software) (affected version not known) and classified as critical. Affected by this issue is an unknown functionality. Applying a...
Auteur: VulDB

Symantec Endpoint Protection privilege escalation [CVE-2019-12757]

A vulnerability, which was classified as critical, was found in Symantec Endpoint Protection and Endpoint Protection Small Business Edition (version unknown). Affected is some unknown processing. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Symantec Endpoint Protection up to 14.2 RU1 Digital Signature Code Execution

A vulnerability has been found in Symantec Endpoint Protection up to 14.2 RU1 and classified as critical. Affected by this vulnerability is an unknown function of the component Digital Signature Handler. Applying the patch 14.2 RU2 is able to...
Auteur: VulDB

Symantec Endpoint Protection up to 14.2 RU1 Password Protection privilege escalation

A vulnerability, which was classified as critical, has been found in Symantec Endpoint Protection up to 14.2 RU1. This issue affects an unknown code block of the component Password Protection. Applying the patch 14.2 RU2 is able to eliminate this...
Auteur: VulDB
12345678910Last

Événements SSI

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS