lundi 18 novembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Proxygen prior v2019.07.22.00 HTTP Header Crafted Packet Out-of-Bounds memory corruption

A vulnerability was found in Proxygen (Firewall Software). It has been rated as critical. Affected by this issue is an unknown function of the component HTTP Header Handler. The manipulation as part of a Crafted Packet leads to a memory...
Auteur: VulDB

Mitsubishi Electric FR Configurator2 up to 1.16S frc2 File XML privilege escalation

A vulnerability was found in Mitsubishi Electric FR Configurator2 up to 1.16S. It has been declared as critical. Affected by this vulnerability is some unknown processing of the component frc2 File Handler. The manipulation with an unknown input...
Auteur: VulDB

NREL EnergyPlus 8.6.0 Exception unknown vulnerability [CVE-2019-10974]

A vulnerability was found in NREL EnergyPlus 8.6.0. It has been classified as critical. Affected is an unknown code block of the component Exception Handler. The impact remains unknown. CVE summarizes:NREL EnergyPlus, Versions 8.6.0 and possibly...
Auteur: VulDB

Mitsubishi Electric FR Configurator2 up to 1.16S frc2 File Project File CPU Exhaustion denial of service

A vulnerability was found in Mitsubishi Electric FR Configurator2 up to 1.16S and classified as problematic. This issue affects an unknown code of the component frc2 File Handler. The manipulation as part of a Project File leads to a denial of...
Auteur: VulDB

lodash up to 4.17.11 Prototype defaultsDeep privilege escalation

A vulnerability has been found in lodash up to 4.17.11 and classified as critical. This vulnerability affects the function defaultsDeep of the component Prototype Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Undertow up to 2.0.22 API information disclosure

A vulnerability, which was classified as problematic, was found in Undertow up to 2.0.22. This affects some unknown functionality of the component API. The manipulation with an unknown input leads to a information disclosure vulnerability. CWE...
Auteur: VulDB

Yellowfin Smart Reporting up to 7.2 Access Control MIAdminStyles.i4 cross site scripting

A vulnerability, which was classified as problematic, has been found in Yellowfin Smart Reporting up to 7.2 (Reporting Software). Affected by this issue is an unknown functionality of the file MIAdminStyles.i4 of the component Access Control. The...
Auteur: VulDB

VCFtools up to 0.1.14 header.cpp add_FILTER_descriptor VCF File memory corruption

A vulnerability classified as critical was found in VCFtools up to 0.1.14. Affected by this vulnerability is the function header::add_FILTER_descriptor of the file header.cpp. The manipulation as part of a VCF File leads to a memory corruption...
Auteur: VulDB

Apache Storm up to 1.2.2 Logviewer Daemon Log information disclosure

A vulnerability classified as problematic has been found in Apache Storm up to 1.2.2. Affected is some unknown processing of the component Logviewer Daemon. The manipulation with an unknown input leads to a information disclosure vulnerability...
Auteur: VulDB

Open eClass Platform prior ip.2.5.10.2.1 studenview_left.php StudentID sql injection

A vulnerability was found in Open eClass Platform. It has been declared as critical. This vulnerability affects an unknown code of the file /admin/academic/studenview_left.php. The manipulation of the argument StudentID as part of a Parameter...
Auteur: VulDB

Open eClass Platform prior ip.2.5.10.2.1 Access Management /admin GETS weak authentication

A vulnerability was found in Open eClass Platform. It has been classified as critical. This affects the function GETS of the file /admin of the component Access Management. The manipulation with an unknown input leads to a weak authentication...
Auteur: VulDB

IBM Cloud Private 3.1.0/3.1.1/3.1.2 Logout weak authentication

A vulnerability was found in IBM Cloud Private 3.1.0/3.1.1/3.1.2 (Cloud Software) and classified as critical. Affected by this issue is some unknown functionality of the component Logout Handler. The manipulation with an unknown input leads to a...
Auteur: VulDB

Apache Storm up to 1.2.2 UI Daemon Deserialization privilege escalation

A vulnerability was found in Apache Storm up to 1.2.2. It has been rated as critical. This issue affects an unknown code block of the component UI Daemon. The manipulation with an unknown input leads to a privilege escalation vulnerability...
Auteur: VulDB

IBM Cloud Private 3.1.1/3.1.2 privilege escalation [CVE-2019-4415]

A vulnerability has been found in IBM Cloud Private 3.1.1/3.1.2 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation with an unknown input leads to a privilege escalation vulnerability. The CWE...
Auteur: VulDB

IBM QRadar SIEM 7.2/7.3 cross site request forgery [CVE-2019-4212]

A vulnerability, which was classified as problematic, was found in IBM QRadar SIEM 7.2/7.3. Affected is an unknown function. The manipulation with an unknown input leads to a cross site request forgery vulnerability. CWE is classifying the issue...
Auteur: VulDB

IBM Cloud Private 2.1.0/3.1.0/3.1.1 Installer Log information disclosure

A vulnerability, which was classified as problematic, has been found in IBM Cloud Private 2.1.0/3.1.0/3.1.1. This issue affects some unknown processing of the component Installer Log Handler. The manipulation with an unknown input leads to a...
Auteur: VulDB

McAfee Data Loss Prevention up to 11.2.x on Windows weak authentication

A vulnerability classified as critical was found in McAfee Data Loss Prevention up to 11.2.x on Windows (Data Loss Prevention Software). This vulnerability affects an unknown code block. The manipulation with an unknown input leads to a weak...
Auteur: VulDB

ArcSight Security Management Center up to 2.9.0 Stored cross site scripting

A vulnerability classified as problematic has been found in ArcSight Security Management Center up to 2.9.0. This affects an unknown code. The manipulation with an unknown input leads to a cross site scripting vulnerability (Stored). CWE is...
Auteur: VulDB

Qualcomm Snapdragon Compute Loop denial of service [CVE-2019-2346]

A vulnerability was found in Qualcomm Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wired Infrastructure and Networking (Chip Software). It has been rated as...
Auteur: VulDB

Qualcomm Snapdragon Auto JPEG Driver race condition [CVE-2019-2345]

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wearables (Chip Software). It has been declared as problematic. Affected by this...
Auteur: VulDB

Qualcomm Snapdragon Auto Kernel Driver Out-of-Bounds memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wearables. It has been classified...
Auteur: VulDB

Qualcomm Snapdragon Auto Clip NULL Pointer Dereference denial of service

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wearables and classified as problematic....
Auteur: VulDB

Qualcomm Snapdragon Auto Allocation Request memory corruption

A vulnerability has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables and Snapdragon Wired Infrastructure and...
Auteur: VulDB

Qualcomm Snapdragon Auto Channel memory corruption [CVE-2019-2328]

A vulnerability, which was classified as critical, was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon...
Auteur: VulDB

Qualcomm Snapdragon Auto memory corruption [CVE-2019-2327]

A vulnerability, which was classified as critical, has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon...
Auteur: VulDB
First270271272273274275276277278279Last

Événements SSI

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS