samedi 30 mai 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

74cms 4.2.111 index.php pid privilege escalation

A vulnerability was found in 74cms 4.2.111. It has been declared as critical. Affected by this vulnerability is a code block of the file index.php?c=Personal&a=ajax_save_basic. The manipulation of the argument pid as part of a Parameter leads to...
Auteur: VulDB

Linux Kernel up to 4.18.10 ipddp.c ipddp_ioctl IOCTL Call information disclosure

A vulnerability was found in Linux Kernel up to 4.18.10. It has been classified as problematic. Affected is the function ipddp_ioctl of the file drivers/net/appletalk/ipddp.c. The manipulation as part of a IOCTL Call leads to a information...
Auteur: VulDB

BOUYGUES TELECOM : sanction pécuniaire pour manquement à la sécurité des données clients

La formation restreinte de la CNIL a prononcé une sanction de 250 000 euros à l’encontre de la société BOUYGUES TELECOM pour avoir insuffisamment protégé les données de clients B&You.
Auteur: Cnil

CERTFR-2018-AVI-612 : SCADA Vulnérabilité dans Schneider Electric Power Monitoring Expert et Energy Expert (26 décembre 2018)

Une vulnérabilité a été découverte dans Schneider Electric Power Monitoring Expert et Energy Expert. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Auteur: Cert FR

Zoho ManageEngine ADSelfService Plus up to 5.7 Employee Search Feature cross site scripting

A vulnerability, which was classified as problematic, was found in Zoho ManageEngine ADSelfService Plus up to 5.7. This affects a function of the component Employee Search Feature. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

Zoho ManageEngine ADSelfService Plus up to 5.7 Self-Update Layout cross site scripting

A vulnerability, which was classified as problematic, has been found in Zoho ManageEngine ADSelfService Plus up to 5.7. Affected by this issue is some functionality of the component Self-Update Layout. The manipulation with an unknown input...
Auteur: VulDB

S-Cms 1.0 js/pic.php P_id sql injection

A vulnerability was found in S-Cms 1.0. It has been declared as critical. This vulnerability affects a code block of the file js/pic.php. The manipulation of the argument P_id as part of a Parameter leads to a sql injection vulnerability. The...
Auteur: VulDB

S-Cms 1.0 wap_index.php S_id sql injection

A vulnerability was found in S-Cms 1.0. It has been classified as critical. This affects code of the file wap_index.php?type=newsinfo. The manipulation of the argument S_id as part of a Parameter leads to a sql injection vulnerability. CWE is...
Auteur: VulDB

S-Cms 1.0 admin/download.php DownName information disclosure

A vulnerability was found in S-Cms 1.0 and classified as problematic. Affected by this issue is a part of the file admin/download.php. The manipulation of the argument DownName as part of a Parameter leads to a information disclosure...
Auteur: VulDB

S-Cms 3.0 bank/callback1.php P_no sql injection

A vulnerability has been found in S-Cms 3.0 and classified as critical. Affected by this vulnerability is a functionality of the file bank/callback1.php. The manipulation of the argument P_no with an unknown input leads to a sql injection...
Auteur: VulDB

S-Cms 3.0 admin/demo.php T_id cross site scripting

A vulnerability, which was classified as problematic, was found in S-Cms 3.0. Affected is a function of the file admin/demo.php. The manipulation of the argument T_id as part of a Parameter leads to a cross site scripting vulnerability. CWE is...
Auteur: VulDB

ImageMagick up to 7.0.8-16 coders/bmp.c denial of service

A vulnerability, which was classified as problematic, has been found in ImageMagick up to 7.0.8-16. This issue affects some functionality of the file coders/bmp.c. The manipulation with an unknown input leads to a denial of service vulnerability...
Auteur: VulDB

GNU wget up to 1.20 xattr.c set_file_metadata information disclosure

A vulnerability classified as problematic was found in GNU wget up to 1.20. Affected by this vulnerability is the function set_file_metadata of the file xattr.c. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

GNU tar up to 1.30 sparse.c sparse_dump_region Archive denial of service

A vulnerability classified as problematic has been found in GNU tar up to 1.30. Affected is the function sparse_dump_region of the file sparse.c. The manipulation as part of a Archive leads to a denial of service vulnerability (Loop). CWE is...
Auteur: VulDB

poppler 0.72.0 XRef.cc XRef::getEntry PDF Document denial of service

A vulnerability was found in poppler 0.72.0. It has been rated as problematic. This issue affects the function XRef::getEntry of the file XRef.cc. The manipulation as part of a PDF Document leads to a denial of service vulnerability (NULL...
Auteur: VulDB

SuSE Repository Mirroring Tool up to 1.1.1 YaST2 RMT Module Password information disclosure

A vulnerability, which was classified as problematic, has been found in SuSE Repository Mirroring Tool up to 1.1.1. Affected by this issue is some functionality of the component YaST2 RMT Module. The manipulation with an unknown input leads to a...
Auteur: VulDB

QNAP Q'center Virtual Appliance up to 1.8.1014 cross site scripting

A vulnerability classified as problematic was found in QNAP Q'center Virtual Appliance up to 1.8.1014. Affected by this vulnerability is the functionality. The manipulation with an unknown input leads to a cross site scripting vulnerability. The...
Auteur: VulDB

QNAP Q'center Virtual Appliance up to 1.8.1014 cross site scripting

A vulnerability classified as problematic has been found in QNAP Q'center Virtual Appliance up to 1.8.1014. Affected is an unknown function. The manipulation with an unknown input leads to a cross site scripting vulnerability. CWE is classifying...
Auteur: VulDB

Bento4 1.5.1-627 Core/Ap4HvccAtom.cpp AP4_HvccAtom::Create denial of service

A vulnerability has been found in Bento4 1.5.1-627 and classified as problematic. This vulnerability affects the function AP4_HvccAtom::Create of the file Core/Ap4HvccAtom.cpp. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

MetInfo up to 6.x login_check.php url_array[] cross site scripting

A vulnerability, which was classified as problematic, was found in MetInfo up to 6.x. This affects a function of the file /admin/login/login_check.php. The manipulation of the argument url_array[] as part of a Parameter leads to a cross site...
Auteur: VulDB

VIA Technologies EPIA-E900 SmartETK Driver ETK_E900.sys denial of service

A vulnerability, which was classified as critical, has been found in VIA Technologies EPIA-E900 (affected version not known). Affected by this issue is some functionality in the library ETK_E900.sys of the component SmartETK Driver. The...
Auteur: VulDB

MIT Kerberos up to 1.16 Request Assertion privilege escalation

A vulnerability classified as critical was found in MIT Kerberos up to 1.16. Affected by this vulnerability is the functionality. The manipulation as part of a Request leads to a privilege escalation vulnerability (Assertion). The CWE definition...
Auteur: VulDB

Qt up to 5.11.2 BMP Data QBmpHandler memory corruption

A vulnerability classified as critical has been found in Qt up to 5.11.2. Affected is the function QBmpHandler of the component BMP Data Handler. The manipulation with an unknown input leads to a memory corruption vulnerability. CWE is...
Auteur: VulDB

Qt up to 5.11.2 QTgaFile denial of service

A vulnerability was found in Qt up to 5.11.2. It has been rated as problematic. This issue affects the function QTgaFile. The manipulation with an unknown input leads to a denial of service vulnerability (Resource Exhaustion). Using CWE to...
Auteur: VulDB

Qt up to 5.11.2 QGifHandler GIF Image memory corruption

A vulnerability was found in Qt up to 5.11.2. It has been declared as critical. This vulnerability affects the function QGifHandler. The manipulation as part of a GIF Image leads to a memory corruption vulnerability (NULL Pointer Dereference)....
Auteur: VulDB
First1022102310241025102610271028102910301031Last

Événements SSI