lundi 16 septembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

SQLite 3.26.0/3.27.0 SQL Command src/select.c sqlite3SelectPrep memory corruption

A vulnerability has been found in SQLite 3.26.0/3.27.0 and classified as critical. Affected by this vulnerability is the function sqlite3SelectPrep of the file src/select.c of the component SQL Command Handler. The manipulation with an unknown...
Auteur: VulDB

IBM Business Automation Workflow 18.0.0.0/18.0.0.1/18.0.0.2/19.0.0.1 Web UI cross site scripting

A vulnerability, which was classified as problematic, was found in IBM Business Automation Workflow 18.0.0.0/18.0.0.1/18.0.0.2/19.0.0.1. Affected is a function of the component Web UI. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

Facebook WhatsApp Messenger up to 2.19.103 on Android Recovery information disclosure

A vulnerability, which was classified as problematic, has been found in Facebook WhatsApp Messenger up to 2.19.103 on Android (Messaging Software). This issue affects some functionality of the component Recovery. The manipulation with an unknown...
Auteur: VulDB

WEBrick Gem 1.4.2 on Ruby Symlink directory traversal [Disputed]

A vulnerability classified as critical was found in WEBrick Gem 1.4.2 on Ruby. This vulnerability affects the functionality. The manipulation with an unknown input leads to a directory traversal vulnerability (Symlink). The CWE definition for...
Auteur: VulDB

XiongMai Besder IP20H1 V4.02.R12.00035520.12012.047500.00200 Negative Number Integer Overflow memory corruption

A vulnerability classified as critical has been found in XiongMai Besder IP20H1 V4.02.R12.00035520.12012.047500.00200. This affects an unknown function. The manipulation as part of a Negative Number leads to a memory corruption vulnerability...
Auteur: VulDB

DKPro Core up to 1.10.0 Dataset API Explode.java directory traversal

A vulnerability was found in DKPro Core up to 1.10.0. It has been rated as critical. Affected by this issue is some processing of the file core/api/datasets/internal/actions/Explode.java of the component Dataset API. The manipulation with an...
Auteur: VulDB

LightOpenID up to 1.3.1 openid.php Request Server-Side Request Forgery

A vulnerability was found in LightOpenID up to 1.3.1. It has been declared as critical. Affected by this vulnerability is a code block of the file openid.php. The manipulation as part of a Request leads to a privilege escalation vulnerability...
Auteur: VulDB

Das U-Boot up to 2019.04 ext4 64-bit Extension memory corruption

A vulnerability was found in Das U-Boot up to 2019.04. It has been classified as critical. Affected is code of the component ext4 64-bit Extension. The manipulation with an unknown input leads to a memory corruption vulnerability. CWE is...
Auteur: VulDB

GitLab Enterprise Edition up to 11.7.10/11.8.6/11.9.6 information disclosure

A vulnerability was found in GitLab Enterprise Edition up to 11.7.10/11.8.6/11.9.6 and classified as problematic. This issue affects a part. The manipulation with an unknown input leads to a information disclosure vulnerability. Using CWE to...
Auteur: VulDB

Avaya One-X Portal for IP Office up to 9.1.2.0 AFA Portal DownloadToLocalDriveServlet HTTP Request information disclosure

A vulnerability has been found in Avaya One-X Portal for IP Office up to 9.1.2.0 and classified as problematic. This vulnerability affects the function DownloadToLocalDriveServlet of the component AFA Portal. The manipulation as part of a HTTP...
Auteur: VulDB

HPE Virtual Connect SE 16Gb Fibre Channel Module privilege escalation

A vulnerability, which was classified as critical, was found in HPE Virtual Connect SE 16Gb Fibre Channel Module (the affected version unknown). This affects a function. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

HPE NonStop Safeguard prior SPR T9750L01^AIC/SPR T9750H05^AIH information disclosure

A vulnerability, which was classified as problematic, has been found in HPE NonStop Safeguard. Affected by this issue is some functionality. The manipulation with an unknown input leads to a information disclosure vulnerability. Using CWE to...
Auteur: VulDB

Aruba Instant up to 4.2.4.11/6.5.4.10/8.3.0.5/8.3.x Web Interface command injection

A vulnerability classified as critical was found in Aruba Instant up to 4.2.4.11/6.5.4.10/8.3.0.5/8.3.x. Affected by this vulnerability is the functionality of the component Web Interface. The manipulation with an unknown input leads to a...
Auteur: VulDB

Aruba Instant up to 4.2.4.11/6.5.4.10/8.3.0.5/8.3.x Web Interface Core Dump information disclosure

A vulnerability classified as problematic has been found in Aruba Instant up to 4.2.4.11/6.5.4.10/8.3.0.5/8.3.x. Affected is an unknown function of the component Web Interface. The manipulation with an unknown input leads to a information...
Auteur: VulDB

Aruba Instant up to 4.2.4.11/6.5.4.10/8.3.0.5/8.3.x privilege escalation

A vulnerability was found in Aruba Instant up to 4.2.4.11/6.5.4.10/8.3.0.5/8.3.x. It has been rated as critical. This issue affects some processing. The manipulation with an unknown input leads to a privilege escalation vulnerability. Using CWE...
Auteur: VulDB

Aruba Instant up to 4.2.4.11/6.5.4.10/8.3.0.5/8.3.x Web Interface Reflected cross site scripting

A vulnerability was found in Aruba Instant up to 4.2.4.11/6.5.4.10/8.3.0.5/8.3.x. It has been declared as problematic. This vulnerability affects a code block of the component Web Interface. The manipulation with an unknown input leads to a...
Auteur: VulDB

IBM Cloud App Management V2018.2.0/V2018.4.0/V2018.4.1 HTTP Request information disclosure

A vulnerability was found in IBM Cloud App Management V2018.2.0/V2018.4.0/V2018.4.1 (Cloud Software). It has been classified as problematic. This affects code. The manipulation as part of a HTTP Request leads to a information disclosure...
Auteur: VulDB

IBM 3.0.2 cross site request forgery [CVE-2018-1790]

A vulnerability was found in IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2 (Financial Software) and classified as critical. Affected by this issue is a part. The manipulation with an unknown input leads to a...
Auteur: VulDB

OX Software Scripting up to 7.8.4 cross site scripting [CVE-2017-12885]

A vulnerability has been found in OX Software Scripting up to 7.8.4 and classified as problematic. Affected by this vulnerability is a functionality. The manipulation with an unknown input leads to a cross site scripting vulnerability. The CWE...
Auteur: VulDB

OX Software App Suite up to 7.8.4 information disclosure [CVE-2017-12884]

A vulnerability, which was classified as problematic, was found in OX Software App Suite up to 7.8.4. Affected is a function. The manipulation with an unknown input leads to a information disclosure vulnerability. CWE is classifying the issue as...
Auteur: VulDB

OpenMRS 3.3.2 openmrs-module-htmlformentry information disclosure

A vulnerability, which was classified as critical, has been found in OpenMRS 3.3.2. This issue affects some functionality of the component openmrs-module-htmlformentry. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

MetInfo 5.3.18 delete.php cross site request forgery

A vulnerability classified as problematic was found in MetInfo 5.3.18 (Content Management System). This vulnerability affects the functionality of the file admin/interface/online/delete.php. The manipulation with an unknown input leads to a...
Auteur: VulDB

Opto 22 PAC Project Professional Heap-based memory corruption

A vulnerability classified as very critical has been found in Opto 22 PAC Project Professional, PAC Project Basic, OptoOPCServer, OptoDataLink, PAC Display Basic and PAC Display Professional (Project Management Software). This affects an unknown...
Auteur: VulDB

Cisco Elastic Services Controller REST API API Request weak authentication

A vulnerability was found in Cisco Elastic Services Controller (affected version not known). It has been rated as critical. Affected by this issue is some processing of the component REST API. The manipulation as part of a API Request leads to a...
Auteur: VulDB

McDonalds Self-Service Machine Burger Hamburglar privilege escalation

A vulnerability was found in McDonalds Self-Service Machine (affected version unknown). It has been declared as critical. Affected by this vulnerability is a code block of the component Burger Handler. The manipulation with an unknown input...
Auteur: VulDB
First267268269270271272273274275276Last

Événements SSI

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS