dimanche 15 septembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Google Android 9.0 keymaster_app.c event_handler denial of service

A vulnerability classified as critical has been found in Google Android 9.0 (Smartphone Operating System). Affected is the function event_handler of the file keymaster_app.c. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

Google Android up to 9.0 Wireless random.c random_get_bytes weak encryption

A vulnerability was found in Google Android up to 9.0 (Smartphone Operating System). It has been rated as critical. This issue affects the function random_get_bytes of the file random.c of the component Wireless Handler. The manipulation with an...
Auteur: VulDB

Google Android 8.0/8.1/9.0 avrc_pars_ct.cc avrc_pars_browse_rsp memory corruption

A vulnerability was found in Google Android 8.0/8.1/9.0 (Smartphone Operating System). It has been declared as critical. This vulnerability affects the function avrc_pars_browse_rsp of the file avrc_pars_ct.cc. The manipulation with an unknown...
Auteur: VulDB

Google Android up to 9.0 Email Attachment ComposeActivityEmail.java ComposeActivityEmail information disclosure

A vulnerability was found in Google Android up to 9.0 (Smartphone Operating System). It has been classified as problematic. This affects the function ComposeActivityEmail of the file ComposeActivityEmail.java of the component Email Attachment...
Auteur: VulDB

Google Android 8.0/8.1/9.0 Development Settings DevelopmentTiles.java privilege escalation

A vulnerability was found in Google Android 8.0/8.1/9.0 (Smartphone Operating System) and classified as critical. Affected by this issue is a part of the file DevelopmentTiles.java of the component Development Settings Handler. The manipulation ...
Auteur: VulDB

baigo CMS 2.1.1 opt_base.inc.php BG_SITE_NAME Remote Code Execution

A vulnerability was found in baigo CMS 2.1.1 (Content Management System). It has been classified as critical. This affects code of the file opt_base.inc.php. The manipulation of the argument BG_SITE_NAME as part of a Parameter leads to a...
Auteur: VulDB

Asterisk Open Source up to 15.7.1/16.2.0 Crash denial of service

A vulnerability was found in Asterisk Open Source up to 15.7.1/16.2.0 (Communications System). It has been declared as problematic. This vulnerability affects a code block. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

Cisco Releases Security Updates

Original release date: February 27, 2019 Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.The...
Auteur: US Cert

National Consumer Protection Week

Original release date: February 27, 2019 National Consumer Protection Week (NCPW) is March 3–9. This annual event encourages individuals and businesses to learn about their consumer rights and how to keep themselves secure. The Federal...
Auteur: US Cert

CERTFR-2019-AVI-080 : Vulnérabilité dans OpenSSL (27 février 2019)

Une vulnérabilité a été découverte dans OpenSSL. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

Auteur: Cert FR

Avaya one-X Communicator up to 6.2 SP12 Client Authentication weak encryption

A vulnerability was found in Avaya one-X Communicator up to 6.2 SP12 (Network Encryption Software) and classified as critical. This issue affects a part of the component Client Authentication Handler. The manipulation with an unknown input leads...
Auteur: VulDB

AdvanceCOMP 2.1 advpng pngex.cc png_compress memory corruption

A vulnerability was found in AdvanceCOMP 2.1 and classified as critical. Affected by this issue is the function png_compress of the file pngex.cc of the component advpng. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

SOFA-Hessian up to 4.0.2 Blacklist Hessian Object Command privilege escalation

A vulnerability, which was classified as critical, was found in SOFA-Hessian up to 4.0.2. Affected is a function of the component Blacklist. The manipulation as part of a Hessian Object leads to a privilege escalation vulnerability (Command)....
Auteur: VulDB

GNU PSPP 1.2.0 data/sys-file-writer.c write_long_string_missing_values() denial of service

A vulnerability, which was classified as problematic, has been found in GNU PSPP 1.2.0. This issue affects the function write_long_string_missing_values() of the file data/sys-file-writer.c. The manipulation with an unknown input leads to a...
Auteur: VulDB

MacCMS 8.0 inc/config/cache.php t_name cross site scripting

A vulnerability classified as problematic was found in MacCMS 8.0 (Content Management System). This vulnerability affects the functionality of the file inc/config/cache.php. The manipulation of the argument t_name as part of a Parameter leads to...
Auteur: VulDB

NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys denial of service

A vulnerability classified as problematic has been found in NVIDIA Windows GPU Display Driver (Hardware Driver Software). This affects an unknown function in the library nvlddmkm.sys of the component Kernel Mode Layer. The manipulation with an...
Auteur: VulDB

NVIDIA Windows GPU Display Driver Kernel Mode Layer Code Execution memory corruption

A vulnerability was found in NVIDIA Windows GPU Display Driver (Hardware Driver Software). It has been rated as critical. Affected by this issue is some processing of the component Kernel Mode Layer. The manipulation with an unknown input leads...
Auteur: VulDB

NVIDIA Windows GPU Display Driver Kernel Mode Layer memory corruption

A vulnerability was found in NVIDIA Windows GPU Display Driver (Hardware Driver Software). It has been declared as critical. Affected by this vulnerability is a code block of the component Kernel Mode Layer. The manipulation with an unknown...
Auteur: VulDB

NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys memory corruption

A vulnerability was found in NVIDIA Windows GPU Display Driver (Hardware Driver Software). It has been classified as critical. Affected is code in the library nvlddmkm.sys of the component Kernel Mode Layer. The manipulation with an unknown...
Auteur: VulDB

NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys memory corruption

A vulnerability was found in NVIDIA Windows GPU Display Driver (Hardware Driver Software) and classified as critical. This issue affects a part in the library nvlddmkm.sys of the component Kernel Mode Layer. The manipulation with an unknown...
Auteur: VulDB

NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys privilege escalation

A vulnerability has been found in NVIDIA Windows GPU Display Driver (Hardware Driver Software) and classified as critical. This vulnerability affects a functionality in the library nvlddmkm.sys of the component Kernel Mode Layer. The manipulation...
Auteur: VulDB

NVIDIA Windows GPU Display Driver 3D Vision Hard Link Code Execution

A vulnerability, which was classified as critical, was found in NVIDIA Windows GPU Display Driver (Hardware Driver Software). This affects a function of the component 3D Vision. The manipulation as part of a Hard Link leads to a privilege...
Auteur: VulDB

NetApp Clustered Data ONTAP up to 9.1P14/9.3P6 information disclosure

A vulnerability, which was classified as problematic, has been found in NetApp Clustered Data ONTAP up to 9.1P14/9.3P6. Affected by this issue is some functionality. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

IBM BigFix Platform 9.2/9.5 Query information disclosure

A vulnerability classified as problematic was found in IBM BigFix Platform 9.2/9.5. Affected by this vulnerability is the functionality of the component Query Handler. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

OpenSSL up to 1.0.2q Stitched Ciphersuite SSL_shutdown weak encryption

A vulnerability classified as critical has been found in OpenSSL up to 1.0.2q (Network Encryption Software). Affected is the function SSL_shutdown of the component Stitched Ciphersuite Handler. The manipulation with an unknown input leads to a...
Auteur: VulDB
First386387388389390391392393394395Last

Événements SSI

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS