lundi 18 novembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Linux Kernel up to 5.1.5 consolemap.c con_insert_unipair denial of service

A vulnerability was found in Linux Kernel up to 5.1.5 (Operating System) and classified as problematic. This issue affects the function con_insert_unipair of the file drivers/tty/vt/consolemap.c. The manipulation with an unknown input leads to a...
Auteur: VulDB

Linux Kernel up to 5.1.5 net/ipv6/ipv6_sockglue.c ip6_ra_control new_ra denial of service

A vulnerability has been found in Linux Kernel up to 5.1.5 (Operating System) and classified as critical. This vulnerability affects the function ip6_ra_control of the file net/ipv6/ipv6_sockglue.c. The manipulation of the argument new_ra with...
Auteur: VulDB

Tor Browser up to 8.0.0 UI Button Fingerprint information disclosure

A vulnerability classified as problematic has been found in Tor Browser up to 8.0.0 (Network Encryption Software). This affects an unknown function of the component UI. The manipulation as part of a Button leads to a information disclosure...
Auteur: VulDB

Petraware pTransformer ADC up to 2.1.7 Login Form User ID sql injection

A vulnerability, which was classified as critical, was found in Petraware pTransformer ADC up to 2.1.7. This affects a function of the component Login Form. The manipulation of the argument User ID as part of a Parameter leads to a sql injection...
Auteur: VulDB

CA Risk Authentication/Strong Authentication up to 9.0 information disclosure

A vulnerability, which was classified as problematic, has been found in CA Risk Authentication and Strong Authentication up to 9.0. Affected by this issue is some functionality. The manipulation with an unknown input leads to a information...
Auteur: VulDB

CA Risk Authentication/Strong Authentication up to 9.0 privilege escalation

A vulnerability classified as critical was found in CA Risk Authentication and Strong Authentication up to 9.0. Affected by this vulnerability is the functionality. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Anviz M3 prior Anviz M3 Pro weak authentication [CVE-2019-11523]

A vulnerability classified as critical has been found in Anviz M3. Affected is an unknown function. The manipulation with an unknown input leads to a weak authentication vulnerability. CWE is classifying the issue as CWE-287. This is going to...
Auteur: VulDB

EmpireCMS 7.5.0 e/member/doaction.php Referer Header cross site scripting

A vulnerability was found in EmpireCMS 7.5.0. It has been rated as problematic. This issue affects some processing of the file e/member/doaction.php. The manipulation as part of a Referer Header leads to a cross site scripting vulnerability....
Auteur: VulDB

EmpireCMS 7.5.0 e/member/doaction.php from cross site request forgery

A vulnerability was found in EmpireCMS 7.5.0. It has been declared as problematic. This vulnerability affects a code block of the file e/member/doaction.php. The manipulation of the argument from as part of a Parameter leads to a cross site...
Auteur: VulDB

Xpdf 4.01.01 fofi/FoFiTrueType.cc FoFiTrueType::dumpString PDF Document memory corruption

A vulnerability was found in Xpdf 4.01.01 (Document Reader Software). It has been classified as critical. This affects the function FoFiTrueType::dumpString of the file fofi/FoFiTrueType.cc. The manipulation as part of a PDF Document leads to a...
Auteur: VulDB

Kiboko Hostel Plugin up to 1.1.3 on WordPress cross site scripting

A vulnerability was found in Kiboko Hostel Plugin up to 1.1.3 on WordPress (Plugin Software) and classified as problematic. Affected by this issue is a part. The manipulation with an unknown input leads to a cross site scripting vulnerability....
Auteur: VulDB

Atlassian Crowd/Crowd Data Center up to 3.0.4/3.1.5/3.2.7/3.3.4/3.4.3 pdkinstall privilege escalation

A vulnerability has been found in Atlassian Crowd and Crowd Data Center up to 3.0.4/3.1.5/3.2.7/3.3.4/3.4.3 and classified as critical. Affected by this vulnerability is a functionality of the component pdkinstall. The manipulation with an...
Auteur: VulDB

CERTFR-2019-AVI-240 : SCADA Vulnérabilité dans les produits Siemens (27 mai 2019)

Une vulnérabilité a été découverte dans les produits Siemens. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Auteur: Cert FR

CERTFR-2019-AVI-239 : Multiples vulnérabilités dans Fortinet FortiOS (27 mai 2019)

De multiples vulnérabilités ont été découvertes dans Fortinet FortiOS. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une atteinte à la confidentialité des données et une injection de code indirecte à...
Auteur: Cert FR

Contrôle du blocage administratif des sites : la personnalité qualifiée présente son 4e rapport d’activité

M. Alexandre LINDEN, personnalité qualifiée désignée pour opérer le contrôle du blocage administratif des sites provoquant à des actes de terrorisme ou en faisant l’apologie, ou à caractère pédopornographique, a présenté son 4e rapport d’activité...
Auteur: Cnil

CMS Made Simple up to 2.2.10 m1_title Persistent cross site scripting [Disputed]

A vulnerability, which was classified as problematic, was found in CMS Made Simple up to 2.2.10 (Content Management System). Affected is a function. The manipulation of the argument m1_title with an unknown input leads to a cross site scripting...
Auteur: VulDB

Zoho ManageEngine ADSelfService Plus authorization.do adscsrf cross site request forgery

A vulnerability, which was classified as problematic, has been found in Zoho ManageEngine ADSelfService Plus (unknown version). This issue affects some functionality of the file authorization.do. The manipulation of the argument adscsrf as part...
Auteur: VulDB

Adobe Digital Editions up to 4.5.10.185749 Heap-based memory corruption

A vulnerability classified as critical has been found in Adobe Digital Editions up to 4.5.10.185749. This affects an unknown function. The manipulation with an unknown input leads to a memory corruption vulnerability (Heap-based). CWE is...
Auteur: VulDB

Adobe Photoshop CC up to 19.1.7/20.0.2 Heap-based memory corruption

A vulnerability was found in Adobe Photoshop CC up to 19.1.7/20.0.2 (Image Processing Software). It has been rated as critical. Affected by this issue is some processing. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Oracle Enterprise Manager Ops Center 12.3.3 Crash denial of service

A vulnerability was found in Oracle Enterprise Manager Ops Center 12.3.3 (Software Management Software) and classified as problematic. This issue affects a part of the component Enterprise Manager Ops Center. The manipulation with an unknown...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR1130 Kernel memory corruption

A vulnerability has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IoT, Snapdragon IoT, Snapdragon Mobile and Snapdragon Wearables up to SXR1130 (Chip Software) and classified as critical....
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDX20 Header memory corruption

A vulnerability, which was classified as critical, was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IoT, Snapdragon IoT, Snapdragon Mobile and Snapdragon Wearables (Chip Software). This...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDX24 smp2p Test Variable Double-Free memory corruption

A vulnerability, which was classified as critical, has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IoT, Snapdragon IoT, Snapdragon Mobile and Snapdragon Wearables (Chip Software)....
Auteur: VulDB

Qualcomm Snapdragon Auto up to SM7150 Elementary Stream Integer Underflow memory corruption

A vulnerability classified as critical was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IoT, Snapdragon IoT, Snapdragon Mobile and Snapdragon Wearables (Chip Software). Affected by this...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDX20 Elementary Stream Integer Underflow memory corruption

A vulnerability classified as critical has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IoT, Snapdragon IoT, Snapdragon Mobile and Snapdragon Wearables (Chip Software). Affected is an...
Auteur: VulDB
First385386387388389390391392393394Last

Événements SSI

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS