jeudi 17 octobre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Bento4 Encryption 1.5.1.0 Ap4CommonEncryption.cpp DoInspectFields memory corruption

A vulnerability, which was classified as critical, has been found in Bento4 Encryption 1.5.1.0 (Multimedia Player Software). Affected by this issue is the function AP4_CencSampleEncryption::DoInspectFields of the file...
Auteur: VulDB

Bento4 1.5.1.0 Core/Ap4TfhdAtom.h SetDefaultSampleSize memory corruption

A vulnerability classified as critical was found in Bento4 1.5.1.0 (Multimedia Player Software). Affected by this vulnerability is the function AP4_TfhdAtom::SetDefaultSampleSize of the file Core/Ap4TfhdAtom.h. There is no information about...
Auteur: VulDB

Hotaru CMS 1.7.2 admin_index.php SITE_NAME cross site scripting

A vulnerability classified as problematic has been found in Hotaru CMS 1.7.2 (Content Management System). Affected is an unknown functionality of the file admin_index.php?page=settings. There is no information about possible countermeasures...
Auteur: VulDB

Landing-CMS 0.0.6 password/ cross site request forgery

A vulnerability was found in Landing-CMS 0.0.6 (Content Management System). It has been rated as problematic. This issue affects an unknown function of the file password/. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Hydra up to 0.1.8 HTTP Header read.c process_header_end() Content-Length denial of service

A vulnerability was found in Hydra up to 0.1.8. It has been declared as problematic. This vulnerability affects the function process_header_end() of the file read.c of the component HTTP Header Handler. There is no information about possible...
Auteur: VulDB

Samsung Laser Printers denial of service [CVE-2019-6335]

A vulnerability was found in Samsung Laser Printers (Printing Software) (the affected version unknown). It has been classified as problematic. This affects an unknown code block. There is no information about possible countermeasures known. It...
Auteur: VulDB

HP Touchpoint Analytics prior 4.1.4.2827 System Service privilege escalation

A vulnerability was found in HP Touchpoint Analytics and classified as critical. Affected by this issue is an unknown code of the component System Service. Upgrading to version 4.1.4.2827 eliminates this vulnerability.
Auteur: VulDB

Google Android up to 10.0 nfc_ncif.cc nfc_ncif_decode_rf_params information disclosure

A vulnerability has been found in Google Android up to 10.0 (Smartphone Operating System) and classified as problematic. Affected by this vulnerability is the function nfc_ncif_decode_rf_params of the file nfc_ncif.cc. Applying a patch is able to...
Auteur: VulDB

Google Android up to 10.0 combined_decode.cpp GetMBheader memory corruption

A vulnerability, which was classified as critical, was found in Google Android up to 10.0 (Smartphone Operating System). Affected is the function GetMBheader of the file combined_decode.cpp. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Google Android 7.1.1/7.1.2/8.0/8.1/9.0 vlc_dequant.cpp VlcDequantH263IntraBlock_SH memory corruption

A vulnerability, which was classified as critical, has been found in Google Android 7.1.1/7.1.2/8.0/8.1/9.0 (Smartphone Operating System). This issue affects the function VlcDequantH263IntraBlock_SH of the file vlc_dequant.cpp. Applying a patch...
Auteur: VulDB

Google Android 7.1.1/7.1.2/8.0/8.1/9.0 dec_pred_intra_dc.cpp PV_DecodePredictedIntraDC memory corruption

A vulnerability classified as critical was found in Google Android 7.1.1/7.1.2/8.0/8.1/9.0 (Smartphone Operating System). This vulnerability affects the function PV_DecodePredictedIntraDC of the file dec_pred_intra_dc.cpp. Applying a patch is...
Auteur: VulDB

Google Android 9.0 Cache RegisteredServicesCache.java generateServicesMap information disclosure

A vulnerability classified as problematic has been found in Google Android 9.0 (Smartphone Operating System). This affects the function generateServicesMap of the file RegisteredServicesCache.java of the component Cache Handler. Applying a patch...
Auteur: VulDB

Google Android 7.1.1/7.1.2/8.0/8.1/9.0 Permission Check ActivityStarter.java startActivityMayWait privilege escalation

A vulnerability was found in Google Android 7.1.1/7.1.2/8.0/8.1/9.0 (Smartphone Operating System). It has been rated as critical. Affected by this issue is the function startActivityMayWait of the file ActivityStarter.java of the component...
Auteur: VulDB

Google Android 8.0/8.1/9.0 NFC Application privilege escalation

A vulnerability was found in Google Android 8.0/8.1/9.0 (Smartphone Operating System). It has been declared as critical. Affected by this vulnerability is an unknown code of the component NFC. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Google Android 9.0 Permission Check ScreenRotationAnimation.java ScreenRotationAnimation information disclosure

A vulnerability was found in Google Android 9.0 (Smartphone Operating System). It has been classified as problematic. Affected is the function ScreenRotationAnimation of the file ScreenRotationAnimation.java of the component Permission Check....
Auteur: VulDB

Python Documentation 2/3 Sorting privilege escalation

A vulnerability was found in Python Documentation 2/3 (Programming Language Software) and classified as critical. This issue affects some unknown functionality of the component Sorting. Upgrading eliminates this vulnerability.
Auteur: VulDB

D-Link DIR-846 100A35 SetWizardConfig.php SetWizardConfig Shell Metacharacter privilege escalation

A vulnerability has been found in D-Link DIR-846 100A35 (Router Operating System) and classified as critical. This vulnerability affects the function SetWizardConfig of the file /squashfs-root/www/HNAP1/control/SetWizardConfig.php. There is no...
Auteur: VulDB

D-Link DIR-846 100A35 SetMasterWLanSettings.php SetMasterWLanSettings Shell Metacharacter privilege escalation

A vulnerability, which was classified as critical, was found in D-Link DIR-846 100A35 (Router Operating System). This affects the function SetMasterWLanSettings of the file /squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php. There is no...
Auteur: VulDB

D-Link DIR-850/DIR-859 DEVICE.TIME.php $SERVER command injection

A vulnerability, which was classified as critical, has been found in D-Link DIR-850 and DIR-859 (Router Operating System) (affected version not known). Affected by this issue is some unknown processing of the file /etc/services/DEVICE.TIME.php....
Auteur: VulDB

D-Link DIR-816 A1 1.06 Management Page privilege escalation

A vulnerability classified as critical was found in D-Link DIR-816 A1 1.06 (Router Operating System). Affected by this vulnerability is an unknown code block of the component Management Page. There is no information about possible countermeasures...
Auteur: VulDB

D-Link DIR-868L/DIR-817LW Web Interface getcfg.php information disclosure

A vulnerability classified as problematic has been found in D-Link DIR-868L and DIR-817LW (Router Operating System) (version unknown). Affected is an unknown code of the file getcfg.php of the component Web Interface. There is no information...
Auteur: VulDB

D-Link DAP-1320 A2-V1.21 Web Interface weak authentication

A vulnerability was found in D-Link DAP-1320 A2-V1.21. It has been rated as critical. This issue affects an unknown part of the component Web Interface. Addressing this vulnerability is possible by firewalling .
Auteur: VulDB

Kirona Dynamic Resource Scheduling 5.5.3.5 /osm/report/ password cross site scripting

A vulnerability was found in Kirona Dynamic Resource Scheduling 5.5.3.5. It has been declared as problematic. This vulnerability affects some unknown functionality of the file /osm/report/. There is no information about possible countermeasures...
Auteur: VulDB

Kirona Dynamic Resource Scheduling up to 5.5.3.5 /osm/REGISTER.cmd information disclosure

A vulnerability was found in Kirona Dynamic Resource Scheduling up to 5.5.3.5. It has been classified as problematic. This affects an unknown functionality of the file /osm/REGISTER.cmd. There is no information about possible countermeasures...
Auteur: VulDB

Compal CH7465LG 6.12.18.25-2p4 Common Gateway Interface setter.xml Target_IP command injection

A vulnerability was found in Compal CH7465LG 6.12.18.25-2p4 and classified as critical. Affected by this issue is an unknown function of the file setter.xml of the component Common Gateway Interface. There is no information about possible...
Auteur: VulDB
First6789101112131415Last

Événements SSI

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS