lundi 24 février 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Western Digital mycloud.com up to 2.2.0 cross site scripting

A vulnerability classified as problematic has been found in Western Digital mycloud.com up to 2.2.0. This affects an unknown code. Upgrading to version 2.2.0-134 eliminates this vulnerability.
Auteur: VulDB

Trend Micro Vulnerability Protection 2.0 DLL privilege escalation

A vulnerability was found in Trend Micro Vulnerability Protection 2.0. It has been rated as critical. Affected by this issue is an unknown part of the component DLL Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Honeywell INNCOM INNControl 3 Configuration File privilege escalation

A vulnerability was found in Honeywell INNCOM INNControl 3. It has been classified as critical. Affected is an unknown functionality of the component Configuration File Handler. There is no information about possible countermeasures known. It may...
Auteur: VulDB

UAP-Core up to 0.7.2 Regular Expression User-Agent ReDoS denial of service

A vulnerability was found in UAP-Core up to 0.7.2 and classified as problematic. This issue affects an unknown function of the component Regular Expression Handler. Upgrading to version 0.7.3 eliminates this vulnerability.
Auteur: VulDB

openHAB up to 2.5.1 REST privilege escalation

A vulnerability has been found in openHAB up to 2.5.1 and classified as critical. This vulnerability affects some unknown processing of the component REST Handler. Upgrading to version 2.5.2 eliminates this vulnerability.
Auteur: VulDB

Adobe After Effects up to 16.1.2 Out-of-Bounds memory corruption

A vulnerability, which was classified as critical, was found in Adobe After Effects up to 16.1.2. This affects an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

Adobe Media Encoder up to 14.0 Out-of-Bounds memory corruption

A vulnerability, which was classified as critical, has been found in Adobe Media Encoder up to 14.0. Affected by this issue is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

IBM Emptoris Spend Analysis 10.1.0.x/10.1.1.x/10.1.3.x Back-End Database sql injection

A vulnerability classified as critical was found in IBM Emptoris Spend Analysis and Emptoris Strategic Supply Management 10.1.0.x/10.1.1.x/10.1.3.x. Affected by this vulnerability is an unknown part of the component Back-End Database. There is no...
Auteur: VulDB

IBM Maximo Asset Management 7.6.0.10/7.6.1.1 information disclosure

A vulnerability classified as problematic has been found in IBM Maximo Asset Management 7.6.0.10/7.6.1.1. Affected is some unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Electronic Arts Origin 10.5.55.33574 DACL Origin.exe WriteFileEx() Named Pipe privilege escalation

A vulnerability was found in Electronic Arts Origin 10.5.55.33574. It has been rated as critical. This issue affects the function WriteFileEx() in the library libeay32.dll of the file Origin.exe of the component DACL Handler. There is no...
Auteur: VulDB

Trend Micro Security 2019 up to 15.0.0.1163 Malware Protection denial of service

A vulnerability was found in Trend Micro Security 2019 up to 15.0.0.1163. It has been declared as problematic. This vulnerability affects an unknown function of the component Malware Protection. There is no information about possible...
Auteur: VulDB

ONOS 1.14 Ethernet VPN Application Code Execution

A vulnerability was found in ONOS 1.14. It has been classified as critical. This affects some unknown processing of the component Ethernet VPN Application. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

ONOS 1.14 Virtual Tenant Network Application Code Execution

A vulnerability was found in ONOS 1.14 and classified as critical. Affected by this issue is an unknown code block of the component Virtual Tenant Network Application. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ONOS 1.14 Access Control Application Code Execution

A vulnerability has been found in ONOS 1.14 and classified as critical. Affected by this vulnerability is an unknown code of the component Access Control Application. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ONOS 1.14 Mobility Application Code Execution

A vulnerability, which was classified as critical, was found in ONOS 1.14. Affected is an unknown part of the component Mobility Application. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

ONOS 1.14 Virtual Broadband Network Gateway application Code Execution

A vulnerability, which was classified as critical, has been found in ONOS 1.14. This issue affects some unknown functionality of the component Virtual Broadband Network Gateway application. There is no information about possible countermeasures...
Auteur: VulDB

ONOS 1.14 Event Code Execution

A vulnerability classified as critical was found in ONOS 1.14. This vulnerability affects an unknown functionality of the component Event Handler. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Trend Micro Installer DLL privilege escalation [CVE-2019-14688]

A vulnerability classified as critical has been found in Trend Micro Installer (the affected version unknown). This affects an unknown function of the component DLL Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ONOS up to 2.0 ARP Reply weak authentication

A vulnerability was found in ONOS up to 2.0. It has been rated as critical. Affected by this issue is some unknown processing of the component ARP Reply Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

libarchive up to 3.4.1 RAR5 File archive_read_support_format_rar5.c memory corruption

A vulnerability was found in libarchive up to 3.4.1 (File Compression Software). It has been declared as critical. Affected by this vulnerability is an unknown code block of the file archive_read_support_format_rar5.c of the component RAR5 File...
Auteur: VulDB

mod_auth_openidc up to 2.4.0 Open Redirect [CVE-2019-20479]

A vulnerability was found in mod_auth_openidc up to 2.4.0. It has been classified as problematic. Affected is an unknown code. Upgrading to version 2.4.1 eliminates this vulnerability.
Auteur: VulDB

Cisco Releases Security Updates

Original release date: February 20, 2020Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates...
Auteur: US Cert

Adobe Releases Security Updates for After Effects and Media Encoder

Original release date: February 20, 2020Adobe has released security updates to address vulnerabilities in After Effects and Media Encoder. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity...
Auteur: US Cert

CERTFR-2020-AVI-106 : Multiples vulnérabilités dans IBM WebSphere (20 février 2020)

De multiples vulnérabilités ont été découvertes dans IBM WebSphere. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et une élévation de privilèges.

Auteur: Cert FR

CERTFR-2020-AVI-105 : Vulnérabilité dans Cisco Unified Contact Center Express (Unified CCX) (20 février 2020)

Une vulnérabilité a été découverte dans Cisco Unified Contact Center Express (Unified CCX) . Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance et une atteinte à l'intégrité des données.

Auteur: Cert FR
12345678910Last

Événements SSI