lundi 18 novembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Samsung SCX-824 swsAlert.sws msg cross site scripting

A vulnerability was found in Samsung SCX-824 (unknown version). It has been rated as problematic. This issue affects some processing of the file sws/swsAlert.sws?popupid=successMsg. The manipulation of the argument msg as part of a Parameter...
Auteur: VulDB

TP-LINK TL-WR840N v5 00000005 Network Name cross site scripting

A vulnerability was found in TP-LINK TL-WR840N v5 00000005. It has been declared as problematic. This vulnerability affects a code block of the component Network Name Handler. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

QEMU 4.0.0 hw/display/qxl.c interface_release_resource denial of service

A vulnerability was found in QEMU 4.0.0. It has been classified as problematic. This affects the function interface_release_resource of the file hw/display/qxl.c. The manipulation with an unknown input leads to a denial of service vulnerability...
Auteur: VulDB

Karamasoft UltimateEditor 1 File Upload privilege escalation

A vulnerability was found in Karamasoft UltimateEditor 1 and classified as critical. Affected by this issue is a part of the file UltimateEditorInclude/UserFiles/ of the component File Upload. The manipulation with an unknown input leads to a...
Auteur: VulDB

PrestaShop up to 1.7.5.1 install/index.php shop_country cross site scripting

A vulnerability has been found in PrestaShop up to 1.7.5.1 and classified as problematic. Affected by this vulnerability is a functionality of the file install/index.php. The manipulation of the argument shop_country as part of a Parameter leads...
Auteur: VulDB

Blue Prism Robotic Process Automation 6.4.0.8445 Access Control AutomateAppCore.dll privilege escalation

A vulnerability, which was classified as critical, was found in Blue Prism Robotic Process Automation 6.4.0.8445. Affected is a function in the library AutomateAppCore.dll of the component Access Control. The manipulation with an unknown input...
Auteur: VulDB

Quest KACE Systems Management Appliance up to 9.0 Web Application kbot_service_notsoap.php GET Parameter cross site scripting

A vulnerability, which was classified as problematic, has been found in Quest KACE Systems Management Appliance up to 9.0. This issue affects some functionality of the file /service/kbot_service_notsoap.php of the component Web Application. The...
Auteur: VulDB

Computrols CBAS 18.0.0 Username information disclosure

A vulnerability classified as problematic was found in Computrols CBAS 18.0.0. This vulnerability affects the functionality. The manipulation with an unknown input leads to a information disclosure vulnerability (Username). The CWE definition...
Auteur: VulDB

Computrols CBAS 18.0.0 cross site request forgery [CVE-2019-10847]

A vulnerability classified as problematic has been found in Computrols CBAS 18.0.0. This affects an unknown function. The manipulation with an unknown input leads to a cross site request forgery vulnerability. CWE is classifying the issue as...
Auteur: VulDB

Heidelberg Prinect Archiver 1.0 Reflected cross site scripting

A vulnerability was found in Heidelberg Prinect Archiver 1.0. It has been rated as problematic. Affected by this issue is some processing. The manipulation with an unknown input leads to a cross site scripting vulnerability (Reflected). Using...
Auteur: VulDB

FreeRADIUS up to 3.0.19 Logrotate privilege escalation

A vulnerability was found in FreeRADIUS up to 3.0.19. It has been declared as critical. Affected by this vulnerability is a code block of the component Logrotate Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Westermo DR-250 Pre-5162/DR-260 Pre-5162 cross site request forgery

A vulnerability was found in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 (version unknown). It has been classified as problematic. Affected is code. The manipulation with an unknown input leads to a cross site request forgery vulnerability. CWE...
Auteur: VulDB

Westermo DR-250 Pre-5162/DR-260 Pre-5162 ASP /uploadfile privilege escalation

A vulnerability was found in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 (unknown version) and classified as critical. This issue affects a part of the file /uploadfile of the component ASP Handler. The manipulation with an unknown input leads...
Auteur: VulDB

BitDefender Engine prior 7.76808 dalvik.xmd Parser memory corruption

A vulnerability has been found in BitDefender Engine and classified as critical. This vulnerability affects a functionality of the component dalvik.xmd Parser. The manipulation with an unknown input leads to a memory corruption vulnerability....
Auteur: VulDB

BitDefender Engine prior 7.76675 rar.xmd Parser memory corruption

A vulnerability, which was classified as critical, was found in BitDefender Engine. This affects a function of the component rar.xmd Parser. The manipulation with an unknown input leads to a memory corruption vulnerability. CWE is classifying...
Auteur: VulDB

BitDefender Engine prior 7.76662 iso.xmd Parser Divide-by-Zero denial of service

A vulnerability, which was classified as problematic, has been found in BitDefender Engine. Affected by this issue is some functionality of the component iso.xmd Parser. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

MLM Software ADD Clicking 1.0 member/readmsg.php m_id sql injection

A vulnerability classified as critical was found in MLM Software ADD Clicking, Binary, Level, Singleleg, Autopool, Investment, Bidding, Moneyorder, Repurchase and Gift 1.0. Affected by this vulnerability is the functionality of the file...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDX20 PMT Table Parser Use-After-Free memory corruption

A vulnerability classified as critical has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IoT, Snapdragon IoT, Snapdragon Mobile and Snapdragon Wearables (Chip Software). Affected is an...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDX24 Use-After-Free memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IoT, Snapdragon IoT, Snapdragon Mobile and Snapdragon Wearables (Chip Software). It has been rated as critical. This issue...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SM7150 Messages Use-After-Free memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IoT, Snapdragon IoT, Snapdragon Mobile and Snapdragon Wearables (Chip Software). It has been declared as critical. This...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDX20 Content Provider privilege escalation

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IoT, Snapdragon IoT, Snapdragon Mobile and Snapdragon Wearables (Chip Software). It has been classified as critical. This...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR1130 GNSS XTRA3 Integer Overflow memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IoT, Snapdragon IoT, Snapdragon Mobile and Snapdragon Wearables and classified as critical. Affected by this issue is a part...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SM7150 GNSS XTRA3 OTA Integer Overflow memory corruption

A vulnerability has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IoT, Snapdragon IoT, Snapdragon Mobile and Snapdragon Wearables and classified as critical. Affected by this...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR1130 memory corruption [CVE-2018-13885]

A vulnerability, which was classified as critical, was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IoT, Snapdragon IoT, Snapdragon Mobile and Snapdragon Wearables. Affected is a function....
Auteur: VulDB

Eventum 3.5.0 /htdocs/post_note.php garlic_prefix cross site scripting

A vulnerability, which was classified as problematic, has been found in Eventum 3.5.0. This issue affects some functionality of the file /htdocs/post_note.php. The manipulation of the argument garlic_prefix as part of a Parameter leads to a...
Auteur: VulDB
First386387388389390391392393394395Last

Événements SSI

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS