jeudi 17 octobre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

VMware ESXi/Workstation/Fusion/VMRC/Horizon Client Virtual Sound Device Use-After-Free memory corruption

A vulnerability was found in VMware ESXi, Workstation, Fusion, VMRC and Horizon Client (Virtualization Software) and classified as critical. Affected by this issue is some unknown functionality of the component Virtual Sound Device. There is no...
Auteur: VulDB

IBM Maximo Anywhere 7.6.0/7.6.1/7.6.2/7.6.3 Root Detection information disclosure

A vulnerability has been found in IBM Maximo Anywhere 7.6.0/7.6.1/7.6.2/7.6.3 (Asset Management Software) and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Root Detection. There is no...
Auteur: VulDB

Bento4 1.5.1.0 Core/Ap4Descriptor.h AP4_Descriptor::GetTag denial of service

A vulnerability, which was classified as problematic, was found in Bento4 1.5.1.0 (Multimedia Player Software). Affected is the function AP4_Descriptor::GetTag of the file Core/Ap4Descriptor.h. There is no information about possible...
Auteur: VulDB

Bento4 1.5.1.0 Core/Ap4Descriptor.h Action denial of service

A vulnerability, which was classified as problematic, has been found in Bento4 1.5.1.0 (Multimedia Player Software). This issue affects the function AP4_DescriptorListWriter::Action of the file Core/Ap4Descriptor.h. There is no information about...
Auteur: VulDB

Bento4 1.5.1.0 Core/Ap4Descriptor.h Action denial of service

A vulnerability classified as problematic was found in Bento4 1.5.1.0 (Multimedia Player Software). This vulnerability affects the function AP4_DescriptorListInspector::Action of the file Core/Ap4Descriptor.h. There is no information about...
Auteur: VulDB

GNU binutils 2.32 libbfd dwarf2.c _bfd_dwarf2_find_nearest_line File Descriptor memory corruption

A vulnerability classified as critical has been found in GNU binutils 2.32 (Programming Tool Software). This affects the function _bfd_dwarf2_find_nearest_line of the file dwarf2.c of the component libbfd. There is no information about possible...
Auteur: VulDB

GNU binutils 3.32 libbfd dwarf2.c find_abstract_instance ELF File denial of service

A vulnerability was found in GNU binutils 3.32 (Programming Tool Software). It has been rated as problematic. Affected by this issue is the function find_abstract_instance of the file dwarf2.c of the component libbfd. There is no information...
Auteur: VulDB

Avira Software Updater prior 2.0.6.21094 DLL privilege escalation

A vulnerability was found in Avira Software Updater. It has been declared as critical. Affected by this vulnerability is some unknown functionality of the component DLL Handler. Upgrading to version 2.0.6.21094 eliminates this vulnerability.
Auteur: VulDB

LavaLite up to 5.7 Account Name cross site scripting

A vulnerability was found in LavaLite up to 5.7. It has been classified as problematic. Affected is an unknown functionality of the component Account Name Handler. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

z-song laravel-admin 1.7.3 cross site scripting [CVE-2019-17433]

A vulnerability was found in z-song laravel-admin 1.7.3 and classified as problematic. This issue affects an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected object with...
Auteur: VulDB

FastAdmin 1.0.0.20190705_beta edit Parameter cross site request forgery

A vulnerability has been found in FastAdmin 1.0.0.20190705_beta and classified as problematic. This vulnerability affects some unknown processing of the file public/admin/general.config/edit. There is no information about possible countermeasures...
Auteur: VulDB

FastAdmin 1.0.0.20190705_beta add cross site request forgery

A vulnerability, which was classified as problematic, was found in FastAdmin 1.0.0.20190705_beta. This affects an unknown code block of the file public/index.php/admin/auth/admin/add. There is no information about possible countermeasures known....
Auteur: VulDB

EyouCms up to 2019-07-11 login.php web_recordnum cross site scripting

A vulnerability, which was classified as problematic, has been found in EyouCms up to 2019-07-11. Affected by this issue is an unknown code of the file login.php. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Adhouma CMS up to 2019-10-09 post.php p_id sql injection

A vulnerability classified as critical was found in Adhouma CMS up to 2019-10-09 (Content Management System). Affected by this vulnerability is an unknown part of the file post.php. There is no information about possible countermeasures known. It...
Auteur: VulDB

NetSarang XFTP Client up to 6.0149 File Copy File Name memory corruption

A vulnerability classified as critical has been found in NetSarang XFTP Client up to 6.0149. Affected is some unknown functionality of the component File Copy Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

new-contact-form-widget Plugin 1.0.9 on WordPress all-query-page.php sql injection

A vulnerability was found in new-contact-form-widget Plugin 1.0.9 on WordPress (WordPress Plugin). It has been rated as critical. This issue affects an unknown functionality of the file all-query-page.php. There is no information about possible...
Auteur: VulDB

client-dash Plugin 2.1.4 on WordPress cross site scripting [CVE-2019-17071]

A vulnerability was found in client-dash Plugin 2.1.4 on WordPress (WordPress Plugin). It has been declared as problematic. This vulnerability affects an unknown function. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

liquid-speech-balloon Plugin 1.0.5 on WordPress cross site scripting

A vulnerability was found in liquid-speech-balloon Plugin 1.0.5 on WordPress (WordPress Plugin). It has been classified as problematic. This affects some unknown processing. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Siemens SIMATIC IT UADM up to 1.2 Service Port 1434 Credentials information disclosure

A vulnerability was found in Siemens SIMATIC IT UADM up to 1.2 (SCADA Software) and classified as problematic. Affected by this issue is an unknown code block of the component Service Port 1434. Addressing this vulnerability is possible by...
Auteur: VulDB

Siemens WinAC RTX 2010 HTTP Request denial of service

A vulnerability has been found in Siemens WinAC RTX 2010 and classified as problematic. Affected by this vulnerability is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Siemens SIMATIC/SINAMICS UDP Packet denial of service [CVE-2019-10936]

A vulnerability, which was classified as problematic, was found in Siemens SIMATIC and SINAMICS (SCADA Software) (version unknown). Affected is an unknown part. Upgrading eliminates this vulnerability.
Auteur: VulDB

Siemens SIMATIC/SINAMICS IRT denial of service [CVE-2019-10923]

A vulnerability, which was classified as problematic, has been found in Siemens SIMATIC and SINAMICS (SCADA Software) (unknown version). This issue affects some unknown functionality of the component IRT. Upgrading eliminates this vulnerability.
Auteur: VulDB

RobotCPA Plugin 5 on WordPress f.php l directory traversal

A vulnerability classified as critical was found in RobotCPA Plugin 5 on WordPress (WordPress Plugin). This vulnerability affects an unknown functionality of the file f.php. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ACF-Frontend-Display Plugin up to 2015-07-03 on WordPress File Upload index.php Request privilege escalation

A vulnerability classified as critical has been found in ACF-Frontend-Display Plugin up to 2015-07-03 on WordPress (WordPress Plugin). This affects an unknown function of the file js/blueimp-jQuery-File-Upload-d45deb1/server/php/index.php of the...
Auteur: VulDB

prettyPhoto up to 3.1.5 js/jquery.prettyPhoto.js cross site scripting

A vulnerability was found in prettyPhoto up to 3.1.5. It has been rated as problematic. Affected by this issue is some unknown processing of the file js/jquery.prettyPhoto.js. Upgrading to version 3.1.6 eliminates this vulnerability.
Auteur: VulDB
First9101112131415161718Last

Événements SSI

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS