samedi 15 juin 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

PowerSuite 2 VW3A8104 memcpy memory corruption

A vulnerability was found in PowerSuite 2 VW3A8104. It has been classified as critical. Affected is the function memcpy. The manipulation with an unknown input leads to a memory corruption vulnerability. CWE is classifying the issue as CWE-119....
Auteur: VulDB

FoxView HMI SCADA up to 9.3/10.4 Credential Management privilege escalation

A vulnerability was found in FoxView HMI SCADA up to 9.3/10.4 and classified as critical. This issue affects a part of the component Credential Management. The manipulation with an unknown input leads to a privilege escalation vulnerability....
Auteur: VulDB

Telegram 4.9.1 on Android Secret Chat privilege escalation

A vulnerability has been found in Telegram 4.9.1 on Android and classified as critical. This vulnerability affects a functionality of the component Secret Chat. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

c2p0 0.9.5.2 C3P0ConfigXmlUtils.java extractXmlConfigFromInputStream XML External Entity

A vulnerability, which was classified as critical, was found in c2p0 0.9.5.2. This affects the function extractXmlConfigFromInputStream of the file com/mchange/v2/c3p0/cfg/C3P0ConfigXmlUtils.java. The manipulation with an unknown input leads to...
Auteur: VulDB

Foxit Quick PDF Library up to 16.11 xref Entry DAOpenFile/DAOpenFileReadOnly memory corruption

A vulnerability, which was classified as critical, has been found in Foxit Quick PDF Library up to 16.11. Affected by this issue is the function DAOpenFile/DAOpenFileReadOnly of the component xref Entry Handler. The manipulation with an unknown...
Auteur: VulDB

Foxit Quick PDF Library up to 16.11 xref Table memory corruption

A vulnerability classified as critical was found in Foxit Quick PDF Library up to 16.11. Affected by this vulnerability is the function LoadFromFile/LoadFromString/LoadFromStream/DAOpenFile/DAOpenFileReadOnly of the component xref Table Handler....
Auteur: VulDB

Foxit Quick PDF Library up to 16.11 Tree Structure LoadFromFile/LoadFromString/LoadFromStream memory corruption

A vulnerability classified as critical has been found in Foxit Quick PDF Library up to 16.11. Affected is the function LoadFromFile/LoadFromString/LoadFromStream of the component Tree Structure Handler. The manipulation with an unknown input...
Auteur: VulDB

Epson WorkForce WF-2861 10.48 LQ22I3/10.51.LQ20I6/10.52.LQ17IA SNMP Service Amplification denial of service

A vulnerability was found in Epson WorkForce WF-2861 10.48 LQ22I3/10.51.LQ20I6/10.52.LQ17IA and classified as problematic. Affected by this issue is a part of the component SNMP Service. The manipulation with an unknown input leads to a denial...
Auteur: VulDB

Epson WorkForce WF-2861 10.48 LQ22I3/10.51.LQ20I6/10.52.LQ17IA Web Page /PRESENTATION/BONJOUR denial of service

A vulnerability has been found in Epson WorkForce WF-2861 10.48 LQ22I3/10.51.LQ20I6/10.52.LQ17IA and classified as problematic. Affected by this vulnerability is a functionality of the file /PRESENTATION/BONJOUR of the component Web Page. The...
Auteur: VulDB

Xiaomi Mi A1 Logcat Cleartext information disclosure

A vulnerability, which was classified as problematic, was found in Xiaomi Mi A1 tissot_sprout:8.1.0/OPM1.171019.026/V9.6.4.0.ODHMIFE. Affected is a function of the component Logcat. The manipulation with an unknown input leads to a information...
Auteur: VulDB

Apache Tika 1.8-1.19.1 SQLite3Parser Loop sql injection

A vulnerability, which was classified as critical, has been found in Apache Tika 1.8-1.19.1. This issue affects some functionality of the component SQLite3Parser. The manipulation with an unknown input leads to a sql injection vulnerability...
Auteur: VulDB

Synology DiskStation Manager up to 6.1.6 Log Exporter CSV command injection

A vulnerability was found in Synology DiskStation Manager up to 6.1.6. It has been rated as critical. This issue affects some processing of the component Log Exporter. The manipulation as part of a CSV leads to a privilege escalation...
Auteur: VulDB

Synology DiskStation Manager up to 6.1.6 SYNO.Core.Desktop.SessionData information disclosure

A vulnerability was found in Synology DiskStation Manager up to 6.1.6. It has been declared as problematic. This vulnerability affects a code block of the component SYNO.Core.Desktop.SessionData. The manipulation with an unknown input leads to a...
Auteur: VulDB

Synology Router Manager up to 1.1.7 info.cgi host cross site scripting

A vulnerability was found in Synology Router Manager up to 1.1.7. It has been classified as problematic. This affects code of the file info.cgi. The manipulation of the argument host as part of a Parameter leads to a cross site scripting...
Auteur: VulDB

Synology DiskStation Manager up to 6.1.6 info.cgi host cross site scripting

A vulnerability was found in Synology DiskStation Manager up to 6.1.6 and classified as problematic. Affected by this issue is a part of the file info.cgi. The manipulation of the argument host as part of a Parameter leads to a cross site...
Auteur: VulDB

EVLink Parking up to v3.2.0-12_v1 Remote Code Execution [CVE-2018-7801]

A vulnerability was found in EVLink Parking up to v3.2.0-12_v1. It has been rated as critical. Affected by this issue is some processing. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code Execution)....
Auteur: VulDB

XMPlay 3.8.3 m3u File Stack-based memory corruption

A vulnerability was found in XMPlay 3.8.3. It has been rated as critical. This issue affects some processing of the component m3u File Handler. The manipulation with an unknown input leads to a memory corruption vulnerability (Stack-based)....
Auteur: VulDB

Epson WorkForce WF-2861 10.48 LQ22I3/10.51.LQ20I6/10.52.LQ17IA Web Service ROM1 POST Request privilege escalation

A vulnerability was found in Epson WorkForce WF-2861 10.48 LQ22I3/10.51.LQ20I6/10.52.LQ17IA. It has been declared as critical. This vulnerability affects a code block of the file /DOWN/FIRMWAREUPDATE/ROM1 of the component Web Service. The...
Auteur: VulDB

Epson WorkForce WF-2861 10.48 LQ22I3/10.51.LQ20I6/10.52.LQ17IA Web Service ROM1 GET Request denial of service

A vulnerability was found in Epson WorkForce WF-2861 10.48 LQ22I3/10.51.LQ20I6/10.52.LQ17IA. It has been classified as problematic. This affects code of the file /DOWN/FIRMWAREUPDATE/ROM1 of the component Web Service. The manipulation as part of...
Auteur: VulDB

Cisco ASA Web Management Interface HTTP Requests privilege escalation

A vulnerability classified as critical was found in Cisco ASA (the affected version is unknown). This vulnerability affects the functionality of the component Web Management Interface. The manipulation as part of a HTTP Requests leads to a...
Auteur: VulDB

Tenda ADSL Modem 1.0.1 DHCP Client Hostname cross site scripting

A vulnerability was found in Tenda ADSL Modem 1.0.1. It has been classified as problematic. This affects code of the component DHCP Client. The manipulation as part of a Hostname leads to a cross site scripting vulnerability. CWE is classifying...
Auteur: VulDB

TP-LINK TD-W8961ND DHCP Client Hostname cross site scripting

A vulnerability was found in TP-LINK TD-W8961ND (affected version not known) and classified as problematic. Affected by this issue is a part of the component DHCP Client. The manipulation as part of a Hostname leads to a cross site scripting...
Auteur: VulDB

SZ NetChat up to 7.8 Options Module MyName cross site scripting

A vulnerability, which was classified as problematic, was found in SZ NetChat up to 7.8. Affected is a function of the component Options Module. The manipulation of the argument MyName with an unknown input leads to a cross site scripting...
Auteur: VulDB

Barracuda Message Archiver 2018 Add_Update Module ldap_load_entry.cgi ldap_user cross site scripting

A vulnerability, which was classified as problematic, has been found in Barracuda Message Archiver 2018. This issue affects some functionality of the file cgi-mod/ldap_load_entry.cgi of the component Add_Update Module. The manipulation of the...
Auteur: VulDB

Master Slider Plugin 3.2.7/3.5.1 on WordPress wp-admin/admin-ajax.php Name cross site scripting

A vulnerability classified as problematic was found in Master Slider Plugin 3.2.7/3.5.1 on WordPress. This vulnerability affects the functionality of the file wp-admin/admin-ajax.php. The manipulation of the argument Name with an unknown input...
Auteur: VulDB
First274275276277278279280281282283Last

Événements SSI

HACK IN PARIS

Pour sa 9ème édition la conférence Hack In Paris sur la sécurité IT se tient du 16 au 20 juin 2019 à Paris, Maison de la Chimie. Organisée par Sysdream.

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

Présentation par l'organisateur



Retour sur Les Assises 2018

La 18ème édition des Assises de la Sécurité à Monaco, c’est terminé ! Encore merci aux 2800 participants dont les 160 partenaires qui pendant trois jours se sont retrouvés pour faire vivre cet événement unique en France. Conférences, one-to-one, tables-rondes, ateliers, moments de networking… Par leur contenu, par la qualité des visiteurs et par la richesse des échanges, les Assises se positionnent plus que jamais comme le rendez-vous incontournable de tous les professionnels de la cybersécurité. A l’image du marché qui ne cesse d’évoluer, les Assises savent adapter leur offre afin de répondre au mieux aux attentes du secteur. Ainsi cette édition a-t-elle voulu mettre en avant les grands enjeux du moment en multipliant les prises de parole, les démonstrations et les retours d’expérience.

Rendez-vous maintenant pour la prochaine édition qui aura lieu du 9 au 12 octobre 2019

Plus d'informations sur le site dédié à l'événement.

RSS