jeudi 18 juillet 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

rdesktop up to 1.8.3 rdpsnd_process_ping() memory corruption

A vulnerability was found in rdesktop up to 1.8.3. It has been rated as critical. Affected by this issue is the function rdpsnd_process_ping(). The manipulation with an unknown input leads to a memory corruption vulnerability (Out-of-Bounds)....
Auteur: VulDB

rdesktop up to 1.8.3 process_plane() memory corruption

A vulnerability was found in rdesktop up to 1.8.3. It has been declared as critical. Affected by this vulnerability is the function process_plane(). The manipulation with an unknown input leads to a memory corruption vulnerability (Heap-based)....
Auteur: VulDB

rdesktop up to 1.8.3 process_bitmap_updates() memory corruption

A vulnerability was found in rdesktop up to 1.8.3. It has been classified as critical. Affected is the function process_bitmap_updates(). The manipulation with an unknown input leads to a memory corruption vulnerability (Out-of-Bounds). CWE is...
Auteur: VulDB

rdesktop up to 1.8.3 process_bitmap_updates() memory corruption

A vulnerability was found in rdesktop up to 1.8.3 and classified as critical. This issue affects the function process_bitmap_updates(). The manipulation with an unknown input leads to a memory corruption vulnerability (Integer Overflow). Using...
Auteur: VulDB

rdesktop up to 1.8.3 process_bitmap_updates() memory corruption

A vulnerability has been found in rdesktop up to 1.8.3 and classified as critical. This vulnerability affects the function process_bitmap_updates(). The manipulation with an unknown input leads to a memory corruption vulnerability (Integer...
Auteur: VulDB

rdesktop up to 1.8.3 cssp_read_tsrequest() memory corruption

A vulnerability, which was classified as critical, was found in rdesktop up to 1.8.3. This affects the function cssp_read_tsrequest(). The manipulation with an unknown input leads to a memory corruption vulnerability (Heap-based). CWE is...
Auteur: VulDB

rdesktop up to 1.8.3 cssp_read_tsrequest() denial of service

A vulnerability, which was classified as problematic, has been found in rdesktop up to 1.8.3. Affected by this issue is the function cssp_read_tsrequest(). The manipulation with an unknown input leads to a denial of service vulnerability...
Auteur: VulDB

rdesktop up to 1.8.3 rdpdr_process() memory corruption

A vulnerability classified as critical was found in rdesktop up to 1.8.3. Affected by this vulnerability is the function rdpdr_process(). The manipulation with an unknown input leads to a memory corruption vulnerability (Out-of-Bounds). The CWE...
Auteur: VulDB

coTURN up to 4.5.0.8 Administrator Web Portal sql injection

A vulnerability classified as critical has been found in coTURN up to 4.5.0.8. Affected is an unknown function of the component Administrator Web Portal. The manipulation with an unknown input leads to a sql injection vulnerability. CWE is...
Auteur: VulDB

WibuKey Network Server Management 6.40.2402.500 TCP Packet WkbProgramLow memory corruption

A vulnerability was found in WibuKey Network Server Management 6.40.2402.500. It has been rated as critical. This issue affects the function WkbProgramLow of the component TCP Packet Handler. The manipulation with an unknown input leads to a...
Auteur: VulDB

Wibu-Systems WibuKey.sys 6.40 IOCTL Handler Function IRP Request Kernel Memory memory corruption

A vulnerability was found in Wibu-Systems WibuKey.sys 6.40. It has been declared as critical. This vulnerability affects a code block of the component IOCTL Handler Function. The manipulation as part of a IRP Request leads to a memory corruption...
Auteur: VulDB

Wibu-Systems WibuKey.sys 6.40 IOCTL Handler Function IRP Request Uninitialized Memory information disclosure

A vulnerability was found in Wibu-Systems WibuKey.sys 6.40. It has been classified as problematic. This affects code of the component IOCTL Handler Function. The manipulation as part of a IRP Request leads to a information disclosure...
Auteur: VulDB

Kaseya VSA RMM privilege escalation [CVE-2018-20753]

A vulnerability was found in Kaseya VSA RMM and classified as critical. Affected by this issue is a part. The manipulation with an unknown input leads to a privilege escalation vulnerability. Using CWE to declare the problem leads to CWE-269....
Auteur: VulDB

Rarlab WinRar prior 5.70 beta 1 Archive Out-of-Bounds memory corruption

A vulnerability has been found in Rarlab WinRar (File Compression Software) and classified as critical. Affected by this vulnerability is a functionality of the component Archive Handler. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

Rarlab WinRar prior 5.70 beta 1 ACE Archive UNACEV2.dll validator filename directory traversal

A vulnerability, which was classified as critical, was found in Rarlab WinRar (File Compression Software). Affected is the function validator in the library UNACEV2.dll of the component ACE Archive Handler. The manipulation of the argument...
Auteur: VulDB

Rarlab WinRar prior 5.70 beta 1 ACE filename Code Execution directory traversal

A vulnerability, which was classified as critical, has been found in Rarlab WinRar (File Compression Software). This issue affects some functionality of the component ACE Handler. The manipulation of the argument filename with an unknown input...
Auteur: VulDB

LCDS LAquis SCADA prior 4.1.0.4150 Project File memory corruption

A vulnerability classified as critical was found in LCDS LAquis SCADA (Automation Software). This vulnerability affects the functionality of the component Project File Handler. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

LCDS LAquis SCADA prior 4.1.0.4150 Project File Remote Code Execution

A vulnerability classified as critical has been found in LCDS LAquis SCADA (Automation Software). This affects an unknown function of the component Project File Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

LCDS LAquis SCADA prior 4.1.0.4150 weak authentication [CVE-2018-19000]

A vulnerability was found in LCDS LAquis SCADA (Automation Software). It has been rated as critical. Affected by this issue is some processing. The manipulation with an unknown input leads to a weak authentication vulnerability. Using CWE to...
Auteur: VulDB

LCDS LAquis SCADA prior 4.1.0.4150 Default Credentials weak authentication

A vulnerability was found in LCDS LAquis SCADA (Automation Software). It has been declared as critical. Affected by this vulnerability is a code block. The manipulation with an unknown input leads to a weak authentication vulnerability (Default...
Auteur: VulDB

LCDS LAquis SCADA prior 4.1.0.4150 Authorization Remote Code Execution

A vulnerability was found in LCDS LAquis SCADA (Automation Software). It has been classified as critical. Affected is code of the component Authorization. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code...
Auteur: VulDB

LCDS LAquis SCADA prior 4.1.0.4150 Remote Code Execution [CVE-2018-18992]

A vulnerability was found in LCDS LAquis SCADA (Automation Software) and classified as critical. This issue affects a part. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code Execution). Using CWE to...
Auteur: VulDB

LCDS LAquis SCADA prior 4.1.0.4150 information disclosure [CVE-2018-18990]

A vulnerability has been found in LCDS LAquis SCADA (Automation Software) and classified as problematic. This vulnerability affects a functionality. The manipulation with an unknown input leads to a information disclosure vulnerability. The CWE...
Auteur: VulDB

LCDS LAquis SCADA prior 4.1.0.4150 Report Out-of-Bounds memory corruption

A vulnerability, which was classified as critical, was found in LCDS LAquis SCADA (Automation Software). This affects a function of the component Report Handler. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

Mozilla Firefox up to 64 Proxy Auto-Config PAC File Open Redirect

A vulnerability, which was classified as critical, has been found in Mozilla Firefox up to 64 (Web Browser). Affected by this issue is some functionality of the component Proxy Auto-Config. The manipulation as part of a PAC File leads to a...
Auteur: VulDB
First276277278279280281282283284285Last

Événements SSI

BLACK HAT

Événement majeur mondial sur la sécurité de l'information la conférence Black Hat USA a lieu du 3 au 8 août 2019 à Las Vegas (Mandalay Bay). Organisé par UBM.


Présentation par l'organisateur

Now in its 22nd year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2019 opens with four days of technical Trainings (August 3-6) followed by the two-day main conference (August 7-8) featuring Briefings, Arsenal, Business Hall, and more.

 Plus d'infos sur le site dédié à l'événement.

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

Présentation par l'organisateur



Retour sur Les Assises 2018

La 18ème édition des Assises de la Sécurité à Monaco, c’est terminé ! Encore merci aux 2800 participants dont les 160 partenaires qui pendant trois jours se sont retrouvés pour faire vivre cet événement unique en France. Conférences, one-to-one, tables-rondes, ateliers, moments de networking… Par leur contenu, par la qualité des visiteurs et par la richesse des échanges, les Assises se positionnent plus que jamais comme le rendez-vous incontournable de tous les professionnels de la cybersécurité. A l’image du marché qui ne cesse d’évoluer, les Assises savent adapter leur offre afin de répondre au mieux aux attentes du secteur. Ainsi cette édition a-t-elle voulu mettre en avant les grands enjeux du moment en multipliant les prises de parole, les démonstrations et les retours d’expérience.

Rendez-vous maintenant pour la prochaine édition qui aura lieu du 9 au 12 octobre 2019

Plus d'informations sur le site dédié à l'événement.

RSS