jeudi 27 février 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

SAP Financial Consolidation up to 9.x Reflected cross site scripting

A vulnerability was found in SAP Financial Consolidation up to 9.x. It has been declared as problematic. This vulnerability affects an unknown code block. Upgrading to version 10.0 or 10.1 eliminates this vulnerability.
Auteur: VulDB

SAP Customer Relationship Management prior 1.0 cross site scripting

A vulnerability was found in SAP Customer Relationship Management. It has been classified as problematic. This affects an unknown code. Upgrading to version 1.0 eliminates this vulnerability.
Auteur: VulDB

SAP NetWeaver Process Integration prior 1.0/2.0 Authorization privilege escalation

A vulnerability was found in SAP NetWeaver Process Integration and classified as critical. Affected by this issue is an unknown part of the component Authorization. Upgrading to version 1.0 or 2.0 eliminates this vulnerability.
Auteur: VulDB

Centreon VM up to 19.04.3 Configuration File centreon-backup.pl privilege escalation

A vulnerability has been found in Centreon VM up to 19.04.3 and classified as critical. Affected by this vulnerability is some unknown functionality of the file centreon-backup.pl of the component Configuration File. There is no information about...
Auteur: VulDB

Centreon Web up to 2.8.26 licenseUpload.php POST Request privilege escalation

A vulnerability, which was classified as critical, was found in Centreon Web up to 2.8.26. Affected is an unknown functionality of the file licenseUpload.php. Upgrading to version 2.8.27 eliminates this vulnerability.
Auteur: VulDB

Centreon Web up to 2.8.27 getStats.php ns_id privilege escalation

A vulnerability, which was classified as critical, has been found in Centreon Web up to 2.8.27. This issue affects an unknown function of the file getStats.php. Upgrading to version 2.8.28 eliminates this vulnerability.
Auteur: VulDB

Centreon Web up to 2.8.27 makeXML_ListServices.php host_id sql injection

A vulnerability classified as critical was found in Centreon Web up to 2.8.27. This vulnerability affects some unknown processing of the file makeXML_ListServices.php. Upgrading to version 2.8.28 eliminates this vulnerability.
Auteur: VulDB

Centreon Web up to 2.8.26 img_gantt.php host_id sql injection

A vulnerability classified as critical has been found in Centreon Web up to 2.8.26. This affects an unknown code block of the file img_gantt.php. Upgrading to version 2.8.27 eliminates this vulnerability.
Auteur: VulDB

Centreon Web up to 2.8.26 weak authentication [CVE-2018-21020]

A vulnerability was found in Centreon Web up to 2.8.26. It has been rated as critical. Affected by this issue is an unknown code. Upgrading to version 2.8.27 eliminates this vulnerability.
Auteur: VulDB

VU#719689: Multiple vulnerabilities found in the Cobham EXPLORER 710 satcom terminal

The Cobham EXPLORER 710 is a portable satellite terminal used to provide satellite telecommunications and internet access. For consistency,“device” mentioned in the following section is defined as the Cobham EXPLORER 710. The affected firmware...
Auteur: US Cert

CERTFR-2019-AVI-499 : Multiples vulnérabilités dans les produits Microsoft (09 octobre 2019)

De multiples vulnérabilités ont été corrigées dans les produits Microsoft. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une exécution de code à distance et une usurpation d'identité.
Auteur: Cert FR

CERTFR-2019-AVI-498 : Multiples vulnérabilités dans Microsoft Windows (09 octobre 2019)

De multiples vulnérabilités ont été corrigées dans Microsoft Windows. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, un contournement de la fonctionnalité de sécurité, une usurpation d'identité, une...
Auteur: Cert FR

CERTFR-2019-AVI-497 : Multiples vulnérabilités dans Microsoft Office (09 octobre 2019)

De multiples vulnérabilités ont été corrigées dans Microsoft Office. Elles permettent à un attaquant de provoquer une élévation de privilèges, une exécution de code à distance et une usurpation d'identité.

Auteur: Cert FR

CERTFR-2019-AVI-496 : Multiples vulnérabilités dans Microsoft Edge (09 octobre 2019)

De multiples vulnérabilités ont été corrigées dans Microsoft Edge. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une exécution de code à distance et une usurpation d'identité.
Auteur: Cert FR

CERTFR-2019-AVI-495 : Multiples vulnérabilités dans Microsoft IE (09 octobre 2019)

De multiples vulnérabilités ont été corrigées dans Microsoft IE. Elles permettent à un attaquant de provoquer une exécution de code à distance et une usurpation d'identité.

Auteur: Cert FR

Dell Encryption Enterprise Installer Search Path privilege escalation

A vulnerability was found in Dell Encryption Enterprise and Endpoint Security Suite Enterprise (the affected version is unknown). It has been declared as critical. This vulnerability affects an unknown part of the component Installer. Upgrading...
Auteur: VulDB

SuSE Linux Enterprise Server 15 12 4.8-5.8.1/15 3.5.21-26.17.1 Squid Binary /usr/sbin/pinger privilege escalation

A vulnerability was found in SuSE Linux Enterprise Server 15 12 4.8-5.8.1/15 3.5.21-26.17.1 (Operating System). It has been classified as critical. This affects some unknown functionality of the file /usr/sbin/pinger of the component Squid Binary...
Auteur: VulDB

Xen up to 4.12.x Linux Kernel drivers/xen/balloon.c denial of service

A vulnerability was found in Xen up to 4.12.x (Virtualization Software) and classified as problematic. Affected by this issue is an unknown functionality of the file drivers/xen/balloon.c of the component Linux Kernel. There is no information...
Auteur: VulDB

Xen up to 4.12.x Loop denial of service

A vulnerability has been found in Xen up to 4.12.x (Virtualization Software) and classified as problematic. Affected by this vulnerability is an unknown function. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Xen up to 4.12.x Loop denial of service

A vulnerability, which was classified as problematic, was found in Xen up to 4.12.x (Virtualization Software). Affected is some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Xen up to 4.11.x PCID denial of service

A vulnerability, which was classified as problematic, has been found in Xen up to 4.11.x (Virtualization Software). This issue affects an unknown code block of the component PCID Handler. There is no information about possible countermeasures...
Auteur: VulDB

Xen up to 4.11.x privilege escalation [CVE-2019-17347]

A vulnerability classified as critical was found in Xen up to 4.11.x (Virtualization Software). This vulnerability affects an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Xen up to 4.11.x PCID privilege escalation

A vulnerability classified as critical has been found in Xen up to 4.11.x (Virtualization Software). This affects an unknown part of the component PCID Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Xen up to 4.11.x IOMMU Operation Crash denial of service

A vulnerability was found in Xen up to 4.11.x (Virtualization Software). It has been rated as problematic. Affected by this issue is some unknown functionality of the component IOMMU Operation Handler. There is no information about possible...
Auteur: VulDB

Xen up to 4.11.x PTE Update Restart denial of service

A vulnerability was found in Xen up to 4.11.x (Virtualization Software). It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component PTE Update Handler. There is no information about possible...
Auteur: VulDB
First272273274275276277278279280281Last

Événements SSI