dimanche 21 avril 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Multiple Bugfixes in PHP (CERT-EU Security Advisory 2014-005)

The PHP development team announces the immediate availability of PHP 5.5.8. About 15 bugs were fixed. The PHP development team announces the immediate availability of PHP 5.4.20. About 30 bugs were fixed.
Auteur: Cert EU

Multiple Vulnerabilities in Cisco Secure Access Control System (CERT-EU Security Advisory 2014-004)

Cisco Secure Access Control System (ACS) is affected by the following vulnerabilities: -Cisco Secure ACS RMI Privilege Escalation Vulernability -Cisco Secure ACS RMI Unauthenticated User Access Vulnerability -Cisco Secure ACS Operating System...
Auteur: Cert EU

Oracle Critical Patch Update Advisory of January 2014 (CERT-EU Security Advisory 2014-003)

Oracle Critical Patch Update Advisory of January 2014 contains 144 new security fixes across the product families.
Auteur: Cert EU

Multiple Microsoft vulnerabilities (CERT-EU Security Advisory 2014-002)

The vulnerabilities could allow remote code execution if a specially crafted file is opened in an affected version of Microsoft Word or other affected Microsoft Office software. An attacker who successfully exploited the vulnerabilities could...
Auteur: Cert EU

Multiple Adobe vulnerabilities (CERT-EU Security Advisory 2014-001)

Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.05) and earlier versions for Windows and Macintosh.
Auteur: Cert EU

Cisco ASA Denial of service (CERT-EU Security Advisory 2013-0100)

A vulnerability in the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected system to become unresponsive to management session requests via SSH, Telnet, HTTP, and HTTPS.
Auteur: Cert EU

WMware ESX multiple vulnerabilities (CERT-EU Security Advisory 2013-0099)

VMware has updated several third party libraries in ESX that address multiple security vulnerabilities.
Auteur: Cert EU

Microsoft December 2013 patches (CERT-EU Security Advisory 2013-0098)

Microsoft has released December 2013 patches.
Auteur: Cert EU

VMware Products Increased privileges - Existing account [1] (CERT-EU Security Advisory 2013-0097)

VMware Workstation, Fusion, ESXi and ESX patches address a vulnerability in the LGTOSYNC.SYS driver which could result in a privilege escalation on older Windows-based Guest Operating Systems.
Auteur: Cert EU

Cisco ASA Malformed DNS Reply Denial of Service Vulnerability [1] (CERT-EU Security Advisory 2013-0096)

A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause the reload of an affected system.
Auteur: Cert EU

JBoss Enterprice Aplication Platform update [1] (CERT-EU Security Advisory 2013-095)

An update for Red Hat JBoss Enterprise Application Platform 6.2.0, which fixes two security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal.
Auteur: Cert EU

Microsoft Advance Security Updates (CERT-EU Security Advisory 2013-094)

Microsoft has published an advanced for a number of new security updates which will be released on December 13, 2013.
Auteur: Cert EU

Microsoft Windows local privilege escalation zero-day bypassing Adobe Reader sandbox in the wild (CERT-EU Security Advisory 2013-093)

A new Windows local privilege escalation vulnerability has been identified in the wild [1].
Auteur: Cert EU

Security updates available for Adobe Flash Player (CERT-EU Security Advisory 2013-092)

Adobe has released security updates for Adobe Flash Player 11.9.900.117 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.310 and earlier versions for Linux.
Auteur: Cert EU

Hotfix available for ColdFusion (CERT-EU Security Advisory 2013-091)

Adobe has released a security hotfix for ColdFusion versions 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and Linux.
Auteur: Cert EU

Microsoft Security Updates (CERT-EU Security Advisory 2013-090)

Microsoft has published on a number of new security updates which has been released on November 13, 2013.
Auteur: Cert EU

Microsoft Security Advisory [1] (CERT-EU Security Advisory 2013-0089)

Microsoft is investigating private reports of a vulnerability in the Microsoft Graphics component that affects Microsoft Windows, Microsoft Office, and Microsoft Lync.
Auteur: Cert EU

Cisco IOS XE: Denial of service - Remote/unauthenticated [1] (CERT-EU Security Advisory 2013-0088)

Cisco IOS XE Software for 1000 Series Aggregation Services Routers (ASR) contains the following denial of service (DoS) vulnerabilities
Auteur: Cert EU

Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products [1] (CERT-EU Security Advisory 2013-0087)

Multiple Cisco products include an implementation of Apache Struts 2 component that is affected by a remote command execution vulnerability.
Auteur: Cert EU

Several Vulnerabilities and Security Notices in multiple Cisco products (CERT-EU Security Advisory 2013-0086)

A vulnerability in the fabric interconnect of Cisco Unified Computing System could allow an authenticated, local attacker to cause a denial of service (DoS) condition.
Auteur: Cert EU

RSA Authentication Agent: Reduced security [1] (CERT-EU Security Advisory 2013-0085)

In certain circumstances, RSA Authentication Agent for Web for IIS protection can be bypassed due to a fail open flaw in the agent.
Auteur: Cert EU

Several Vulnerabilities in Linux kernel [1] (CERT-EU Security Advisory 2013-0084)

* It was found that the fix for CVE-2012-3552 released via RHSA-2012 ... * An information leak flaw was found in the way Linux kernel's device mapper subsystem,... * A format string flaw was found in the b43_do_request_fw() function in the Linux...
Auteur: Cert EU

Vulnerability in python-crypto (CERT-EU Security Advisory 2013-0083)

A cryptographic vulnerability was discovered in the pseudo random number generator in python-crypto.
Auteur: Cert EU

Multiple Vulnerabilities in MySQL 5.1 on Debian (CERT-EU Security Advisory 2013-0082)

This DSA updates the MySQL database to 5.1.72. This fixes multiple unspecified security problems in the Optimizer component: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html [1] [2]
Auteur: Cert EU

Several Vulnerabilities in RedHat (CERT-EU Security Advisory 2013-0081)

Updated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Auteur: Cert EU
First378379380381382383384385386387Last

Événements SSI

READY FOR IT

La première édition de Ready For IT se déroule du 20 au 22 mai 2019 à Monaco (Grimaldi Forum) : conférences, keynotes, ateliers et rendez-vous one-to-one. Organisé par DG Consultants.

Présentation de l'événement par l'organisateur

DG Consultants, l’organisateur depuis 18 ans des Assises de la Sécurité, innove en lançant Ready For It, un nouveau rendez-vous business, centré sur la convergence des technologies et l’expérience client.
Pourquoi ce nouvel événement ?
Parce que la demande explose de la part des entreprises qui sont toutes engagées dans la transformation numérique.
Tandis que les fournisseurs font évoluer leurs offres et s’organisent en écosystèmes technologiques afin d’ être au plus proches des besoins de leurs clients.
Entre les impératifs business, les demandes des métiers, les contraintes techniques, les promesses des nouveaux concepts (IA, BlockChain…), les organisations sont en attente de solutions, de conseils et de service.
S’engager dans le Cloud ?
Oui mais comment et avec quel partenaire ?
Structurer les données mais avec quelles technologies et dans quel cadre ? Et quid de la sécurité qui doit désormais être au cœur de tous les processus IT ?
Voilà pourquoi DG Consultants, la référence dans le monde des rencontres d’affaires a conçu Ready For It.
Pour réunir dans un cadre convivial et autour de contenu de qualité tous les acteurs importants de l’IT, mais également les start-ups qui savent apporter l’innovation et la « disruption ».
Rendez-vous du 20 au 22 mai 2019 à Monaco !

Plus d'infos sur le site dédié à l'événement.

 

HACK IN PARIS

Pour sa 9ème édition la conférence Hack In Paris sur la sécurité IT se tient du 16 au 20 juin 2019 à Paris, Maison de la Chimie. Organisée par Sysdream.

RSS