dimanche 19 mai 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

LiteSpeed OpenLiteSpeed up to 1.5.0 RC5 Byte Sequence Request privilege escalation

A vulnerability, which was classified as critical, has been found in LiteSpeed OpenLiteSpeed up to 1.5.0 RC5. This issue affects an unknown function of the component Byte Sequence Handler. The manipulation as part of a Request leads to a...
Auteur: VulDB

PolicyKit 0.115 UID privilege escalation

A vulnerability classified as critical was found in PolicyKit 0.115. This vulnerability affects an unknown function of the component UID Handler. The manipulation with an unknown input leads to a privilege escalation vulnerability. The CWE...
Auteur: VulDB

Nettle PKCS #1 Bleichenbacher weak encryption

A vulnerability was found in Nettle (affected version not known). It has been rated as critical. Affected by this issue is an unknown function of the component PKCS #1 Handler. The manipulation with an unknown input leads to a weak encryption...
Auteur: VulDB

GnuTLS PKCS #1 Bleichenbacher weak encryption

A vulnerability was found in GnuTLS (affected version unknown). It has been declared as critical. Affected by this vulnerability is an unknown function of the component PKCS #1 Handler. The manipulation with an unknown input leads to a weak...
Auteur: VulDB

Red Hat Enterprise Linux Incomplete Fix CVE-2018-16509 PostScript Document privilege escalation

A vulnerability was found in Red Hat Enterprise Linux (version unknown). It has been classified as critical. Affected is an unknown function of the component Incomplete Fix CVE-2018-16509. The manipulation as part of a PostScript Document leads...
Auteur: VulDB

Drobo 5N2 NAS 4.0.5-13.28.96115 Dashboard API Token weak authentication

A vulnerability has been found in Drobo 5N2 NAS 4.0.5-13.28.96115 and classified as critical. This vulnerability affects an unknown function of the component Dashboard API. The manipulation with an unknown input leads to a weak authentication...
Auteur: VulDB

Drobo 5N2 NAS 4.0.5-13.28.96115 Dashboard API weak encryption

A vulnerability, which was classified as critical, was found in Drobo 5N2 NAS 4.0.5-13.28.96115. This affects an unknown function of the component Dashboard API. The manipulation with an unknown input leads to a weak encryption vulnerability....
Auteur: VulDB

Drobo 5N2 NAS 4.0.5-13.28.96115 MySQL API Error Page cross site scripting

A vulnerability classified as problematic has been found in Drobo 5N2 NAS 4.0.5-13.28.96115. Affected is an unknown function of the component MySQL API Error Page. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

Drobo 5N2 NAS 4.0.5-13.28.96115 /DroboAccess/delete_user username cross site scripting

A vulnerability, which was classified as problematic, was found in Drobo 5N2 NAS 4.0.5-13.28.96115. Affected is an unknown function of the file /DroboAccess/delete_user. The manipulation of the argument username as part of a Parameter leads to a...
Auteur: VulDB

Drobo 5N2 NAS 4.0.5-13.28.96115 /DroboAccess/enable_user username cross site scripting

A vulnerability, which was classified as problematic, has been found in Drobo 5N2 NAS 4.0.5-13.28.96115. This issue affects an unknown function of the file /DroboAccess/enable_user. The manipulation of the argument username as part of a...
Auteur: VulDB

Arigato Autoresponder and Newsletter 2.5.1.8 on WordPress unsubscribe.html.php email cross site scripting

A vulnerability was found in Arigato Autoresponder and Newsletter 2.5.1.8 on WordPress. It has been rated as problematic. Affected by this issue is an unknown function of the file unsubscribe.html.php. The manipulation of the argument email as...
Auteur: VulDB

Arigato Autoresponder and Newsletter 2.5.1.8 on WordPress list-user.html.php offset cross site scripting

A vulnerability was found in Arigato Autoresponder and Newsletter 2.5.1.8 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown function of the file list-user.html.php. The manipulation of the argument...
Auteur: VulDB

Arigato Autoresponder and Newsletter 2.5.1.8 on WordPress integration-contact-form.html.php html_id cross site scripting

A vulnerability was found in Arigato Autoresponder and Newsletter 2.5.1.8 on WordPress. It has been classified as problematic. Affected is an unknown function of the file integration-contact-form.html.php. The manipulation of the argument...
Auteur: VulDB

jiacrontab 1.4.5 edit command/args privilege escalation

A vulnerability has been found in jiacrontab 1.4.5 and classified as critical. Affected by this vulnerability is an unknown function of the file crontab/task/edit?addr=localhost%3a20001. The manipulation of the argument command/args as part of a...
Auteur: VulDB

LiteSpeed OpenLiteSpeed up to 1.5.0 RC5 Server getServerRootFromExecutablePath Long Command memory corruption

A vulnerability, which was classified as critical, was found in LiteSpeed OpenLiteSpeed up to 1.5.0 RC5. Affected is the function LshttpdMain::getServerRootFromExecutablePath of the component Server. The manipulation as part of a Long Command...
Auteur: VulDB

IBM WebSphere Application Server 8.5/9.0 Security Domain privilege escalation

A vulnerability classified as critical has been found in IBM WebSphere Application Server 8.5/9.0. This affects an unknown function of the component Security Domain Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

PowerDNS Recursor up to 4.1.7 DNS Query Out-of-Bounds memory corruption

A vulnerability was found in PowerDNS Recursor up to 4.1.7 and classified as critical. This issue affects an unknown function. The manipulation as part of a DNS Query leads to a memory corruption vulnerability (Out-of-Bounds). Using CWE to...
Auteur: VulDB

Drobo 5N2 NAS 4.0.5-13.28.96115 Pix Web Application File Upload directory traversal

A vulnerability, which was classified as critical, has been found in Drobo 5N2 NAS 4.0.5-13.28.96115. Affected by this issue is an unknown function of the component Pix Web Application. The manipulation with an unknown input leads to a directory...
Auteur: VulDB

Drobo 5N2 NAS 4.0.5-13.28.96115 demo POST Parameter command injection

A vulnerability classified as critical was found in Drobo 5N2 NAS 4.0.5-13.28.96115. Affected by this vulnerability is an unknown function of the file /DroboPix/api/drobopix/demo. The manipulation as part of a POST Parameter leads to a privilege...
Auteur: VulDB

Drobo 5N2 NAS 4.0.5-13.28.96115 /mysql/api/droboapp/data information disclosure

A vulnerability was found in Drobo 5N2 NAS 4.0.5-13.28.96115. It has been rated as problematic. This issue affects an unknown function of the file /mysql/api/droboapp/data. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /drobopix/api/drobo.php information disclosure

A vulnerability was found in Drobo 5N2 NAS 4.0.5-13.28.96115. It has been declared as problematic. This vulnerability affects an unknown function of the file /drobopix/api/drobo.php of the component Access Control. The manipulation with an...
Auteur: VulDB

Drobo 5N2 NAS 4.0.5-13.28.96115 /DroboAccess/delete_user username command injection

A vulnerability was found in Drobo 5N2 NAS 4.0.5-13.28.96115. It has been classified as critical. This affects an unknown function of the file /DroboAccess/delete_user. The manipulation of the argument username with an unknown input leads to a...
Auteur: VulDB

Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/logfile.php name information disclosure

A vulnerability was found in Drobo 5N2 NAS 4.0.5-13.28.96115 and classified as problematic. Affected by this issue is an unknown function of the file /mysql/api/logfile.php of the component Access Control. The manipulation of the argument name...
Auteur: VulDB

Drobo 5N2 NAS 4.0.5-13.28.96115 /DroboAccess/enable_user username command injection

A vulnerability has been found in Drobo 5N2 NAS 4.0.5-13.28.96115 and classified as critical. Affected by this vulnerability is an unknown function of the file /DroboAccess/enable_user. The manipulation of the argument username with an unknown...
Auteur: VulDB

Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/drobo.php information disclosure

A vulnerability classified as problematic was found in Drobo 5N2 NAS 4.0.5-13.28.96115. This vulnerability affects an unknown function of the file /mysql/api/drobo.php of the component Access Control. The manipulation with an unknown input leads...
Auteur: VulDB
First270271272273274275276277278279Last

Événements SSI

READY FOR IT

La première édition de Ready For IT se déroule du 20 au 22 mai 2019 à Monaco (Grimaldi Forum) : conférences, keynotes, ateliers et rendez-vous one-to-one. Organisé par DG Consultants.

Présentation de l'événement par l'organisateur

DG Consultants, l’organisateur depuis 18 ans des Assises de la Sécurité, innove en lançant Ready For It, un nouveau rendez-vous business, centré sur la convergence des technologies et l’expérience client.
Pourquoi ce nouvel événement ?
Parce que la demande explose de la part des entreprises qui sont toutes engagées dans la transformation numérique.
Tandis que les fournisseurs font évoluer leurs offres et s’organisent en écosystèmes technologiques afin d’ être au plus proches des besoins de leurs clients.
Entre les impératifs business, les demandes des métiers, les contraintes techniques, les promesses des nouveaux concepts (IA, BlockChain…), les organisations sont en attente de solutions, de conseils et de service.
S’engager dans le Cloud ?
Oui mais comment et avec quel partenaire ?
Structurer les données mais avec quelles technologies et dans quel cadre ? Et quid de la sécurité qui doit désormais être au cœur de tous les processus IT ?
Voilà pourquoi DG Consultants, la référence dans le monde des rencontres d’affaires a conçu Ready For It.
Pour réunir dans un cadre convivial et autour de contenu de qualité tous les acteurs importants de l’IT, mais également les start-ups qui savent apporter l’innovation et la « disruption ».
Rendez-vous du 20 au 22 mai 2019 à Monaco !

Plus d'infos sur le site dédié à l'événement.

 

HACK IN PARIS

Pour sa 9ème édition la conférence Hack In Paris sur la sécurité IT se tient du 16 au 20 juin 2019 à Paris, Maison de la Chimie. Organisée par Sysdream.

RSS