dimanche 19 mai 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Nextcloud Server up to 12.0.7/13.0.2 Session Session Fixation weak authentication

A vulnerability classified as critical was found in Nextcloud Server up to 12.0.7/13.0.2. This vulnerability affects an unknown function of the component Session Handler. The manipulation with an unknown input leads to a weak authentication...
Auteur: VulDB

apex-publish-static-files up to 2.0.0 on npm Argument command injection

A vulnerability classified as critical has been found in apex-publish-static-files up to 2.0.0 on npm. This affects an unknown function. The manipulation as part of a Argument leads to a privilege escalation vulnerability (Command Injection)....
Auteur: VulDB

libnmapp up to 0.4.15 Range Option Argument command injection

A vulnerability was found in libnmapp up to 0.4.15. It has been rated as critical. Affected by this issue is an unknown function of the component Range Option Handler. The manipulation as part of a Argument leads to a privilege escalation...
Auteur: VulDB

Tenda AC7/AC9/AC10 goform/setUsbUnload dosystemCmd privilege escalation

A vulnerability was found in Tenda AC7, AC9 and AC10 (the affected version is unknown). It has been declared as critical. Affected by this vulnerability is the function dosystemCmd of the file goform/setUsbUnload. The manipulation with an...
Auteur: VulDB

ASRock RGBLED/A-Tuning/F-Stream/RestartToUEFI Driver AsrDrv102.sys privilege escalation

A vulnerability was found in ASRock RGBLED, A-Tuning, F-Stream and RestartToUEFI (the affected version is unknown). It has been classified as critical. Affected is an unknown function in the library AsrDrv101.sys/AsrDrv102.sys of the component...
Auteur: VulDB

ASRock RGBLED/A-Tuning/F-Stream/RestartToUEFI Driver AsrDrv102.sys privilege escalation

A vulnerability was found in ASRock RGBLED, A-Tuning, F-Stream and RestartToUEFI (the affected version is unknown) and classified as critical. This issue affects an unknown function in the library AsrDrv101.sys/AsrDrv102.sys of the component...
Auteur: VulDB

ASRock RGBLED/A-Tuning/F-Stream/RestartToUEFI Driver AsrDrv102.sys privilege escalation

A vulnerability, which was classified as critical, was found in ASRock RGBLED, A-Tuning, F-Stream and RestartToUEFI (the affected version is unknown). This affects an unknown function in the library AsrDrv101.sys/AsrDrv102.sys of the component...
Auteur: VulDB

EE 4GEE HH70 SSH core_app weak authentication

A vulnerability, which was classified as critical, has been found in EE 4GEE HH70 (the affected version is unknown). Affected by this issue is an unknown function of the file core_app of the component SSH. The manipulation with an unknown input...
Auteur: VulDB

OpenSSL up to 1.0.2p/1.1.0i/1.1.1 DSA Signature Timing Side-Channel weak encryption

A vulnerability classified as critical was found in OpenSSL up to 1.0.2p/1.1.0i/1.1.1. Affected by this vulnerability is an unknown function of the component DSA Signature Handler. The manipulation as part of a Timing leads to a weak encryption...
Auteur: VulDB

BitDefender GravityZone VMware Appliance up to 6.2.1-34 privilege escalation

A vulnerability classified as critical has been found in BitDefender GravityZone VMware Appliance up to 6.2.1-34. Affected is an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is...
Auteur: VulDB

Z-BlogPHP 1.5.2.1935 theme.js.php cross site request forgery

A vulnerability was found in Z-BlogPHP 1.5.2.1935. It has been rated as problematic. This issue affects an unknown function of the file zb_users/plugin/AppCentre/theme.js.php. The manipulation with an unknown input leads to a cross site request...
Auteur: VulDB

DocCms 2016.5.12 Template File system/changeskin.php upload_template() privilege escalation

A vulnerability was found in DocCms 2016.5.12 and classified as critical. Affected by this issue is the function upload_template() of the file system/changeskin.php of the component Template File Handler. The manipulation with an unknown input...
Auteur: VulDB

MantisBT up to 2.17.1 Edit Filter Page manage_filter_edit_page.php cross site scripting

A vulnerability classified as problematic has been found in MantisBT up to 2.17.1. Affected is an unknown function of the file manage_filter_edit_page.php of the component Edit Filter Page. The manipulation with an unknown input leads to a cross...
Auteur: VulDB

MantisBT up to 2.17.1 Filters Page manage_filter_page.php) cross site scripting

A vulnerability was found in MantisBT up to 2.17.1. It has been rated as problematic. This issue affects an unknown function of the file manage_filter_page.php) of the component Filters Page. The manipulation with an unknown input leads to a...
Auteur: VulDB

ASRock RGBLED/A-Tuning/F-Stream/RestartToUEFI Driver AsrDrv102.sys privilege escalation

A vulnerability has been found in ASRock RGBLED, A-Tuning, F-Stream and RestartToUEFI (the affected version is unknown) and classified as critical. This vulnerability affects an unknown function in the library AsrDrv101.sys/AsrDrv102.sys of the...
Auteur: VulDB

Interactive Advertising Bureau OpenRTB 2.3 information disclosure

A vulnerability was found in Interactive Advertising Bureau OpenRTB 2.3. It has been rated as problematic. This issue affects an unknown function. The manipulation with an unknown input leads to a information disclosure vulnerability. Using CWE...
Auteur: VulDB

python-kdcproxy up to 0.3.1 POST Request denial of service

A vulnerability was found in python-kdcproxy up to 0.3.1. It has been declared as problematic. This vulnerability affects an unknown function of the component POST Request Handler. The manipulation with an unknown input leads to a denial of...
Auteur: VulDB

Apple watchOS up to 5.0.1 Security denial of service

A vulnerability was found in Apple watchOS up to 5.0.1 and classified as problematic. This issue affects an unknown function of the component Security. The manipulation with an unknown input leads to a denial of service vulnerability. Using CWE...
Auteur: VulDB

Apple watchOS up to 5.0.1 Safari Reader Universal cross site scripting

A vulnerability has been found in Apple watchOS up to 5.0.1 and classified as critical. This vulnerability affects an unknown function of the component Safari Reader. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

Apple watchOS up to 5.0.1 Safari Reader Universal cross site scripting

A vulnerability, which was classified as critical, was found in Apple watchOS up to 5.0.1. This affects an unknown function of the component Safari Reader. The manipulation with an unknown input leads to a cross site scripting vulnerability...
Auteur: VulDB

Apple watchOS up to 5.0.1 NetworkExtension information disclosure

A vulnerability, which was classified as problematic, has been found in Apple watchOS up to 5.0.1. Affected by this issue is an unknown function of the component NetworkExtension. The manipulation with an unknown input leads to a information...
Auteur: VulDB

Apple watchOS up to 5.0.1 Kernel memory corruption

A vulnerability classified as critical was found in Apple watchOS up to 5.0.1. Affected by this vulnerability is an unknown function of the component Kernel. The manipulation with an unknown input leads to a memory corruption vulnerability. The...
Auteur: VulDB

Apple watchOS up to 5.0.1 Kernel memory corruption

A vulnerability classified as critical has been found in Apple watchOS up to 5.0.1. Affected is an unknown function of the component Kernel. The manipulation with an unknown input leads to a memory corruption vulnerability. CWE is classifying...
Auteur: VulDB

Apple watchOS up to 5.0.1 Kernel memory corruption

A vulnerability was found in Apple watchOS up to 5.0.1. It has been rated as critical. This issue affects an unknown function of the component Kernel. The manipulation with an unknown input leads to a memory corruption vulnerability. Using CWE...
Auteur: VulDB

Apple watchOS up to 5.0.1 IPSec Out-of-Bounds memory corruption

A vulnerability was found in Apple watchOS up to 5.0.1. It has been declared as critical. This vulnerability affects an unknown function of the component IPSec. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB
First321322323324325326327328329330Last

Événements SSI

READY FOR IT

La première édition de Ready For IT se déroule du 20 au 22 mai 2019 à Monaco (Grimaldi Forum) : conférences, keynotes, ateliers et rendez-vous one-to-one. Organisé par DG Consultants.

Présentation de l'événement par l'organisateur

DG Consultants, l’organisateur depuis 18 ans des Assises de la Sécurité, innove en lançant Ready For It, un nouveau rendez-vous business, centré sur la convergence des technologies et l’expérience client.
Pourquoi ce nouvel événement ?
Parce que la demande explose de la part des entreprises qui sont toutes engagées dans la transformation numérique.
Tandis que les fournisseurs font évoluer leurs offres et s’organisent en écosystèmes technologiques afin d’ être au plus proches des besoins de leurs clients.
Entre les impératifs business, les demandes des métiers, les contraintes techniques, les promesses des nouveaux concepts (IA, BlockChain…), les organisations sont en attente de solutions, de conseils et de service.
S’engager dans le Cloud ?
Oui mais comment et avec quel partenaire ?
Structurer les données mais avec quelles technologies et dans quel cadre ? Et quid de la sécurité qui doit désormais être au cœur de tous les processus IT ?
Voilà pourquoi DG Consultants, la référence dans le monde des rencontres d’affaires a conçu Ready For It.
Pour réunir dans un cadre convivial et autour de contenu de qualité tous les acteurs importants de l’IT, mais également les start-ups qui savent apporter l’innovation et la « disruption ».
Rendez-vous du 20 au 22 mai 2019 à Monaco !

Plus d'infos sur le site dédié à l'événement.

 

HACK IN PARIS

Pour sa 9ème édition la conférence Hack In Paris sur la sécurité IT se tient du 16 au 20 juin 2019 à Paris, Maison de la Chimie. Organisée par Sysdream.

RSS