mercredi 13 novembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Google Chrome WebKit Timer.cpp unknown vulnerability

A vulnerability was found in Google Chrome (Web Browser) (affected version not known). It has been rated as problematic. Affected by this issue is some unknown functionality of the file Timer.cpp of the component WebKit. Upgrading eliminates this...
Auteur: VulDB

Google Chrome WebKit replaceDocument memory corruption

A vulnerability was found in Google Chrome (Web Browser) (affected version unknown). It has been declared as critical. Affected by this vulnerability is the function DocumentWriter::replaceDocument of the component WebKit. Upgrading eliminates...
Auteur: VulDB

Google Chrome on 64-bit Blink Return Value unknown vulnerability

A vulnerability was found in Google Chrome on 64-bit (Web Browser) (version unknown). It has been classified as problematic. Affected is an unknown function of the component Blink. Upgrading eliminates this vulnerability.
Auteur: VulDB

Google Chrome Blink AnimationControllerPrivate unknown vulnerability

A vulnerability was found in Google Chrome (Web Browser) (unknown version) and classified as problematic. This issue affects the function AnimationControllerPrivate of the component Blink. Upgrading eliminates this vulnerability.
Auteur: VulDB

syscp 1.4.2.1 privilege escalation [CVE-2010-2476]

A vulnerability has been found in syscp 1.4.2.1 and classified as critical. This vulnerability affects an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Drupal up to 6.15 Session Lockout privilege escalation

A vulnerability, which was classified as critical, was found in Drupal (Content Management System). This affects an unknown code of the component Session Lockout Handler. Upgrading to version 5.22 or 6.16 eliminates this vulnerability.
Auteur: VulDB

Drupal up to 6.15 Locale Module/Dependent Contributed Module cross site scripting

A vulnerability, which was classified as problematic, has been found in Drupal (Content Management System). Affected by this issue is an unknown part of the component Locale Module/Dependent Contributed Module. Upgrading to version 5.22 or 6.16...
Auteur: VulDB

Shibboleth SP 2.0 Private Key keygen.sh information disclosure

A vulnerability classified as problematic was found in Shibboleth SP 2.0. Affected by this vulnerability is some unknown functionality of the file keygen.sh of the component Private Key. There is no information about possible countermeasures...
Auteur: VulDB

Gource up to 0.26 Log File /tmp/gource-$UID.tmp) File Name privilege escalation

A vulnerability classified as critical has been found in Gource up to 0.26. Affected is an unknown functionality of the file /tmp/gource-$UID.tmp) of the component Log File Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

gitolite up to 1.4.0 Path Name Filter unknown vulnerability [CVE-2010-2447]

A vulnerability was found in gitolite up to 1.4.0. It has been rated as problematic. This issue affects an unknown function of the component Path Name Filter. Upgrading to version 1.4.1 eliminates this vulnerability.
Auteur: VulDB

Drupal up to 6.15 Site Installation cross site scripting

A vulnerability was found in Drupal up to 6.15 (Content Management System). It has been declared as problematic. This vulnerability affects some unknown processing of the component Site Installation. Upgrading to version 6.16 eliminates this...
Auteur: VulDB

Linux Kernel up to 2.6.32 clocksource.c unknown vulnerability

A vulnerability was found in Linux Kernel up to 2.6.32 (Operating System). It has been classified as problematic. This affects an unknown code block of the file kernel/time/clocksource.c. Upgrading to version 2.6.33 eliminates this vulnerability....
Auteur: VulDB

gri up to 2.12.17 Temp File unknown vulnerability [CVE-2008-7291]

A vulnerability was found in gri up to 2.12.17 and classified as problematic. Affected by this issue is an unknown code of the component Temp File Handler. Upgrading to version 2.12.18 eliminates this vulnerability.
Auteur: VulDB

FireGPG up to 0.5 weak encryption [CVE-2008-7272]

A vulnerability has been found in FireGPG up to 0.5 and classified as problematic. Affected by this vulnerability is an unknown part. Upgrading to version 0.6 eliminates this vulnerability.
Auteur: VulDB

JON 2.1.0/2.1.1/2.1.2 information disclosure [CVE-2008-5083]

A vulnerability, which was classified as problematic, was found in JON 2.1.0/2.1.1/2.1.2. Affected is some unknown functionality. Applying the patch 2.1.2 SP1 is able to eliminate this problem.
Auteur: VulDB

frysk on Red Hat Linux /usr/bin/f RPATH privilege escalation

A vulnerability, which was classified as critical, has been found in frysk on Red Hat Linux (unknown version). This issue affects an unknown functionality of the file /usr/bin/f. There is no information about possible countermeasures known. It...
Auteur: VulDB

ClamAV 0.91.2 ScanOLE2 Floating Point unknown vulnerability

A vulnerability classified as critical was found in ClamAV 0.91.2. This vulnerability affects an unknown function of the component ScanOLE2. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

ViewVC 1.0.3 Access Control Config Option privilege escalation

A vulnerability classified as critical has been found in ViewVC 1.0.3. This affects some unknown processing of the component Access Control. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Mondo 2.24 Temp File unknown vulnerability [CVE-2007-3915]

A vulnerability was found in Mondo 2.24. It has been rated as critical. Affected by this issue is an unknown code block of the component Temp File Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Linux Kernel up to 2.5 iret_exc denial of service

A vulnerability was found in Linux Kernel up to 2.5 (Operating System). It has been declared as problematic. Affected by this vulnerability is the function iret_exc. Upgrading to version 2.6 eliminates this vulnerability.
Auteur: VulDB

Xorux 2.41 lpar2rrd/stor2rrd privilege escalation

A vulnerability was found in Xorux 2.41. It has been classified as critical. Affected is an unknown part of the component lpar2rrd/stor2rrd. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

WebKit putToPrimitive cross site scripting

A vulnerability was found in WebKit (Web Browser) (unknown version) and classified as critical. This issue affects the function JSObject::putInlineSlow/JSValue::putToPrimitive. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Cisco Releases Security Updates

Original release date: November 7, 2019Cisco has released security updates to address vulnerabilities in Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing...
Auteur: US Cert

CERTFR-2019-AVI-548 : Multiples vulnérabilités dans Cisco (07 novembre 2019)

De multiples vulnérabilités ont été découvertes dans les produits Cisco . Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une élévation de privilèges.

Auteur: Cert FR

Atlassian Jira Service Desk Server up to 4.5.0 Customer Context Filter Request directory traversal

A vulnerability has been found in Atlassian Jira Service Desk Server and Jira Service Desk Data Center up to 4.5.0 and classified as critical. This vulnerability affects an unknown functionality of the component Customer Context Filter. Upgrading...
Auteur: VulDB
First567891011121314Last

Événements SSI

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS