jeudi 20 juin 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

FreePBX 4.4.3 Operator Panel Module exec.php cross site scripting

A vulnerability, which was classified as problematic, has been found in FreePBX 4.4.3. Affected by this issue is an unknown code block of the file app/operator_panel/exec.php of the component Operator Panel Module. The manipulation with an...
Auteur: VulDB

FusionPBX 4.4.3 Operator Panel Module index_inc.php cross site scripting

A vulnerability classified as problematic was found in FusionPBX 4.4.3. Affected by this vulnerability is an unknown code of the file app/operator_panel/index_inc.php of the component Operator Panel Module. The manipulation with an unknown input...
Auteur: VulDB

FreePBX 4.4.3 Operator Panel Module index_inc.php information disclosure

A vulnerability classified as problematic has been found in FreePBX 4.4.3. Affected is an unknown part of the file app/operator_panel/index_inc.php of the component Operator Panel Module. The manipulation with an unknown input leads to a...
Auteur: VulDB

Phoenix Contact AXC F 2152/AXC F 2152 STARTERKIT 2019 PC WORX Engineer Man-in-the-Middle denial of service

A vulnerability was found in Phoenix Contact AXC F 2152 and AXC F 2152 STARTERKIT 2019. It has been rated as problematic. This issue affects some unknown functionality of the component PC WORX Engineer. The manipulation with an unknown input...
Auteur: VulDB

Tyto Sahi Pro up to 8.0.0 Logs Web Interface Stored cross site scripting

A vulnerability was found in Tyto Sahi Pro up to 8.0.0. It has been declared as problematic. This vulnerability affects an unknown functionality of the component Logs Web Interface. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

Tyto Sahi Pro up to 8.0.0 Web Reports Module directory traversal

A vulnerability was found in Tyto Sahi Pro up to 8.0.0. It has been classified as critical. This affects an unknown function of the component Web Reports Module. The manipulation with an unknown input leads to a directory traversal...
Auteur: VulDB

Tyto Sahi Pro up to 8.0.0 Web Reports Module Parameter sql injection

A vulnerability was found in Tyto Sahi Pro up to 8.0.0 and classified as critical. Affected by this issue is some unknown processing of the component Web Reports Module. The manipulation as part of a Parameter leads to a sql injection...
Auteur: VulDB

Tyto Sahi Pro up to 8.0.0 Web Reports Module Remote Code Execution

A vulnerability has been found in Tyto Sahi Pro up to 8.0.0 and classified as critical. Affected by this vulnerability is an unknown code block of the component Web Reports Module. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Foxit Reader SDK Professsional 5.4.0.1031 Launch Action PDF File Remote Code Execution

A vulnerability, which was classified as critical, was found in Foxit Reader SDK Professsional 5.4.0.1031 (Document Reader Software). Affected is an unknown code of the component Launch Action Handler. The manipulation as part of a PDF File...
Auteur: VulDB

Foxit Reader SDK Professsional 5.4.0.1031 Javascript API Doc.exportAsFDF PDF File Remote Code Execution

A vulnerability, which was classified as critical, has been found in Foxit Reader SDK Professsional 5.4.0.1031 (Document Reader Software). This issue affects the function Doc.exportAsFDF of the component Javascript API. The manipulation as part...
Auteur: VulDB

Foxit Reader SDK Professsional 5.4.0.1031 Javascript API Doc.createDataObject PDF File Remote Code Execution

A vulnerability was found in Foxit Reader SDK Professsional 5.4.0.1031 (Document Reader Software). It has been rated as critical. Affected by this issue is the function Doc.createDataObject of the component Javascript API. The manipulation as...
Auteur: VulDB

Foxit Reader SDK Professsional 5.4.0.1031 Javascript API PDF File Remote Code Execution

A vulnerability was found in Foxit Reader SDK Professsional 5.4.0.1031 (Document Reader Software). It has been declared as critical. Affected by this vulnerability is some unknown processing of the component Javascript API. The manipulation as...
Auteur: VulDB

Foxit Reader SDK Professsional 5.4.0.1031 Textbox IReader_ContentProvider PDF File memory corruption

A vulnerability was found in Foxit Reader SDK Professsional 5.4.0.1031 (Document Reader Software). It has been classified as critical. Affected is the function IReader_ContentProvider of the component Textbox Handler. The manipulation as part of...
Auteur: VulDB

concrete5 8.4.3 config/concrete.php SVG File cross site scripting

A vulnerability was found in concrete5 8.4.3 and classified as problematic. This issue affects an unknown code of the file config/concrete.php. The manipulation as part of a SVG File leads to a cross site scripting vulnerability. Using CWE to...
Auteur: VulDB

OPNsense up to 18.7.6 Access Control privilege escalation

A vulnerability has been found in OPNsense up to 18.7.6 and classified as critical. This vulnerability affects an unknown part of the component Access Control. The manipulation with an unknown input leads to a privilege escalation vulnerability....
Auteur: VulDB

Infoblox NIOS up to 8.4.1 privilege escalation [CVE-2018-10239]

A vulnerability, which was classified as critical, has been found in Infoblox NIOS up to 8.4.1. Affected by this issue is an unknown functionality. The manipulation with an unknown input leads to a privilege escalation vulnerability. Using CWE...
Auteur: VulDB

Vera VeraEdge/Veralite UPnP Service /port_3480 REQ_Image request_image memory corruption

A vulnerability classified as critical was found in Vera VeraEdge and Veralite (affected version unknown). Affected by this vulnerability is the function LU::Generic_IP_Camera_Manager::REQ_Image of the file /port_3480 of the component UPnP...
Auteur: VulDB

Vera VeraEdge/Veralite UPnP Service /port_3480 REQ_Image request_image memory corruption

A vulnerability classified as critical has been found in Vera VeraEdge and Veralite (version unknown). Affected is the function LU::Generic_IP_Camera_Manager::REQ_Image of the file /port_3480 of the component UPnP Service. The manipulation of...
Auteur: VulDB

Vera VeraEdge/Veralite connect.sh RedirectURL cross site scripting

A vulnerability was found in Vera VeraEdge and Veralite (unknown version). It has been rated as problematic. This issue affects an unknown code block of the file connect.sh. The manipulation of the argument RedirectURL as part of a Parameter...
Auteur: VulDB

Vera VeraEdge/Veralite 1.7.19 Web User Interface RunLua code privilege escalation

A vulnerability was found in Vera VeraEdge and Veralite 1.7.19. It has been declared as critical. This vulnerability affects the function LU::JobHandler_LuaUPnP::RunLua of the component Web User Interface. The manipulation of the argument code...
Auteur: VulDB

Vera VeraEdge/Veralite Web User Interface proxy.sh eval url Code Execution

A vulnerability was found in Vera VeraEdge and Veralite (the affected version unknown). It has been classified as critical. This affects the function eval of the file proxy.sh of the component Web User Interface. The manipulation of the argument...
Auteur: VulDB

Vera VeraEdge/Veralite Log File relay.sh cross site scripting

A vulnerability was found in Vera VeraEdge and Veralite (affected version not known) and classified as problematic. Affected by this issue is some unknown functionality of the file relay.sh of the component Log File. The manipulation with an...
Auteur: VulDB

Vera VeraEdge/Veralite Script File get_file.sh filename directory traversal

A vulnerability has been found in Vera VeraEdge and Veralite (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown functionality of the file get_file.sh of the component Script File. The manipulation...
Auteur: VulDB

Vera Veralite 1.7.481 OpenWRT Interface /etc/cmh/cmh.conf weak authentication

A vulnerability, which was classified as critical, was found in Vera Veralite 1.7.481. Affected is an unknown function of the file /etc/cmh/cmh.conf of the component OpenWRT Interface. The manipulation with an unknown input leads to a weak...
Auteur: VulDB

Vera VeraEdge/Veralite Web User Interface relay.sh eval remote_host Code Execution

A vulnerability, which was classified as critical, has been found in Vera VeraEdge and Veralite (unknown version). This issue affects the function eval of the file relay.sh of the component Web User Interface. The manipulation of the argument...
Auteur: VulDB
First567891011121314Last

Événements SSI

HACK IN PARIS

Pour sa 9ème édition la conférence Hack In Paris sur la sécurité IT se tient du 16 au 20 juin 2019 à Paris, Maison de la Chimie. Organisée par Sysdream.

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

Présentation par l'organisateur



Retour sur Les Assises 2018

La 18ème édition des Assises de la Sécurité à Monaco, c’est terminé ! Encore merci aux 2800 participants dont les 160 partenaires qui pendant trois jours se sont retrouvés pour faire vivre cet événement unique en France. Conférences, one-to-one, tables-rondes, ateliers, moments de networking… Par leur contenu, par la qualité des visiteurs et par la richesse des échanges, les Assises se positionnent plus que jamais comme le rendez-vous incontournable de tous les professionnels de la cybersécurité. A l’image du marché qui ne cesse d’évoluer, les Assises savent adapter leur offre afin de répondre au mieux aux attentes du secteur. Ainsi cette édition a-t-elle voulu mettre en avant les grands enjeux du moment en multipliant les prises de parole, les démonstrations et les retours d’expérience.

Rendez-vous maintenant pour la prochaine édition qui aura lieu du 9 au 12 octobre 2019

Plus d'informations sur le site dédié à l'événement.

RSS