jeudi 19 septembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Bosch Access Professional Edition 3.8 Windows SMB privilege escalation

A vulnerability was found in Bosch Access Professional Edition 3.8. It has been rated as critical. This issue affects an unknown code block of the component Windows SMB. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Bosch Access Professional Edition 3.8 Service Tools privilege escalation

A vulnerability was found in Bosch Access Professional Edition 3.8. It has been declared as critical. This vulnerability affects an unknown code of the component Service Tools. The problem might be mitigated by replacing the product with as an...
Auteur: VulDB

Eclipse OMR prior 0.1 Versioner Out-of-Array memory corruption

A vulnerability was found in Eclipse OMR. It has been classified as critical. This affects an unknown part of the component Versioner. Upgrading to version 0.1 eliminates this vulnerability.
Auteur: VulDB

Eclipse OMR prior 0.1 on AIX RPATH privilege escalation

A vulnerability was found in Eclipse OMR on AIX and classified as critical. Affected by this issue is some unknown functionality of the component RPATH Handler. Upgrading to version 0.1 eliminates this vulnerability.
Auteur: VulDB

Script Security Plugin up to 1.62 on Jenkins Sandbox privilege escalation

A vulnerability has been found in Script Security Plugin up to 1.62 on Jenkins (Jenkins Plugin) and classified as critical. Affected by this vulnerability is an unknown functionality of the component Sandbox. There is no information about...
Auteur: VulDB

Script Security Plugin up to 1.62 on Jenkins Sandbox privilege escalation

A vulnerability, which was classified as critical, was found in Script Security Plugin up to 1.62 on Jenkins (Jenkins Plugin). Affected is an unknown function of the component Sandbox. There is no information about possible countermeasures known....
Auteur: VulDB

Beaker Builder Plugin up to 1.9 on Jenkins Global Configuration Credentials information disclosure

A vulnerability, which was classified as problematic, has been found in Beaker Builder Plugin up to 1.9 on Jenkins (Jenkins Plugin). This issue affects some unknown processing of the component Global Configuration. There is no information about...
Auteur: VulDB

Aqua Security Serverless Scanner Plugin up to 1.0.4 on Jenkins Job Configuration weak encryption

A vulnerability classified as problematic was found in Aqua Security Serverless Scanner Plugin up to 1.0.4 on Jenkins (Jenkins Plugin). This vulnerability affects an unknown code block of the component Job Configuration Handler. There is no...
Auteur: VulDB

Dashboard View Plugin up to 2.11 on Jenkins Build Description cross site scripting

A vulnerability classified as problematic has been found in Dashboard View Plugin up to 2.11 on Jenkins (Jenkins Plugin). This affects an unknown code of the component Build Description Handler. There is no information about possible...
Auteur: VulDB

Build Environment Plugin up to 1.6 on Jenkins View Variable cross site scripting

A vulnerability was found in Build Environment Plugin up to 1.6 on Jenkins (Jenkins Plugin). It has been rated as problematic. Affected by this issue is an unknown part of the component View Handler. There is no information about possible...
Auteur: VulDB

Script Security Plugin up to 1.62 on Jenkins Sandbox privilege escalation

A vulnerability was found in Script Security Plugin up to 1.62 on Jenkins (Jenkins Plugin). It has been declared as critical. Affected by this vulnerability is some unknown functionality of the component Sandbox. There is no information about...
Auteur: VulDB

Script Security Plugin up to 1.62 on Jenkins Sandbox privilege escalation

A vulnerability was found in Script Security Plugin up to 1.62 on Jenkins (Jenkins Plugin). It has been classified as critical. Affected is an unknown functionality of the component Sandbox. There is no information about possible countermeasures...
Auteur: VulDB

Git Client Plugin up to 2.8.4 on Jenkins URL Argument OS Command Injection privilege escalation

A vulnerability was found in Git Client Plugin up to 2.8.4 on Jenkins (Versioning Software) and classified as critical. This issue affects an unknown function of the component URL Handler. There is no information about possible countermeasures...
Auteur: VulDB

CERTFR-2019-AVI-444 : Multiples vulnérabilités dans OpenSSL (12 septembre 2019)

De multiples vulnérabilités ont été découvertes dans OpenSSL. Elles permettent à un attaquant de provoquer une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.

Auteur: Cert FR

CERTFR-2019-AVI-443 : Multiples vulnérabilités dans Wireshark (12 septembre 2019)

De multiples vulnérabilités ont été découvertes dans Wireshark. Elles permettent à un attaquant de provoquer un déni de service à distance.

Auteur: Cert FR

CERTFR-2019-AVI-442 : Multiples vulnérabilités dans Citrix SD-WAN (12 septembre 2019)

De multiples vulnérabilités ont été découvertes dans Citrix SD-WAN. Elles permettent à un attaquant de provoquer un déni de service à distance.

Auteur: Cert FR

CERTFR-2019-AVI-441 : Vulnérabilité dans le noyau Linux d’Ubuntu (12 septembre 2019)

Une vulnérabilité a été découverte dans le noyau Linux d'Ubuntu. Elle permet à un attaquant de provoquer un déni de service à distance.

Auteur: Cert FR

CERTFR-2019-AVI-440 : Multiples vulnérabilités dans le noyau Linux de Red Hat (12 septembre 2019)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un...
Auteur: Cert FR

Trend Micro Security Manager/Vulnerability Protection XML Data XML External Entity

A vulnerability has been found in Trend Micro Security Manager and Vulnerability Protection (the affected version is unknown) and classified as critical. This vulnerability affects some unknown processing of the component XML Data Handler. There...
Auteur: VulDB

JIRA up to 8.3.x makeRequest JiraWhitelist Server-Side Request Forgery

A vulnerability, which was classified as critical, was found in JIRA up to 8.3.x. This affects the function JiraWhitelist of the file /plugins/servlet/gadgets/makeRequest. Upgrading to version 8.4.0 eliminates this vulnerability.
Auteur: VulDB

JIRA up to 7.13.5/8.3.x Optimization Plugin cross site scripting

A vulnerability, which was classified as problematic, has been found in JIRA up to 7.13.5/8.3.x. Affected by this issue is an unknown code of the component Optimization Plugin. Upgrading to version 7.13.6 or 8.4.0 eliminates this vulnerability.
Auteur: VulDB

JIRA up to 8.3.x groupuserpicker information disclosure

A vulnerability classified as problematic was found in JIRA up to 8.3.x. Affected by this vulnerability is an unknown part of the file /rest/api/latest/groupuserpicker. Upgrading to version 8.4.0 eliminates this vulnerability.
Auteur: VulDB

Netgear N300 1.0.0.70 Host Access Point Daemon SOAP Request NULL Pointer Dereference denial of service

A vulnerability classified as problematic has been found in Netgear N300 1.0.0.70. Affected is some unknown functionality of the component Host Access Point Daemon. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Netgear N300 1.0.0.70 Session User-Agent NULL Pointer Dereference denial of service

A vulnerability was found in Netgear N300 1.0.0.70. It has been rated as problematic. This issue affects an unknown functionality of the component Session Handler. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Dell EMC RSA Identity Governance and Lifecycle up to 7.1.0 P07 Debug Log File Password information disclosure

A vulnerability was found in Dell EMC RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance up to 7.1.0 P07. It has been declared as problematic. This vulnerability affects an unknown function of the component Debug Log File....
Auteur: VulDB
First6789101112131415Last

Événements SSI

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS