mercredi 18 septembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

WordPress up to 5.2.2 Dashboard Reflected cross site scripting

A vulnerability was found in WordPress up to 5.2.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Dashboard. Upgrading to version 5.2.3 eliminates this vulnerability.
Auteur: VulDB

WordPress up to 5.2.2 pluggable.php wp_validate_redirect Open Redirect

A vulnerability was found in WordPress up to 5.2.2. It has been declared as critical. Affected by this vulnerability is the function wp_validate_redirect of the file wp-includes/pluggable.php. Upgrading to version 5.2.3 eliminates this...
Auteur: VulDB

WordPress up to 5.2.2 Shortcode Preview cross site scripting

A vulnerability was found in WordPress up to 5.2.2. It has been classified as problematic. Affected is an unknown function of the component Shortcode Preview Handler. Upgrading to version 5.2.3 eliminates this vulnerability.
Auteur: VulDB

WordPress up to 5.2.2 Comment Stored cross site scripting

A vulnerability was found in WordPress up to 5.2.2 and classified as problematic. This issue affects some unknown processing of the component Comment Handler. Upgrading to version 5.2.3 eliminates this vulnerability.
Auteur: VulDB

WordPress up to 5.2.2 Media Upload wp_ajax_upload_attachment cross site scripting

A vulnerability has been found in WordPress up to 5.2.2 and classified as problematic. This vulnerability affects an unknown code block of the component Media Upload. Upgrading to version 5.2.3 eliminates this vulnerability.
Auteur: VulDB

Micro-Star MSI Afterburner 4.6.2.15658 Driver RTCore64.sys Code Execution

A vulnerability, which was classified as critical, was found in Micro-Star MSI Afterburner 4.6.2.15658. This affects an unknown code in the library RTCore64.sys of the component Driver. There is no information about possible countermeasures...
Auteur: VulDB

XWiki CryptPad up to 2.x Pad Management Logic denial of service

A vulnerability, which was classified as problematic, has been found in XWiki CryptPad up to 2.x. Affected by this issue is an unknown part of the component Pad Management Logic. Upgrading to version 3.0.0 eliminates this vulnerability.
Auteur: VulDB

JIRA up to 8.3.x cross site request forgery

A vulnerability classified as problematic was found in JIRA up to 8.3.x. Affected by this vulnerability is some unknown functionality. Upgrading to version 8.4.0 eliminates this vulnerability.
Auteur: VulDB

JIRA up to 8.4.0 Cache AccessLogFilter information disclosure

A vulnerability classified as problematic has been found in JIRA up to 8.4.0. Affected is the function AccessLogFilter of the component Cache Handler. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

JIRA up to 7.13.6 FilterPickerPopup.jspa searchOwnerUserName cross site scripting

A vulnerability was found in JIRA up to 7.13.6. It has been rated as problematic. This issue affects an unknown function of the file FilterPickerPopup.jspa. Upgrading to version 7.13.7 eliminates this vulnerability.
Auteur: VulDB

JIRA up to 8.3.x Attachment /rest/api/1.0/render information disclosure

A vulnerability was found in JIRA up to 8.3.x. It has been declared as problematic. This vulnerability affects some unknown processing of the file /rest/api/1.0/render of the component Attachment Handler. Upgrading to version 8.4.0 eliminates...
Auteur: VulDB

Easy!Appointments Plugin 1.3.2 on WordPress Credentials information disclosure

A vulnerability was found in Easy!Appointments Plugin 1.3.2 on WordPress (WordPress Plugin). It has been classified as problematic. This affects an unknown code block. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Delta Electronics TPEditor up to 1.94 Project File Out-of-Bounds memory corruption

A vulnerability was found in Delta Electronics TPEditor up to 1.94 and classified as critical. Affected by this issue is an unknown code of the component Project File Handler. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Delta Electronics TPEditor up to 1.94 Project File Stack-based memory corruption

A vulnerability has been found in Delta Electronics TPEditor up to 1.94 and classified as critical. Affected by this vulnerability is an unknown part of the component Project File Handler. There is no information about possible countermeasures...
Auteur: VulDB

Delta Electronics TPEditor up to 1.94 Project File Heap-based memory corruption

A vulnerability, which was classified as critical, was found in Delta Electronics TPEditor up to 1.94. Affected is some unknown functionality of the component Project File Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

TELESTAR Imperial i600 Telnet Service privilege escalation

A vulnerability, which was classified as critical, has been found in TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt and...
Auteur: VulDB

Eclipse Paho Java Client Library 1.2.0 TLS Connection weak authentication

A vulnerability classified as critical has been found in Eclipse Paho Java Client Library 1.2.0 (Software Library). This affects some unknown processing of the component TLS Connection Handler. There is no information about possible...
Auteur: VulDB

TeamViewer 14.2.2558 GUI Teamviewer.exe information disclosure

A vulnerability was found in TeamViewer 14.2.2558. It has been rated as problematic. Affected by this issue is an unknown code block of the file Teamviewer.exe of the component GUI. There is no information about possible countermeasures known. It...
Auteur: VulDB

Apache OFBiz up to 16.11.05 Form Widget Freemarker Markup Remote Code Execution

A vulnerability was found in Apache OFBiz up to 16.11.05. It has been declared as critical. Affected by this vulnerability is an unknown code of the component Form Widget. Upgrading to version 16.11.06 eliminates this vulnerability.
Auteur: VulDB

Apache OFBiz up to 16.11.05 Application Stored cross site scripting

A vulnerability was found in Apache OFBiz up to 16.11.05. It has been classified as problematic. Affected is an unknown part. Upgrading to version 16.11.06 eliminates this vulnerability.
Auteur: VulDB

Apache OFBiz up to 16.11.05 HTTP Service httpService serviceContent privilege escalation

A vulnerability has been found in Apache OFBiz up to 16.11.05 and classified as critical. This vulnerability affects an unknown functionality of the file /webtools/control/httpService of the component HTTP Service. Upgrading to version 16.11.06...
Auteur: VulDB

Microsoft Windows up to Server 2019 Common Log File System Driver information disclosure

A vulnerability classified as problematic was found in Microsoft Windows (Operating System). This vulnerability affects an unknown function of the component Common Log File System Driver. Applying a patch is able to eliminate this problem. A...
Auteur: VulDB

ArcGIS Enterprise up to 10.6.1 My Profile iFRAME Element cross site scripting

A vulnerability, which was classified as problematic, was found in ArcGIS Enterprise up to 10.6.1. This affects an unknown function of the component My Profile. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

CentOS-WebPanel.com CentOS Web Panel 0.9.8.851 Email privilege escalation

A vulnerability, which was classified as critical, has been found in CentOS-WebPanel.com CentOS Web Panel 0.9.8.851. Affected by this issue is some unknown processing of the component Email Handler. There is no information about possible...
Auteur: VulDB

CentOS-WebPanel.com CentOS Web Panel 0.9.8.851 Email Forwarding privilege escalation

A vulnerability classified as critical was found in CentOS-WebPanel.com CentOS Web Panel 0.9.8.851. Affected by this vulnerability is an unknown code block of the component Email Forwarding Handler. There is no information about possible...
Auteur: VulDB
First6789101112131415Last

Événements SSI

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS