Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Apple iOS up to 11.2.4 memory corruption [CVE-2018-4147]

A vulnerability classified as critical was found in Apple iOS up to 11.2.4. Affected by this vulnerability is the functionality. The manipulation with an unknown input leads to a memory corruption vulnerability. The CWE definition for the...
Auteur: VulDB

Apple iTunes for Windows up to 12.7.2 memory corruption [CVE-2018-4147]

A vulnerability classified as critical has been found in Apple iTunes for Windows up to 12.7.2. Affected is an unknown function. The manipulation with an unknown input leads to a memory corruption vulnerability. CWE is classifying the issue as...
Auteur: VulDB

Apple Safari up to 11.0.2 memory corruption [CVE-2018-4147]

A vulnerability was found in Apple Safari up to 11.0.2. It has been rated as critical. This issue affects some processing. The manipulation with an unknown input leads to a memory corruption vulnerability. Using CWE to declare the problem leads...
Auteur: VulDB

Apple iCloud for Windows up to 7.2 memory corruption [CVE-2018-4147]

A vulnerability was found in Apple iCloud for Windows up to 7.2. It has been classified as critical. Affected is code. The manipulation with an unknown input leads to a memory corruption vulnerability. CWE is classifying the issue as CWE-119....
Auteur: VulDB

Mise en demeure de cinq sociétés d’assurance pour détournement de finalité des données des assurés

La Présidente de la CNIL met en demeure des sociétés des groupes HUMANIS et MALAKOFF-MÉDÉRIC de cesser d’utiliser pour de la prospection commerciale des données personnelles collectées exclusivement afin de payer les allocations retraite.
Auteur: Cnil

wp-live-chat-support Plugin 8.0.15 on WordPress modules/gdpr.php term cross site scripting

A vulnerability classified as problematic has been found in wp-live-chat-support Plugin 8.0.15 on WordPress. Affected is an unknown function of the file modules/gdpr.php. The manipulation of the argument term as part of a Parameter leads to a...
Auteur: VulDB

Arigato Autoresponder and Newsletter 2.5.1.7 on WordPress models/attachment.php attachments[] memory corruption

A vulnerability classified as critical was found in Arigato Autoresponder and Newsletter 2.5.1.7 on WordPress. Affected by this vulnerability is an unknown function of the file models/attachment.php. The manipulation of the argument...
Auteur: VulDB

Xpdf 4.00 PDF File Stream.cc DCTStream::getBlock denial of service

A vulnerability was found in Xpdf 4.00. It has been rated as problematic. This issue affects the function DCTStream::getBlock of the file Stream.cc of the component PDF File Handler. The manipulation with an unknown input leads to a denial of...
Auteur: VulDB

Xpdf 4.00 PDF File Stream.cc DCTStream::decodeImage denial of service

A vulnerability was found in Xpdf 4.00. It has been declared as problematic. This vulnerability affects the function DCTStream::decodeImage of the file Stream.cc of the component PDF File Handler. The manipulation with an unknown input leads to...
Auteur: VulDB

Xpdf 4.00 PDF File Stream.cc DCTStream::readScan denial of service

A vulnerability was found in Xpdf 4.00. It has been classified as problematic. This affects the function DCTStream::readScan of the file Stream.cc of the component PDF File Handler. The manipulation with an unknown input leads to a denial of...
Auteur: VulDB

Xpdf 4.00 PDF File Object.h Object::isName() memory corruption

A vulnerability was found in Xpdf 4.00 and classified as critical. Affected by this issue is the function Object::isName() of the file Object.h of the component PDF File Handler. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

Xpdf 4.00 PDF File GfxState.cc GfxImageColorMap memory corruption

A vulnerability has been found in Xpdf 4.00 and classified as critical. Affected by this vulnerability is the function GfxImageColorMap of the file GfxState.cc of the component PDF File Handler. The manipulation with an unknown input leads to a...
Auteur: VulDB

Xpdf 4.00 PDF File Stream.cc readRow() memory corruption

A vulnerability, which was classified as critical, was found in Xpdf 4.00. Affected is the function CCITTFaxStream::readRow() of the file Stream.cc of the component PDF File Handler. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

koha up to 3.14.15/3.16.11/3.18.9/3.20.0 opac-search.pl addshelf cross site scripting

A vulnerability, which was classified as problematic, was found in koha up to 3.14.15/3.16.11/3.18.9/3.20.0. This affects an unknown function of the file opac-search.pl. The manipulation of the argument addshelf as part of a Parameter leads to a...
Auteur: VulDB

koha up to 3.14.15/3.16.11/3.18.9/3.20.0 members/memberentry.pl addshelf cross site request forgery

A vulnerability, which was classified as problematic, has been found in koha up to 3.14.15/3.16.11/3.18.9/3.20.0. Affected by this issue is an unknown function of the file members/memberentry.pl. The manipulation of the argument addshelf as part...
Auteur: VulDB

Mozilla Firefox/Thunderbird memory corruption [CVE-2018-5188]

A vulnerability has been found in Mozilla Firefox and Thunderbird (the affected version is unknown) and classified as critical. This vulnerability affects an unknown function. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Mozilla Firefox/Thunderbird memory corruption [CVE-2018-5187]

A vulnerability, which was classified as critical, was found in Mozilla Firefox and Thunderbird (the affected version is unknown). This affects an unknown function. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Gxlcms 2.0 dataaction.class.php ids[] sql injection

A vulnerability, which was classified as critical, has been found in Gxlcms 2.0. Affected by this issue is an unknown function of the file lib\admin\action\dataaction.class.php. The manipulation of the argument ids[] as part of a Parameter leads...
Auteur: VulDB

Gxlcms 2.0 Database Backup dataaction.class.php mt_rand() Backup File information disclosure

A vulnerability classified as problematic was found in Gxlcms 2.0. Affected by this vulnerability is the function mt_rand() of the file lib\admin\action\dataaction.class.php of the component Database Backup. The manipulation as part of a Backup...
Auteur: VulDB

PHPSHE 1.7 admin.php user_id[] sql injection

A vulnerability classified as critical has been found in PHPSHE 1.7. Affected is an unknown function of the file admin.php?mod=user&act=del. The manipulation of the argument user_id[] as part of a Parameter leads to a sql injection...
Auteur: VulDB

GNU binutils 2.31 GNU libiberty cp-demangle.c denial of service

A vulnerability was found in GNU binutils 2.31. It has been declared as problematic. This vulnerability affects an unknown function of the file cp-demangle.c of the component GNU libiberty. The manipulation of the argument...
Auteur: VulDB

libpg_query 10-1.0.2 pg_query_parse.c pg_query_raw_parse denial of service

A vulnerability was found in libpg_query 10-1.0.2 and classified as problematic. Affected by this issue is the function pg_query_raw_parse of the file pg_query_parse.c. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

libopencad 0.2.0 lib/dwg/io.cpp ReadCHAR memory corruption

A vulnerability has been found in libopencad 0.2.0 and classified as critical. Affected by this vulnerability is the function ReadCHAR in the library lib/dwg/io.cpp. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

libopencad 0.2.0 lib/dwg/io.cpp ReadMCHAR memory corruption

A vulnerability, which was classified as critical, was found in libopencad 0.2.0. Affected is the function ReadMCHAR in the library lib/dwg/io.cpp. The manipulation with an unknown input leads to a memory corruption vulnerability (Heap-based)....
Auteur: VulDB

IBM FlashSystem 900 GUI weak authentication [CVE-2018-1822]

A vulnerability classified as critical was found in IBM FlashSystem 900 (the affected version is unknown). This vulnerability affects an unknown function of the component GUI. The manipulation with an unknown input leads to a weak authentication...
Auteur: VulDB
First1730173117321733173417351736173717381739Last

Événements SSI