dimanche 19 mai 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/diags.php name information disclosure

A vulnerability classified as problematic has been found in Drobo 5N2 NAS 4.0.5-13.28.96115. This affects an unknown function of the file /mysql/api/diags.php of the component Access Control. The manipulation of the argument name as part of a...
Auteur: VulDB

LibSass 3.5.5 inspect.cpp String_Quoted*) denial of service

A vulnerability classified as problematic was found in LibSass 3.5.5. Affected by this vulnerability is the function Sass::Inspect::operator()(Sass::String_Quoted*) of the file inspect.cpp. The manipulation with an unknown input leads to a...
Auteur: VulDB

LibSass 3.5.5 SharedPtr.hpp populate_extends denial of service

A vulnerability was found in LibSass 3.5.5. It has been rated as problematic. This issue affects the function Sass::Selector_List::populate_extends of the file SharedPtr.hpp. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

Ninja Forms Plugin up to 3.3.19.0 on WordPress step-processing.php redirect Open Redirect

A vulnerability was found in Ninja Forms Plugin up to 3.3.19.0 on WordPress. It has been declared as critical. This vulnerability affects an unknown function in the library lib/StepProcessing/step-processing.php. The manipulation of the argument...
Auteur: VulDB

ChipsBank UMPTool Password Storage weak encryption [CVE-2018-19795]

A vulnerability was found in ChipsBank UMPTool (the affected version unknown). It has been classified as critical. This affects an unknown function of the component Password Storage. The manipulation with an unknown input leads to a weak...
Auteur: VulDB

Linux Kernel up to 4.19.6 ALSA Driver sound/usb/card.c memory corruption

A vulnerability classified as critical has been found in Linux Kernel up to 4.19.6. Affected is an unknown function of the file sound/usb/card.c of the component ALSA Driver. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Internet2 Grouper 2.2 UiV2Public.index code cross site scripting

A vulnerability was found in Internet2 Grouper 2.2 and classified as problematic. Affected by this issue is an unknown function of the file UiV2Public.index. The manipulation of the argument code as part of a Parameter leads to a cross site...
Auteur: VulDB

HPE Intelligent Management Center up to 7.2 dbman Code Execution memory corruption

A vulnerability has been found in HPE Intelligent Management Center up to 7.2 and classified as critical. Affected by this vulnerability is an unknown function of the component dbman. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

HPE Integrated Lights-Out 5 up to 1.36 Firmware Update privilege escalation

A vulnerability, which was classified as critical, was found in HPE Integrated Lights-Out 5 up to 1.36. Affected is an unknown function of the component Firmware Update Handler. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

HHVM up to 3.21.7/3.24.3 Proxygen denial of service

A vulnerability classified as problematic has been found in HHVM up to 3.21.7/3.24.3. This affects an unknown function of the component Proxygen. The manipulation with an unknown input leads to a denial of service vulnerability. CWE is...
Auteur: VulDB

Netgate pfSense 2.4.4-RELEASE powerd_battery_mode command injection

A vulnerability was found in Netgate pfSense 2.4.4-RELEASE. It has been rated as critical. Affected by this issue is an unknown function. The manipulation of the argument powerd_battery_mode as part of a POST Parameter leads to a privilege...
Auteur: VulDB

Netgate pfSense 2.4.4-RELEASE powerd_ac_mode command injection

A vulnerability was found in Netgate pfSense 2.4.4-RELEASE. It has been declared as critical. Affected by this vulnerability is an unknown function. The manipulation of the argument powerd_ac_mode as part of a POST Parameter leads to a privilege...
Auteur: VulDB

Netgate pfSense 2.4.4-RELEASE powerd_normal_mode command injection

A vulnerability was found in Netgate pfSense 2.4.4-RELEASE. It has been classified as critical. Affected is an unknown function. The manipulation of the argument powerd_normal_mode as part of a POST Request leads to a privilege escalation...
Auteur: VulDB

Quicken Deluxe 2018 5.2.2 on Mac Password Protection privilege escalation

A vulnerability was found in Quicken Deluxe 2018 5.2.2 on Mac and classified as critical. This issue affects an unknown function of the component Password Protection. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

MetInfo 6.1.3 HTTP Header applogin.php $_COOKIE privilege escalation

A vulnerability has been found in MetInfo 6.1.3 and classified as critical. This vulnerability affects an unknown function of the file include/interface/applogin.php of the component HTTP Header Handler. The manipulation of the argument $_COOKIE...
Auteur: VulDB

MetInfo 6.1.3 admin/column/move.php lang_columnerr4 cross site scripting

A vulnerability, which was classified as problematic, was found in MetInfo 6.1.3. This affects an unknown function of the file admin/column/move.php. The manipulation of the argument lang_columnerr4 as part of a Parameter leads to a cross site...
Auteur: VulDB

LibSass 3.5.5 SharedPtr.cpp SharedPtr denial of service

A vulnerability, which was classified as problematic, has been found in LibSass 3.5.5. Affected by this issue is the function SharedPtr of the file SharedPtr.cpp. The manipulation with an unknown input leads to a denial of service vulnerability...
Auteur: VulDB

HPE Intelligent Management Center up to 7.2 dbman Filename denial of service

A vulnerability was found in HPE Intelligent Management Center up to 7.2. It has been classified as problematic. This affects an unknown function of the component dbman. The manipulation as part of a Filename leads to a denial of service...
Auteur: VulDB

HPE Intelligent Management Center up to 7.2 on Windows dbman.exe memory corruption

A vulnerability was found in HPE Intelligent Management Center up to 7.2 on Windows and classified as critical. Affected by this issue is an unknown function of the file dbman.exe. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

Brocade Fabric OS up to 7.4.2c/8.0.2e/8.1.2e/8.2.0 Proxy Service privilege escalation

A vulnerability, which was classified as critical, has been found in Brocade Fabric OS up to 7.4.2c/8.0.2e/8.1.2e/8.2.0. This issue affects an unknown function of the component Proxy Service. The manipulation with an unknown input leads to a...
Auteur: VulDB

Brocade Fabric OS up to 7.4.2c/8.0.2e/8.1.2e/8.2.0 Command Line Interface privilege escalation

A vulnerability classified as critical was found in Brocade Fabric OS up to 7.4.2c/8.0.2e/8.1.2e/8.2.0. This vulnerability affects an unknown function of the component Command Line Interface. The manipulation with an unknown input leads to a...
Auteur: VulDB

lxml up to 4.2.4 javascript URL lxml/html/clean.py cross site scripting

A vulnerability, which was classified as problematic, was found in lxml up to 4.2.4. Affected is an unknown function of the file lxml/html/clean.py of the component javascript URL Handler. The manipulation with the input value j a v a s c r i p...
Auteur: VulDB

Apple iTunes for Windows up to 12.7.3 Assertion privilege escalation

A vulnerability has been found in Apple iTunes for Windows up to 12.7.3 and classified as critical. This vulnerability affects a functionality. The manipulation with an unknown input leads to a privilege escalation vulnerability (Assertion). The...
Auteur: VulDB

Apple watchOS up to 4.2 Assertion privilege escalation

A vulnerability, which was classified as critical, was found in Apple watchOS up to 4.2. This affects a function. The manipulation with an unknown input leads to a privilege escalation vulnerability (Assertion). CWE is classifying the issue as...
Auteur: VulDB

Apple tvOS up to 11.2 Assertion privilege escalation

A vulnerability, which was classified as critical, has been found in Apple tvOS up to 11.2. Affected by this issue is some functionality. The manipulation with an unknown input leads to a privilege escalation vulnerability (Assertion). Using CWE...
Auteur: VulDB
First271272273274275276277278279280Last

Événements SSI

READY FOR IT

La première édition de Ready For IT se déroule du 20 au 22 mai 2019 à Monaco (Grimaldi Forum) : conférences, keynotes, ateliers et rendez-vous one-to-one. Organisé par DG Consultants.

Présentation de l'événement par l'organisateur

DG Consultants, l’organisateur depuis 18 ans des Assises de la Sécurité, innove en lançant Ready For It, un nouveau rendez-vous business, centré sur la convergence des technologies et l’expérience client.
Pourquoi ce nouvel événement ?
Parce que la demande explose de la part des entreprises qui sont toutes engagées dans la transformation numérique.
Tandis que les fournisseurs font évoluer leurs offres et s’organisent en écosystèmes technologiques afin d’ être au plus proches des besoins de leurs clients.
Entre les impératifs business, les demandes des métiers, les contraintes techniques, les promesses des nouveaux concepts (IA, BlockChain…), les organisations sont en attente de solutions, de conseils et de service.
S’engager dans le Cloud ?
Oui mais comment et avec quel partenaire ?
Structurer les données mais avec quelles technologies et dans quel cadre ? Et quid de la sécurité qui doit désormais être au cœur de tous les processus IT ?
Voilà pourquoi DG Consultants, la référence dans le monde des rencontres d’affaires a conçu Ready For It.
Pour réunir dans un cadre convivial et autour de contenu de qualité tous les acteurs importants de l’IT, mais également les start-ups qui savent apporter l’innovation et la « disruption ».
Rendez-vous du 20 au 22 mai 2019 à Monaco !

Plus d'infos sur le site dédié à l'événement.

 

HACK IN PARIS

Pour sa 9ème édition la conférence Hack In Paris sur la sécurité IT se tient du 16 au 20 juin 2019 à Paris, Maison de la Chimie. Organisée par Sysdream.

RSS