Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Foxit PDF Reader 9.2.0.9297 Javascript Engine PDF Document Use-After-Free memory corruption

A vulnerability has been found in Foxit PDF Reader 9.2.0.9297 and classified as critical. This vulnerability affects an unknown function of the component Javascript Engine. The manipulation as part of a PDF Document leads to a memory corruption...
Auteur: VulDB

Foxit PDF Reader 9.1.0.5096 Javascript Engine PDF Document Use-After-Free memory corruption

A vulnerability, which was classified as critical, was found in Foxit PDF Reader 9.1.0.5096. This affects an unknown function of the component Javascript Engine. The manipulation as part of a PDF Document leads to a memory corruption...
Auteur: VulDB

Foxit PDF Reader 9.1.0.5096 Javascript Engine PDF Document Use-After-Free memory corruption

A vulnerability, which was classified as critical, has been found in Foxit PDF Reader 9.1.0.5096. Affected by this issue is an unknown function of the component Javascript Engine. The manipulation as part of a PDF Document leads to a memory...
Auteur: VulDB

Foxit PDF Reader 9.1.0.5096 Javascript Engine PDF Document Use-After-Free memory corruption

A vulnerability classified as critical was found in Foxit PDF Reader 9.1.0.5096. Affected by this vulnerability is an unknown function of the component Javascript Engine. The manipulation as part of a PDF Document leads to a memory corruption...
Auteur: VulDB

Foxit PDF Reader 9.1.0.5096 Javascript Engine PDF Document Use-After-Free memory corruption

A vulnerability classified as critical has been found in Foxit PDF Reader 9.1.0.5096. Affected is an unknown function of the component Javascript Engine. The manipulation as part of a PDF Document leads to a memory corruption vulnerability...
Auteur: VulDB

McAfee Threat Intelligence Exchange 1.3.01.3.0/2.0.x/2.1.x/2.2.0 SSH Host Key Generation Man-in-the-Middle spoofing

A vulnerability classified as critical has been found in McAfee Threat Intelligence Exchange 1.3.01.3.0/2.0.x/2.1.x/2.2.0. This affects an unknown function of the component SSH Host Key Generation. The manipulation with an unknown input leads to...
Auteur: VulDB

North Korean Malicious Cyber Activity

Original release date: October 02, 2018 The Department of Homeland Security, the Department of the Treasury, and the Federal Bureau of Investigation have identified malware and other indicators of compromise used by the North Korean...
Auteur: US Cert

NCCIC Webinar Series on Protecting Enterprise Network Infrastructure Devices

Original release date: October 02, 2018 NCCIC is conducting a series of webinars on protecting enterprise network infrastructure devices. Each webinar will be held from 1-2:30 p.m. ET on the dates listed below:Tuesday, October 2Thursday,...
Auteur: US Cert

National Cybersecurity Awareness Month: Cybersecurity at Home

Original release date: October 02, 2018 October is National Cybersecurity Awareness Month (NCSAM), an annual campaign to raise awareness about cybersecurity. The National Cyber Security Alliance (NCSA) has published general tips to help...
Auteur: US Cert

CERTFR-2018-AVI-465 : Multiples vulnérabilités dans Google Android (02 octobre 2018)

De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à la confidentialité des données.

Auteur: Cert FR

CERTFR-2018-AVI-464 : Multiples vulnérabilités dans Adobe Acrobat et Reader (02 octobre 2018)

De multiples vulnérabilités ont été découvertes dans Adobe Acrobat et Reader. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la confidentialité des données et une élévation de privilèges.

Auteur: Cert FR

CERTFR-2018-AVI-463 : Multiples vulnérabilités dans le noyau Linux de SUSE (02 octobre 2018)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une élévation de privilèges.

Auteur: Cert FR

CERTFR-2018-AVI-462 : Multiples vulnérabilités dans le noyau Linux d’Ubuntu (02 octobre 2018)

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un déni de service.

Auteur: Cert FR

Puppet cisco_ios up to 0.3.x SSH Session Credentials information disclosure

A vulnerability was found in Puppet cisco_ios up to 0.3.x and classified as problematic. This issue affects an unknown function of the component SSH Session Handler. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

Puppet cisco_ios up to 0.3.x SSH Connection weak authentication

A vulnerability has been found in Puppet cisco_ios up to 0.3.x and classified as critical. This vulnerability affects an unknown function of the component SSH Connection Handler. The manipulation with an unknown input leads to a weak...
Auteur: VulDB

Puppet device_manager 2.7.0 Configuration File Credentials information disclosure

A vulnerability, which was classified as problematic, was found in Puppet device_manager 2.7.0. This affects an unknown function of the component Configuration File Handler. The manipulation with an unknown input leads to a information...
Auteur: VulDB

Dell Digital Delivery up to 3.5.0 DLL privilege escalation

A vulnerability, which was classified as critical, has been found in Dell Digital Delivery up to 3.5.0. Affected by this issue is an unknown function of the component DLL Handler. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

GE Communicator up to 3.15 Gigasoft HTML File Heap-based memory corruption

A vulnerability classified as critical was found in GE Communicator up to 3.15. Affected by this vulnerability is an unknown function of the component Gigasoft. The manipulation as part of a HTML File leads to a memory corruption vulnerability...
Auteur: VulDB

IBM Rational Quality Manager up to 6.0.6 Web UI cross site scripting

A vulnerability classified as problematic has been found in IBM Rational Quality Manager up to 6.0.6. Affected is an unknown function of the component Web UI. The manipulation with an unknown input leads to a cross site scripting vulnerability....
Auteur: VulDB

openSUSE Open Build Service obs-service-tar_scm directory traversal

A vulnerability was found in openSUSE Open Build Service (the affected version is unknown). It has been classified as critical. Affected is an unknown function of the component obs-service-tar_scm. The manipulation with an unknown input leads to...
Auteur: VulDB

Entes EMG12 up to 2.57 Web Interface weak authentication

A vulnerability was found in Entes EMG12 up to 2.57 and classified as critical. Affected by this issue is an unknown function of the component Web Interface. The manipulation with an unknown input leads to a weak authentication vulnerability....
Auteur: VulDB

Entes EMG12 up to 2.57 Web Interface Query String information disclosure

A vulnerability has been found in Entes EMG12 up to 2.57 and classified as problematic. Affected by this vulnerability is an unknown function of the component Web Interface. The manipulation as part of a Query String leads to a information...
Auteur: VulDB

IBM Rational Quality Manager up to 6.0.6 Web UI cross site scripting

A vulnerability, which was classified as problematic, was found in IBM Rational Quality Manager up to 6.0.6. Affected is an unknown function of the component Web UI. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

IBM Rational Quality Manager up to 6.0.6 Web UI cross site scripting

A vulnerability, which was classified as problematic, has been found in IBM Rational Quality Manager up to 6.0.6. This issue affects an unknown function of the component Web UI. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

IBM Rational Quality Manager up to 6.0.6 Web UI cross site scripting

A vulnerability classified as problematic was found in IBM Rational Quality Manager up to 6.0.6. This vulnerability affects an unknown function of the component Web UI. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB
First1988198919901991199219931994199519961997Last

Événements SSI