jeudi 18 juillet 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

ONOS 1.15.0 Backquote Character YangWebResource.java privilege escalation

A vulnerability was found in ONOS 1.15.0 and classified as critical. This issue affects an unknown code block of the file apps/yang/web/src/main/java/org/onosproject/yang/web/YangWebResource.java of the component Backquote Character Handler. The...
Auteur: VulDB

NSA Ghidra up to 9.0.4 RestoreTask.java Filename directory traversal

A vulnerability has been found in NSA Ghidra up to 9.0.4 and classified as critical. This vulnerability affects an unknown code of the file RestoreTask.java. The manipulation with the input value ../ leads to a directory traversal vulnerability...
Auteur: VulDB

GPAC up to 0.7.x isomedia/isom_read.c memory corruption

A vulnerability, which was classified as critical, was found in GPAC up to 0.7.x. This affects an unknown part of the file isomedia/isom_read.c. The manipulation with an unknown input leads to a memory corruption vulnerability (Heap-based). CWE...
Auteur: VulDB

njs up to 0.3.3 nxt/nxt_sprintf.c nxt_vsprintf memory corruption

A vulnerability, which was classified as critical, has been found in njs up to 0.3.3. Affected by this issue is the function nxt_vsprintf of the file nxt/nxt_sprintf.c. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Simple DirectMedia Layer up to 1.2.15/2.0.9 video/SDL_blit_N.c BlitNtoN memory corruption

A vulnerability classified as critical was found in Simple DirectMedia Layer up to 1.2.15/2.0.9. Affected by this vulnerability is the function BlitNtoN of the file video/SDL_blit_N.c. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

VideoLAN VLC Media Player 3.0.7.1 demux.cpp FreeUnused() memory corruption

A vulnerability classified as critical has been found in VideoLAN VLC Media Player 3.0.7.1 (Multimedia Player Software). Affected is the function mkv::demux_sys_t::FreeUnused() of the file modules/demux/mkv/demux.cpp. The manipulation with an...
Auteur: VulDB

TP-LINK Wireless Router Archer Router up to 1.0.0 Device Debug Protocol Stack-based memory corruption

A vulnerability was found in TP-LINK Wireless Router Archer Router up to 1.0.0 (Router Operating System). It has been rated as critical. This issue affects some unknown processing of the component Device Debug Protocol Handler. The manipulation ...
Auteur: VulDB

CentOS-WebPanel.com CentOS Web Panel 0.9.8.838 weak authentication

A vulnerability was found in CentOS-WebPanel.com CentOS Web Panel 0.9.8.838. It has been declared as critical. This vulnerability affects an unknown code block. The manipulation with an unknown input leads to a weak authentication vulnerability....
Auteur: VulDB

HID Global DigitalPersona U.are.U 4500 up to 5.0.0.5 on Windows Framework Driver weak encryption

A vulnerability was found in HID Global DigitalPersona U.are.U 4500 up to 5.0.0.5 on Windows. It has been classified as critical. This affects an unknown code of the component Framework Driver. The manipulation with an unknown input leads to a...
Auteur: VulDB

Foliovision FV Flowplayer Video Player up to 7.3.19 on WordPress sql injection

A vulnerability was found in Foliovision FV Flowplayer Video Player up to 7.3.19 on WordPress (Multimedia Player Software) and classified as critical. Affected by this issue is an unknown part. The manipulation with an unknown input leads to a...
Auteur: VulDB

Zipios up to 0.1.6 zipheadio.h readUint32() ZIP Archive denial of service

A vulnerability has been found in Zipios up to 0.1.6 and classified as problematic. Affected by this vulnerability is the function readUint32() of the file zipheadio.h. The manipulation as part of a ZIP Archive leads to a denial of service...
Auteur: VulDB

Temenos CWX 8.9 Access Control EmployeeEdit2.aspx information disclosure

A vulnerability, which was classified as problematic, has been found in Temenos CWX 8.9. This issue affects an unknown function of the file /CWX/Employee/EmployeeEdit2.aspx of the component Access Control. The manipulation with an unknown input...
Auteur: VulDB

CentOS-WebPanel.com CentOS Web Panel 0.9.8.846 Login HTTP Response Username information disclosure

A vulnerability classified as problematic was found in CentOS-WebPanel.com CentOS Web Panel 0.9.8.846. This vulnerability affects some unknown processing of the component Login. The manipulation as part of a HTTP Response leads to a information...
Auteur: VulDB

CentOS-WebPanel.com CentOS Web Panel 0.9.8.836 weak authentication

A vulnerability classified as critical has been found in CentOS-WebPanel.com CentOS Web Panel 0.9.8.836. This affects an unknown code block. The manipulation with an unknown input leads to a weak authentication vulnerability. CWE is classifying...
Auteur: VulDB

CentOS-WebPanel.com CentOS Web Panel 0.9.8.836 Session File /tmp privilege escalation

A vulnerability was found in CentOS-WebPanel.com CentOS Web Panel 0.9.8.836. It has been rated as critical. Affected by this issue is an unknown code of the file /tmp of the component Session File. The manipulation with an unknown input leads to...
Auteur: VulDB

MyT 1.5.1 User[username] cross site scripting

A vulnerability was found in MyT 1.5.1. It has been declared as problematic. Affected by this vulnerability is an unknown part. The manipulation of the argument User[username] as part of a Parameter leads to a cross site scripting vulnerability....
Auteur: VulDB

Linux Kernel up to 5.1.16 kernel/ptrace.c privilege escalation

A vulnerability was found in Linux Kernel up to 5.1.16 (Operating System). It has been classified as critical. Affected is some unknown functionality of the file kernel/ptrace.c. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Libssh2 up to 1.8.x kex.c memory corruption

A vulnerability was found in Libssh2 up to 1.8.x and classified as critical. This issue affects the function kex_method_diffie_hellman_group_exchange_sha256_key_exchange in the library libssh2_check_length of the file kex.c. The manipulation ...
Auteur: VulDB

Citrix SD-WAN/Netscaler SD-WAN command injection [CVE-2019-12992]

A vulnerability has been found in Citrix SD-WAN and Netscaler SD-WAN (Network Management Software) (the affected version is unknown) and classified as critical. This vulnerability affects an unknown function. The manipulation with an unknown...
Auteur: VulDB

Citrix SD-WAN/Netscaler SD-WAN command injection [CVE-2019-12991]

A vulnerability, which was classified as critical, was found in Citrix SD-WAN and Netscaler SD-WAN (Network Management Software) (the affected version unknown). This affects some unknown processing. The manipulation with an unknown input leads...
Auteur: VulDB

Citrix SD-WAN/Netscaler SD-WAN directory traversal [CVE-2019-12990]

A vulnerability, which was classified as very critical, has been found in Citrix SD-WAN and Netscaler SD-WAN (Network Management Software) (affected version not known). Affected by this issue is an unknown code block. The manipulation with an...
Auteur: VulDB

Citrix SD-WAN/Netscaler SD-WAN sql injection [CVE-2019-12989]

A vulnerability classified as critical was found in Citrix SD-WAN and Netscaler SD-WAN (Network Management Software) (affected version unknown). Affected by this vulnerability is an unknown code. The manipulation with an unknown input leads to...
Auteur: VulDB

Citrix SD-WAN/Netscaler SD-WAN command injection [CVE-2019-12988]

A vulnerability classified as very critical has been found in Citrix SD-WAN and Netscaler SD-WAN (Network Management Software) (version unknown). Affected is an unknown part. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Citrix SD-WAN/Netscaler SD-WAN command injection [CVE-2019-12987]

A vulnerability was found in Citrix SD-WAN and Netscaler SD-WAN (Network Management Software) (unknown version). It has been rated as very critical. This issue affects some unknown functionality. The manipulation with an unknown input leads to...
Auteur: VulDB

Citrix SD-WAN/Netscaler SD-WAN command injection [CVE-2019-12986]

A vulnerability was found in Citrix SD-WAN and Netscaler SD-WAN (Network Management Software) (the affected version is unknown). It has been declared as very critical. This vulnerability affects an unknown functionality. The manipulation with...
Auteur: VulDB
12345678910Last

Événements SSI

BLACK HAT

Événement majeur mondial sur la sécurité de l'information la conférence Black Hat USA a lieu du 3 au 8 août 2019 à Las Vegas (Mandalay Bay). Organisé par UBM.


Présentation par l'organisateur

Now in its 22nd year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2019 opens with four days of technical Trainings (August 3-6) followed by the two-day main conference (August 7-8) featuring Briefings, Arsenal, Business Hall, and more.

 Plus d'infos sur le site dédié à l'événement.

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

Présentation par l'organisateur



Retour sur Les Assises 2018

La 18ème édition des Assises de la Sécurité à Monaco, c’est terminé ! Encore merci aux 2800 participants dont les 160 partenaires qui pendant trois jours se sont retrouvés pour faire vivre cet événement unique en France. Conférences, one-to-one, tables-rondes, ateliers, moments de networking… Par leur contenu, par la qualité des visiteurs et par la richesse des échanges, les Assises se positionnent plus que jamais comme le rendez-vous incontournable de tous les professionnels de la cybersécurité. A l’image du marché qui ne cesse d’évoluer, les Assises savent adapter leur offre afin de répondre au mieux aux attentes du secteur. Ainsi cette édition a-t-elle voulu mettre en avant les grands enjeux du moment en multipliant les prises de parole, les démonstrations et les retours d’expérience.

Rendez-vous maintenant pour la prochaine édition qui aura lieu du 9 au 12 octobre 2019

Plus d'informations sur le site dédié à l'événement.

RSS