samedi 30 mai 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Qt up to 5.11.2 SVG Image qsvghandler.cpp memory corruption

A vulnerability was found in Qt up to 5.11.2. It has been classified as critical. This affects code of the file qsvghandler.cpp of the component SVG Image Handler. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

Dolibarr ERP/CRM up to 8.0.3 /exports/export.php datatoexport cross site scripting

A vulnerability was found in Dolibarr ERP and CRM up to 8.0.3 and classified as problematic. Affected by this issue is a part of the file /exports/export.php. The manipulation of the argument datatoexport with an unknown input leads to a cross...
Auteur: VulDB

Rockwell Automation Allen-Bradley PowerMonitor 1000 /Security/Security.shtm cross site scripting

A vulnerability, which was classified as problematic, was found in Rockwell Automation Allen-Bradley PowerMonitor 1000 (version unknown). Affected is a function of the file /Security/Security.shtm. The manipulation with an unknown input leads to...
Auteur: VulDB

Engelsystem cross site request forgery [CVE-2018-19182]

A vulnerability, which was classified as problematic, has been found in Engelsystem (unknown version). This issue affects some functionality. The manipulation with an unknown input leads to a cross site request forgery vulnerability. Using CWE...
Auteur: VulDB

Asus Aura Sync up to 1.07.22 GLCKIo Low-Level Driver privilege escalation

A vulnerability classified as critical was found in Asus Aura Sync up to 1.07.22. This vulnerability affects the functionality of the component GLCKIo Low-Level Driver. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Asus Aura Sync up to 1.07.22 GLCKIo/Asusgio Code Execution

A vulnerability classified as critical has been found in Asus Aura Sync up to 1.07.22. This affects an unknown function of the component GLCKIo/Asusgio. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code...
Auteur: VulDB

Asus Aura Sync up to 1.07.22 Asusgio Low-Level Driver privilege escalation

A vulnerability was found in Asus Aura Sync up to 1.07.22. It has been rated as critical. Affected by this issue is some processing of the component Asusgio Low-Level Driver. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

HashHeroes Tiles determineWinner Smart Contract privilege escalation

A vulnerability was found in HashHeroes Tiles (affected version unknown). It has been declared as problematic. Affected by this vulnerability is the function determineWinner. The manipulation as part of a Smart Contract leads to a privilege...
Auteur: VulDB

Qt up to 5.11.2 QXmlStream XML Document Double-Free memory corruption

A vulnerability was found in Qt up to 5.11.2. It has been classified as critical. Affected is code of the component QXmlStream. The manipulation as part of a XML Document leads to a memory corruption vulnerability (Double-Free). CWE is...
Auteur: VulDB

NEC Univerge Sv9100 WebPro 6.00.00 Web UI Credentials weak encryption

A vulnerability was found in NEC Univerge Sv9100 WebPro 6.00.00 and classified as critical. This issue affects a part of the component Web UI. The manipulation with an unknown input leads to a weak encryption vulnerability (Credentials). Using...
Auteur: VulDB

NEC Univerge Sv9100 WebPro 6.00.00 Home.htm information disclosure

A vulnerability has been found in NEC Univerge Sv9100 WebPro 6.00.00 and classified as problematic. This vulnerability affects a functionality of the file Home.htm?sessionId=#####&GOTO(8). The manipulation with an unknown input leads to a...
Auteur: VulDB

Rockwell Automation Allen-Bradley PowerMonitor 1000 Access Control privilege escalation

A vulnerability has been found in Rockwell Automation Allen-Bradley PowerMonitor 1000 (affected version unknown) and classified as critical. Affected by this vulnerability is a functionality of the component Access Control. The manipulation with...
Auteur: VulDB

Parcoursup et les établissements d’enseignement supérieur

« Foire aux questions Informatique et Libertés »
Auteur: Cnil

PARCOURSUP et les établissements d’enseignement supérieur : questions-réponses

Afin d’accompagner les établissements dans la mise en œuvre du dispositif « PARCOURSUP » et de répondre à leurs questions les plus courantes, la CNIL publie une « Foire aux questions »
Auteur: Cnil

CMS Made Simple 2.2.8 admin/myaccount.php cross site scripting

A vulnerability classified as problematic has been found in CMS Made Simple 2.2.8. This affects an unknown function of the file admin/myaccount.php. The manipulation with an unknown input leads to a cross site scripting vulnerability...
Auteur: VulDB

JSmol2WP Plugin 1.07 on WordPress query SSRF directory traversal

A vulnerability was found in JSmol2WP Plugin 1.07 on WordPress. It has been rated as critical. Affected by this issue is some processing. The manipulation of the argument query as part of a Query String leads to a directory traversal...
Auteur: VulDB

radare2 up to 3.1.0 libr/core/cmd_anal.c core_anal_bytes Binary File memory corruption

A vulnerability was found in radare2 up to 3.1.0. It has been classified as critical. Affected is the function core_anal_bytes of the file libr/core/cmd_anal.c. The manipulation as part of a Binary File leads to a memory corruption vulnerability...
Auteur: VulDB

radare2 up to 3.1.1 armass64.c parseOperands memory corruption

A vulnerability was found in radare2 up to 3.1.1 and classified as critical. This issue affects the function parseOperands of the file libr/asm/arch/arm/armass64.c. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

radare2 up to 3.1.3 armass.c armass_assemble memory corruption

A vulnerability has been found in radare2 up to 3.1.3 and classified as critical. This vulnerability affects the function armass_assemble of the file libr/asm/arch/arm/armass.c. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

radare2 up to 3.1.0 dyldcache.c r_bin_dyldcache_extract memory corruption

A vulnerability, which was classified as critical, was found in radare2 up to 3.1.0. This affects the function r_bin_dyldcache_extract of the file libr/bin/format/mach0/dyldcache.c. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

radare2 up to 3.1.3 libr/asm/p/asm_arm_cs.c assemble memory corruption

A vulnerability, which was classified as critical, has been found in radare2 up to 3.1.3. Affected by this issue is the function assemble of the file libr/asm/p/asm_arm_cs.c. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

radare2 up to 3.1.0 libr/asm/p/asm_x86_nz.c parseOperand memory corruption

A vulnerability classified as critical was found in radare2 up to 3.1.0. Affected by this vulnerability is the function parseOperand of the file libr/asm/p/asm_x86_nz.c. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

radare2 up to 3.1.0 libr/asm/p/asm_x86_nz.c parseOperand memory corruption

A vulnerability classified as critical has been found in radare2 up to 3.1.0. Affected is the function parseOperand of the file libr/asm/p/asm_x86_nz.c. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

74cms 4.2.111 index.php key cross site scripting

A vulnerability was found in 74cms 4.2.111. It has been rated as problematic. This issue affects some processing of the file upload/index.php?c=resume&a=resume_list. The manipulation of the argument key as part of a Parameter leads to a cross...
Auteur: VulDB

libdoc up to 2017-10-23 numutils.c getlong memory corruption

A vulnerability was found in libdoc up to 2017-10-23. It has been declared as critical. This vulnerability affects the function getlong of the file numutils.c. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB
First1023102410251026102710281029103010311032Last

Événements SSI