Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Juniper Junos OS SIP Application Layer Gateway Crash denial of service

A vulnerability was found in Juniper Junos OS (the affected version is unknown). It has been rated as problematic. Affected by this issue is an unknown function of the component SIP Application Layer Gateway. The manipulation with an unknown...
Auteur: VulDB

Juniper Junos OS RPD MPLS RSVP Packet Crash denial of service

A vulnerability was found in Juniper Junos OS (the affected version is unknown). It has been declared as problematic. Affected by this vulnerability is an unknown function of the component RPD. The manipulation as part of a MPLS RSVP Packet...
Auteur: VulDB

Juniper Junos OS Kernel NULL Pointer Dereference denial of service

A vulnerability was found in Juniper Junos OS (the affected version is unknown). It has been classified as critical. Affected is an unknown function of the component Kernel. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

Responsive FileManager 9.8.1 dialog.php cross site scripting

A vulnerability was found in Responsive FileManager 9.8.1. It has been declared as problematic. This vulnerability affects an unknown function of the file dialog.php. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

SugarCRM Community Edition 6.5.26 YUI/FlashCanvas cross site scripting

A vulnerability classified as problematic was found in SugarCRM Community Edition 6.5.26. This vulnerability affects an unknown function of the component YUI/FlashCanvas. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

Descor Infocad FM up to 3.0.x Web Service information disclosure

A vulnerability classified as problematic has been found in Descor Infocad FM up to 3.0.x. Affected is an unknown function of the component Web Service. The manipulation with an unknown input leads to a information disclosure vulnerability. CWE...
Auteur: VulDB

EPiServer Ektron CMS activateuser.aspx privilege escalation

A vulnerability was found in EPiServer Ektron CMS up to 9.0 SP3 Site CU30/9.1 SP3 Site CU 44/9.2 SP2 Site CU 21. It has been rated as critical. This issue affects an unknown function of the file activateuser.aspx. The manipulation with an...
Auteur: VulDB

Intel QuickAssist Technology for Linux up to 4.1 Access Control information disclosure

A vulnerability classified as problematic was found in Intel QuickAssist Technology for Linux up to 4.1. This vulnerability affects an unknown function of the component Access Control. The manipulation with an unknown input leads to a...
Auteur: VulDB

Intel Server Board/Server System/Compute Module up to 00.01.0013 Access Protection privilege escalation

A vulnerability classified as critical has been found in Intel Server Board, Server System and Compute Module up to 00.01.0013. This affects an unknown function of the component Access Protection. The manipulation with an unknown input leads to...
Auteur: VulDB

Intel S7200AP/S7200APR/HNS7200AP/HNS7200AP Password Hashing information disclosure

A vulnerability was found in Intel S7200AP, S7200APR, HNS7200AP and HNS7200AP (the affected version is unknown). It has been rated as problematic. Affected by this issue is an unknown function of the component Password Hashing. The manipulation ...
Auteur: VulDB

Intel Rapid Web Server 3 information disclosure [CVE-2018-12161]

A vulnerability was found in Intel Rapid Web Server 3. It has been declared as problematic. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a information disclosure vulnerability. The CWE...
Auteur: VulDB

Intel NUC FW Kit BIOS Update Utility privilege escalation [CVE-2018-12158]

A vulnerability was found in Intel NUC FW Kit (the affected version is unknown). It has been classified as critical. Affected is an unknown function of the component BIOS Update Utility. The manipulation with an unknown input leads to a...
Auteur: VulDB

Intel Graphics Drivers Unified Shader Compiler Crash denial of service

A vulnerability was found in Intel Graphics Drivers (the affected version is unknown) and classified as problematic. This issue affects an unknown function of the component Unified Shader Compiler. The manipulation with an unknown input leads to...
Auteur: VulDB

Intel Graphics Drivers Unified Shader Compile unknown vulnerability

A vulnerability has been found in Intel Graphics Drivers (the affected version is unknown) and classified as problematic. This vulnerability affects an unknown function of the component Unified Shader Compile. The impact remains unknown. CVE...
Auteur: VulDB

Apache ActiveMQ up to 5.15.5 Web-based Administration Console queue.jsp QueueFilter cross site scripting

A vulnerability has been found in Apache ActiveMQ up to 5.15.5 and classified as critical. This vulnerability affects an unknown function of the file queue.jsp of the component Web-based Administration Console. The manipulation of the argument...
Auteur: VulDB

PbootCMS 1.2.1 addform sql injection

A vulnerability, which was classified as critical, was found in PbootCMS 1.2.1. This affects an unknown function of the file api.php/cms/addform?fcode=1. The manipulation with an unknown input leads to a sql injection vulnerability. CWE is...
Auteur: VulDB

VMware Releases Security Advisory

Original release date: October 09, 2018 VMware has released a security advisory to address a vulnerability in ESXi, Workstation, and Fusion. An attacker could exploit this vulnerability to cause a denial-of-service condition.NCCIC...
Auteur: US Cert

Microsoft Releases October 2018 Security Updates

Original release date: October 09, 2018 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC...
Auteur: US Cert

Adobe Releases Security Updates

Original release date: October 09, 2018 Adobe has released security updates to address vulnerabilities in Adobe Digital Editions, Framemaker, and Technical Communications Suite. An attacker could exploit these vulnerabilities to take...
Auteur: US Cert

CERTFR-2018-AVI-476 : Multiples vulnérabilités dans SCADA Siemens (09 octobre 2018)

De multiples vulnérabilités ont été découvertes dans SCADA les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données et une élévation de privilèges.

Auteur: Cert FR

National Cybersecurity Awareness Month: Careers in Cybersecurity

Original release date: October 09, 2018 October is National Cybersecurity Awareness Month, an annual campaign to raise awareness about cybersecurity. The month’s themes educate students and professionals about cybersecurity attack methods,...
Auteur: US Cert

CERTFR-2018-AVI-475 : Multiples vulnérabilités dans Apple iOS (09 octobre 2018)

De multiples vulnérabilités ont été découvertes dans Apple iOS. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et une atteinte à la confidentialité des données.

Auteur: Cert FR

CERTFR-2018-AVI-474 : Multiples vulnérabilités dans Apple iCloud (09 octobre 2018)

De multiples vulnérabilités ont été découvertes dans Apple iCloud. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, un contournement de la politique de sécurité et une injection de code indirecte à distance (XSS).
Auteur: Cert FR

Daimler Mercedes Comand 17/13.0 50.12 Navigation Route Calculation Loop denial of service

A vulnerability was found in Daimler Mercedes Comand 17/13.0 50.12. It has been declared as problematic. This vulnerability affects an unknown function of the component Navigation Route Calculation. The manipulation with an unknown input leads...
Auteur: VulDB

Daimler Mercedes Me App 2.11.0-846 on iOS Man-in-the-Middle weak encryption

A vulnerability was found in Daimler Mercedes Me App 2.11.0-846 on iOS. It has been rated as critical. This issue affects an unknown function. The manipulation with an unknown input leads to a weak encryption vulnerability (Man-in-the-Middle)....
Auteur: VulDB
First1735173617371738173917401741174217431744Last

Événements SSI