jeudi 12 décembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Microsoft Windows up to Server 2019 GDI information disclosure

A vulnerability was found in Microsoft Windows (Operating System). It has been classified as problematic. Affected is an unknown functionality of the component GDI. Applying a patch is able to eliminate this problem. A possible mitigation has...
Auteur: VulDB

Microsoft Windows up to Server 2019 GDI information disclosure

A vulnerability was found in Microsoft Windows (Operating System) and classified as problematic. This issue affects an unknown function of the component GDI. Applying a patch is able to eliminate this problem. A possible mitigation has been...
Auteur: VulDB

Microsoft Office up to 2019 Excel information disclosure

A vulnerability has been found in Microsoft Office up to 2019 and classified as problematic. This vulnerability affects some unknown processing of the component Excel. Applying a patch is able to eliminate this problem. A possible mitigation has...
Auteur: VulDB

Microsoft Office up to 2019 Access information disclosure

A vulnerability, which was classified as problematic, was found in Microsoft Office up to 2019. This affects an unknown code block of the component Access. Applying a patch is able to eliminate this problem. A possible mitigation has been...
Auteur: VulDB

Microsoft Office up to 2019 PowerPoint memory corruption

A vulnerability, which was classified as critical, has been found in Microsoft Office up to 2019. Affected by this issue is an unknown code of the component PowerPoint. Applying a patch is able to eliminate this problem. A possible mitigation has...
Auteur: VulDB

Microsoft Office up to 2019 Word denial of service

A vulnerability classified as problematic was found in Microsoft Office up to 2019. Affected by this vulnerability is an unknown part of the component Word. Applying a patch is able to eliminate this problem. A possible mitigation has been...
Auteur: VulDB

Microsoft Windows up to Server 2019 Remote Desktop Protocol denial of service

A vulnerability classified as problematic has been found in Microsoft Windows. Affected is some unknown functionality of the component Remote Desktop Protocol. Applying a patch is able to eliminate this problem. A possible mitigation has been...
Auteur: VulDB

Microsoft Office up to 2019 Access information disclosure

A vulnerability was found in Microsoft Office up to 2019. It has been rated as problematic. This issue affects an unknown functionality of the component Access. Applying a patch is able to eliminate this problem. A possible mitigation has been...
Auteur: VulDB

Microsoft Releases December 2019 Security Updates

Original release date: December 10, 2019Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert

Google Releases Security Updates for Chrome

Original release date: December 10, 2019Google has released security updates for Chrome version 79.0.3945.79 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected...
Auteur: US Cert

Apple Releases Multiple Security Updates

Original release date: December 10, 2019Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

Microsoft Power BI Report Server cross site scripting [CVE-2019-1332]

A vulnerability was found in Microsoft Power BI Report Server, SQL Server 2017 Reporting Services and SQL Server 2019 Reporting Services (Database Software) (the affected version is unknown). It has been declared as problematic. This...
Auteur: VulDB

Microsoft Internet Explorer 9/10/11 VBScript memory corruption

A vulnerability was found in Microsoft Internet Explorer 9/10/11 (Web Browser). It has been classified as critical. This affects some unknown processing of the component VBScript. Applying a patch is able to eliminate this problem. A possible...
Auteur: VulDB

Microsoft Windows up to Server 2019 Win32k information disclosure

A vulnerability was found in Microsoft Windows (Operating System) and classified as problematic. Affected by this issue is an unknown code block of the component Win32k. Applying a patch is able to eliminate this problem. A possible mitigation...
Auteur: VulDB

Microsoft Windows up to Server 2016 Win32k memory corruption

A vulnerability has been found in Microsoft Windows (Operating System) and classified as critical. Affected by this vulnerability is an unknown code of the component Win32k. Applying a patch is able to eliminate this problem. A possible...
Auteur: VulDB

Microsoft Windows up to Server 2019 Win32k Graphics memory corruption

A vulnerability, which was classified as critical, has been found in Microsoft Windows (Operating System). This issue affects some unknown functionality of the component Win32k Graphics. Applying a patch is able to eliminate this problem. A...
Auteur: VulDB

Microsoft Windows up to Server 2019 Hyper-V memory corruption

A vulnerability, which was classified as critical, was found in Microsoft Windows up to Server 2019. Affected is an unknown part of the component Hyper-V. Applying a patch is able to eliminate this problem. A possible mitigation has been...
Auteur: VulDB

Intel Releases Security Updates

Original release date: December 10, 2019Intel has released security updates to address vulnerabilities in multiple products. An authenticated attacker with local access could exploit some of these vulnerabilities to gain escalation of...
Auteur: US Cert

Adobe Releases Security Updates

Original release date: December 10, 2019Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity...
Auteur: US Cert

Samba Releases Security Updates

Original release date: December 10, 2019The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert

marc-q libwav up to 2017-04-20 libwav.c wav_content_read() denial of service

A vulnerability was found in marc-q libwav up to 2017-04-20 (Audio Processing Software). It has been declared as problematic. Affected by this vulnerability is the function wav_content_read() of the file libwav.c. There is no information about...
Auteur: VulDB

CERTFR-2019-AVI-615 : [SCADA] Multiples vulnérabilités dans les produits Siemens (10 décembre 2019)

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la...
Auteur: Cert FR

CERTFR-2019-AVI-614 : Multiples vulnérabilités dans Samba (10 décembre 2019)

De multiples vulnérabilités ont été découvertes dans Samba. Elles permettent à un attaquant de provoquer un déni de service à distance et un contournement de la politique de sécurité.

Auteur: Cert FR

CERTFR-2019-AVI-613 : Vulnérabilité dans Symantec Industrial Control System Protection (10 décembre 2019)

Une vulnérabilité a été découverte dans Symantec Industrial Control System Protection. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Auteur: Cert FR

CoreHR Core Portal up to 27.0.7 cross site request forgery

A vulnerability was found in CoreHR Core Portal up to 27.0.7. It has been classified as problematic. Affected is an unknown function. Upgrading to version 27.0.8 eliminates this vulnerability.
Auteur: VulDB
First567891011121314Last

Événements SSI

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS