Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

XiaoCms 20141229 index.php table[] sql injection

A vulnerability was found in XiaoCms 20141229. It has been declared as critical. This vulnerability affects a code block of the file admin/index.php?c=database. The manipulation of the argument table[] with an unknown input leads to a sql...
Auteur: VulDB

PHP Scripts Mall Mall Advance Peer to Peer MLM Script 1.7.0 Admin Panel admin/dashboard.php information disclosure

A vulnerability was found in PHP Scripts Mall Mall Advance Peer to Peer MLM Script 1.7.0. It has been classified as problematic. This affects code of the file admin/dashboard.php of the component Admin Panel. The manipulation with an unknown...
Auteur: VulDB

DNS Infrastructure Hijacking Campaign

Original release date: January 10, 2019 The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a global Domain Name System (DNS)...
Auteur: US Cert

CERTFR-2019-AVI-014 : Multiples vulnérabilités dans les produits Juniper (10 janvier 2019)

De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la...
Auteur: Cert FR

CERTFR-2019-AVI-013 : Vulnérabilité dans Symantec Norton App Lock (10 janvier 2019)

Une vulnérabilité a été découverte dans Symantec Norton App Lock. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Auteur: Cert FR

CERTFR-2019-AVI-012 : Multiples vulnérabilités dans Cisco Email Security Appliance (ESA) (10 janvier 2019)

De multiples vulnérabilités ont été découvertes dans Cisco Email Security Appliance (ESA). Elles permettent à un attaquant de provoquer un déni de service à distance.

Auteur: Cert FR

Cisco IOS/IOS XE TCP Socket HTTP Requests Reload denial of service

A vulnerability, which was classified as problematic, has been found in Cisco IOS and IOS XE (unknown version). This issue affects some functionality of the component TCP Socket. The manipulation as part of a HTTP Requests leads to a denial of...
Auteur: VulDB

Cisco Policy Suite for Mobile Redis Performance denial of service

A vulnerability classified as critical was found in Cisco Policy Suite for Mobile and Policy Suite Diameter Routing Agent (the affected version is unknown). This vulnerability affects the functionality of the component Redis. The manipulation ...
Auteur: VulDB

Cisco IOS/IOS XE SSH privilege escalation [CVE-2018-0484]

A vulnerability was found in Cisco IOS and IOS XE (unknown version) and classified as critical. This issue affects a part of the component SSH. The manipulation with an unknown input leads to a privilege escalation vulnerability. Using CWE to...
Auteur: VulDB

Intel NUC Kit Firmware privilege escalation [CVE-2017-3718]

A vulnerability was found in Intel NUC Kit (unknown version). It has been rated as critical. This issue affects some processing of the component Firmware. The manipulation with an unknown input leads to a privilege escalation vulnerability....
Auteur: VulDB

modulemd up to 1.3.1 Remote Code Execution [CVE-2017-1002157]

A vulnerability was found in modulemd up to 1.3.1. It has been declared as critical. This vulnerability affects a code block. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code Execution). The CWE...
Auteur: VulDB

Bodhi up to 2.9.0 Bug Title cross site scripting

A vulnerability was found in Bodhi up to 2.9.0. It has been classified as problematic. This affects code of the component Bug Title Handler. The manipulation with an unknown input leads to a cross site scripting vulnerability. CWE is classifying...
Auteur: VulDB

Intel Optane SSD DC P4800X prior E2010435 Firmware Update denial of service

A vulnerability was found in Intel Optane SSD DC P4800X. It has been declared as problematic. Affected by this vulnerability is a code block of the component Firmware Update Handler. The manipulation with an unknown input leads to a denial of...
Auteur: VulDB

Intel Optane SSD DC P4800X prior E2010435 denial of service [CVE-2018-12166]

A vulnerability was found in Intel Optane SSD DC P4800X. It has been classified as problematic. Affected is code. The manipulation with an unknown input leads to a denial of service vulnerability. CWE is classifying the issue as CWE-404. This is...
Auteur: VulDB

Cisco Jabber Client Framework cross site scripting [CVE-2018-0483]

A vulnerability has been found in Cisco Jabber Client Framework (the affected version is unknown) and classified as problematic. This vulnerability affects a functionality. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

Cisco Prime Network Control System Web-based Management Interface Stored cross site scripting

A vulnerability, which was classified as problematic, was found in Cisco Prime Network Control System (the affected version unknown). This affects a function of the component Web-based Management Interface. The manipulation with an unknown input...
Auteur: VulDB

Cisco Unified Communications Manager Web-based Management Interface Credentials information disclosure

A vulnerability, which was classified as problematic, has been found in Cisco Unified Communications Manager (affected version not known). Affected by this issue is some functionality of the component Web-based Management Interface. The...
Auteur: VulDB

Cisco IP Phone 8800 User Interface cross site scripting [CVE-2018-0461]

A vulnerability classified as problematic was found in Cisco IP Phone 8800 (affected version unknown). Affected by this vulnerability is the functionality of the component User Interface. The manipulation with an unknown input leads to a cross...
Auteur: VulDB

Cisco Jabber for Mac Client Jabber Client Framework privilege escalation

A vulnerability classified as critical has been found in Cisco Jabber for Mac Client (version unknown). Affected is an unknown function of the component Jabber Client Framework. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

CleanMyMac X 4.04 Helper Service privilege escalation

A vulnerability, which was classified as critical, has been found in CleanMyMac X 4.04. This issue affects some functionality of the component Helper Service. The manipulation with an unknown input leads to a privilege escalation vulnerability....
Auteur: VulDB

CleanMyMac X 4.04 Helper Service privilege escalation

A vulnerability classified as critical was found in CleanMyMac X 4.04. This vulnerability affects the functionality of the component Helper Service. The manipulation with an unknown input leads to a privilege escalation vulnerability. The CWE...
Auteur: VulDB

CleanMyMac X 4.04 Helper Service privilege escalation

A vulnerability classified as critical has been found in CleanMyMac X 4.04. This affects an unknown function of the component Helper Service. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is...
Auteur: VulDB

CleanMyMac X privilege escalation [CVE-2018-4037]

A vulnerability was found in CleanMyMac X (affected version not known). It has been rated as critical. Affected by this issue is some processing. The manipulation with an unknown input leads to a privilege escalation vulnerability. Using CWE to...
Auteur: VulDB

CleanMyMac X privilege escalation [CVE-2018-4036]

A vulnerability was found in CleanMyMac X (affected version unknown). It has been declared as critical. Affected by this vulnerability is a code block. The manipulation with an unknown input leads to a privilege escalation vulnerability. The CWE...
Auteur: VulDB

CleanMyMac X privilege escalation [CVE-2018-4035]

A vulnerability was found in CleanMyMac X (version unknown). It has been classified as critical. Affected is code. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is classifying the issue as CWE-269....
Auteur: VulDB
First1727172817291730173117321733173417351736Last

Événements SSI