jeudi 17 octobre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Qualcomm Snapdragon Auto up to SDX24 Reason-code memory corruption

A vulnerability, which was classified as critical, has been found in Qualcomm Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDX24 txrx Status Double-Free memory corruption

A vulnerability classified as critical was found in Qualcomm Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice and Music (Chip Software). This...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDX24 Kernel SKB Memory Uninitialized Memory information disclosure

A vulnerability classified as problematic has been found in Qualcomm Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice and Music (Chip Software). This affects some unknown processing of the...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDX20 WLAN Request Use-After-Free memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT and Snapdragon Mobile (Chip Software). It has been rated as critical. Affected by this issue is an unknown code block of the component WLAN....
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDX24 DO_ACS Vendor Command Out-of-Bounds memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Voice & Music (Chip Software). It has been declared as...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDX24 WLAN Heap-based memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice and Music (Chip Software). It has been classified as critical. Affected is an unknown part of the...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDX24 WLAN Request Code Execution memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT and Snapdragon Mobile (Chip Software) and classified as critical. This issue affects some unknown functionality of the component WLAN. The...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SM7150 Kernel information disclosure

A vulnerability has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,...
Auteur: VulDB

CERTFR-2019-AVI-274 : Vulnérabilité dans Google Chrome (14 juin 2019)

Une vulnérabilité a été découverte dans Google Chrome. Elle permet à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Auteur: Cert FR

CERTFR-2019-AVI-273 : Multiples vulnérabilités dans Mozilla Thunderbird (14 juin 2019)

De multiples vulnérabilités ont été découvertes dans Mozilla Thunderbird. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.

Auteur: Cert FR

CERTFR-2019-AVI-272 : Vulnérabilité dans Xen (14 juin 2019)

Une vulnérabilité a été découverte dans Xen. Elle permet à un attaquant de provoquer un déni de service.

Auteur: Cert FR

CSRF Vulnerability in Cisco IOS XE Software Web UI (CERT-EU Security Advisory 2019-015)

A Cross-Site Request Forgery (CSRF) vulnerability in the web user interface (web UI) of CISCO IOS XE Software was discovered. In some CISCO products, the web UI has insufficient CSRF protection. An attacker can potentially perform a CSRF...
Auteur: Cert EU

Symantec Messaging Gateway up to 10.6.x information disclosure

A vulnerability, which was classified as problematic, was found in Symantec Messaging Gateway up to 10.6.x. This affects an unknown function. The manipulation with an unknown input leads to a information disclosure vulnerability. CWE is...
Auteur: VulDB

Linux Kernel up to 4.x mdio_bus.c __mdiobus_register() denial of service

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 4.x (Operating System). Affected by this issue is the function __mdiobus_register() of the file drivers/net/phy/mdio_bus.c. The manipulation with an...
Auteur: VulDB

Linux Kernel up to 4.20.14 net/nfc/llcp_commands.c nfc_llcp_build_tlv denial of service

A vulnerability classified as problematic was found in Linux Kernel up to 4.20.14 (Operating System). Affected by this vulnerability is the function nfc_llcp_build_tlv of the file net/nfc/llcp_commands.c. The manipulation with an unknown input...
Auteur: VulDB

Artifex MuPDF 1.14 fz_load_jpeg Variable memory corruption

A vulnerability classified as critical has been found in Artifex MuPDF 1.14 (Document Reader Software). Affected is the function fz_load_jpeg. The manipulation as part of a Variable leads to a memory corruption vulnerability (Heap-based). CWE is...
Auteur: VulDB

VideoLAN VLC Media Player up to 3.0.6 memory corruption [CVE-2019-5439]

A vulnerability was found in VideoLAN VLC Media Player up to 3.0.6 (Multimedia Player Software). It has been rated as critical. This issue affects an unknown part. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

HedEx Lite prior V200R006C00SPC007 Reflected cross site scripting

A vulnerability was found in HedEx Lite. It has been declared as problematic. This vulnerability affects some unknown functionality. The manipulation with an unknown input leads to a cross site scripting vulnerability (Reflected). The CWE...
Auteur: VulDB

HiSuite up to 9.1.0.300 DLL Loader privilege escalation

A vulnerability was found in HiSuite up to 9.1.0.300. It has been classified as critical. This affects an unknown functionality of the component DLL Loader. The manipulation with an unknown input leads to a privilege escalation vulnerability....
Auteur: VulDB

Crossmatch U.are.U 4500 v24 Driver Communication weak encryption

A vulnerability was found in Crossmatch U.are.U 4500 v24 and classified as problematic. Affected by this issue is an unknown function of the component Driver Communication. The manipulation with an unknown input leads to a weak encryption...
Auteur: VulDB

radare2 up to 3.5.1 libr/egg/egg_lang.c rcc_context memory corruption

A vulnerability has been found in radare2 up to 3.5.1 (Programming Tool Software) and classified as critical. Affected by this vulnerability is the function rcc_context of the file libr/egg/egg_lang.c. The manipulation with an unknown input...
Auteur: VulDB

Shopware up to 5.6.x Deserialization createInstanceFromNamedArguments Web Request Remote Code Execution

A vulnerability, which was classified as critical, was found in Shopware up to 5.6.x. Affected is the function createInstanceFromNamedArguments of the component Deserialization. The manipulation as part of a Web Request leads to a privilege...
Auteur: VulDB

Artifex MuJS 1.0.5 Regular Expression regexp.c memory corruption

A vulnerability, which was classified as critical, has been found in Artifex MuJS 1.0.5. This issue affects an unknown code of the file regexp.c of the component Regular Expression. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

Intel NUC Kit System Firmware Out-of-Bounds memory corruption

A vulnerability classified as critical was found in Intel NUC Kit (the affected version is unknown). This vulnerability affects an unknown part of the component System Firmware. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Intel NUC Kit System Firmware privilege escalation [CVE-2019-11128]

A vulnerability classified as critical has been found in Intel NUC Kit (the affected version unknown). This affects some unknown functionality of the component System Firmware. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB
First279280281282283284285286287288Last

Événements SSI

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS