mardi 21 mai 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Blockchain et RGPD : quelles solutions pour un usage responsable en présence de données personnelles ?

La Blockchain est une technologie au potentiel de développement fort qui suscite de nombreuses questions, dont parfois celle de sa compatibilité au RGPD. C’est pourquoi la CNIL s’est saisie de ce sujet et propose des solutions concrètes aux...
Auteur: Cnil

Samsung email 5.0.02.16 EML File privilege escalation

A vulnerability, which was classified as critical, was found in Samsung email 5.0.02.16. This affects an unknown function of the component EML File Handler. The manipulation with an unknown input leads to a privilege escalation vulnerability....
Auteur: VulDB

Samsung Internet Browser up to 6.4.0.14 Installation Object privilege escalation

A vulnerability, which was classified as critical, has been found in Samsung Internet Browser up to 6.4.0.14. Affected by this issue is an unknown function of the component Installation. The manipulation as part of a Object leads to a privilege...
Auteur: VulDB

RXTEC RXAdmin Update 06 2012 Parameter sql injection

A vulnerability classified as critical was found in RXTEC RXAdmin Update 06 2012. Affected by this vulnerability is an unknown function. The manipulation of the argument loginpassword/loginusername/zusatzlicher/groupid/rxtec as part of a...
Auteur: VulDB

McAfee True Key up to 5.1.164 Microsoft Windows Client privilege escalation

A vulnerability, which was classified as problematic, was found in McAfee True Key up to 5.1.164. Affected is an unknown function of the component Microsoft Windows Client. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

McAfee True Key up to 4.0.0.0 cross site scripting [CVE-2018-6682]

A vulnerability, which was classified as problematic, has been found in McAfee True Key up to 4.0.0.0. This issue affects an unknown function. The manipulation with an unknown input leads to a cross site scripting vulnerability. Using CWE to...
Auteur: VulDB

HDF5 1.10.3 H5S.c H5S_extent_get_dims() GIF File memory corruption

A vulnerability classified as critical was found in HDF5 1.10.3. This vulnerability affects the function H5S_extent_get_dims() of the file H5S.c. The manipulation as part of a GIF File leads to a memory corruption vulnerability (Stack-based)....
Auteur: VulDB

HDF5 up to 1.10.3 H5Dselect.c H5D__select_io() denial of service

A vulnerability classified as problematic has been found in HDF5 up to 1.10.3. This affects the function H5D__select_io() of the file H5Dselect.c. The manipulation with an unknown input leads to a denial of service vulnerability. CWE is...
Auteur: VulDB

HDF5 up to 1.10.3 H5Odtype.c H5O_dtype_decode_helper() denial of service

A vulnerability was found in HDF5 up to 1.10.3. It has been rated as problematic. Affected by this issue is the function H5O_dtype_decode_helper() of the file H5Odtype.c. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

HDF5 up to 1.10.3 decompress.c ReadCode() GIF File denial of service

A vulnerability was found in HDF5 up to 1.10.3. It has been declared as problematic. Affected by this vulnerability is the function ReadCode() of the file decompress.c. The manipulation as part of a GIF File leads to a denial of service...
Auteur: VulDB

HDF5 up to 1.10.3 H5Oattr.c H5O_attr_decode() GIF File memory corruption

A vulnerability was found in HDF5 up to 1.10.3. It has been classified as critical. Affected is the function H5O_attr_decode() of the file H5Oattr.c. The manipulation as part of a GIF File leads to a memory corruption vulnerability (Heap-based)....
Auteur: VulDB

HDF5 up to 1.10.3 h5repack_filters.c apply_filters() denial of service

A vulnerability was found in HDF5 up to 1.10.3 and classified as problematic. This issue affects the function apply_filters() of the file h5repack_filters.c. The manipulation with an unknown input leads to a denial of service vulnerability....
Auteur: VulDB

HDF5 up to 1.10.3 gifread.c ReadGifImageDesc() GIF File memory corruption

A vulnerability has been found in HDF5 up to 1.10.3 and classified as critical. This vulnerability affects the function ReadGifImageDesc() of the file gifread.c. The manipulation as part of a GIF File leads to a memory corruption vulnerability...
Auteur: VulDB

HDF5 up to 1.10.3 H5Osdspace.c H5O_sdspace_encode() denial of service

A vulnerability, which was classified as problematic, was found in HDF5 up to 1.10.3. This affects the function H5O_sdspace_encode() of the file H5Osdspace.c. The manipulation with an unknown input leads to a denial of service vulnerability...
Auteur: VulDB

Asterisk PBX up to 13.23.0/14.7.7/15.6.0 res_http_websocket.so HTTP Request denial of service

A vulnerability, which was classified as problematic, has been found in Asterisk PBX up to 13.23.0/14.7.7/15.6.0. Affected by this issue is an unknown function of the file res_http_websocket.so. The manipulation as part of a HTTP Request leads...
Auteur: VulDB

Tgstation tgstation-server up to 3.2.4.0 Login Cache weak authentication

A vulnerability classified as critical was found in Tgstation tgstation-server up to 3.2.4.0. Affected by this vulnerability is an unknown function of the component Login Cache. The manipulation with an unknown input leads to a weak...
Auteur: VulDB

Localize My Post Plugin 1.0 on WordPress ajax/include.php file directory traversal

A vulnerability classified as critical has been found in Localize My Post Plugin 1.0 on WordPress. Affected is an unknown function of the file ajax/include.php. The manipulation of the argument file with an unknown input leads to a directory...
Auteur: VulDB

Wechat Broadcast Plugin up to 1.2.0 on WordPress Image.php url directory traversal

A vulnerability was found in Wechat Broadcast Plugin up to 1.2.0 on WordPress. It has been rated as critical. This issue affects an unknown function of the file Image.php. The manipulation of the argument url with an unknown input leads to a...
Auteur: VulDB

Avaya Management System R17.0.x/R18.0.x Supervisor information disclosure

A vulnerability was found in Avaya Management System R17.0.x/R18.0.x. It has been declared as problematic. This vulnerability affects an unknown function of the component Supervisor. The manipulation with an unknown input leads to a information...
Auteur: VulDB

Honeywell EDA51 Application privilege escalation

A vulnerability was found in Honeywell CT40, CT60, CN51, CN75, CN75e, CN80, CR50, D75e, EDA50, EDA50k and EDA51. It has been classified as critical. This affects an unknown function of the component Application. The manipulation as part of a...
Auteur: VulDB

Samsung Galaxy S8 G950FXXU1AQL5 IPCP Header Stack-based memory corruption

A vulnerability, which was classified as critical, was found in Samsung Galaxy S8 G950FXXU1AQL5. Affected is an unknown function of the component IPCP Header Handler. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Druide Antidote up to 9.5.1 on Windows/Linux Update Code Execution weak encryption

A vulnerability, which was classified as critical, has been found in Druide Antidote up to 9.5.1 on Windows/Linux. This issue affects an unknown function. The manipulation as part of a Update leads to a weak encryption vulnerability (Code...
Auteur: VulDB

CryptoSaga random() Smart Contract privilege escalation

A vulnerability classified as critical was found in CryptoSaga (the affected version is unknown). This vulnerability affects the function random(). The manipulation as part of a Smart Contract leads to a privilege escalation vulnerability (RNG)....
Auteur: VulDB

Samsung Members prior 2.4.25 Intent privilege escalation

A vulnerability classified as critical has been found in Samsung Members. This affects an unknown function of the component Intent Handler. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is classifying...
Auteur: VulDB

Samsung GALAXY Apps prior 4.2.18.2 Staging Mode privilege escalation

A vulnerability was found in Samsung GALAXY Apps. It has been rated as problematic. Affected by this issue is an unknown function of the component Staging Mode. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB
First389390391392393394395396397398Last

Événements SSI

READY FOR IT

La première édition de Ready For IT se déroule du 20 au 22 mai 2019 à Monaco (Grimaldi Forum) : conférences, keynotes, ateliers et rendez-vous one-to-one. Organisé par DG Consultants.

Présentation de l'événement par l'organisateur

DG Consultants, l’organisateur depuis 18 ans des Assises de la Sécurité, innove en lançant Ready For It, un nouveau rendez-vous business, centré sur la convergence des technologies et l’expérience client.
Pourquoi ce nouvel événement ?
Parce que la demande explose de la part des entreprises qui sont toutes engagées dans la transformation numérique.
Tandis que les fournisseurs font évoluer leurs offres et s’organisent en écosystèmes technologiques afin d’ être au plus proches des besoins de leurs clients.
Entre les impératifs business, les demandes des métiers, les contraintes techniques, les promesses des nouveaux concepts (IA, BlockChain…), les organisations sont en attente de solutions, de conseils et de service.
S’engager dans le Cloud ?
Oui mais comment et avec quel partenaire ?
Structurer les données mais avec quelles technologies et dans quel cadre ? Et quid de la sécurité qui doit désormais être au cœur de tous les processus IT ?
Voilà pourquoi DG Consultants, la référence dans le monde des rencontres d’affaires a conçu Ready For It.
Pour réunir dans un cadre convivial et autour de contenu de qualité tous les acteurs importants de l’IT, mais également les start-ups qui savent apporter l’innovation et la « disruption ».
Rendez-vous du 20 au 22 mai 2019 à Monaco !

Plus d'infos sur le site dédié à l'événement.

 

HACK IN PARIS

Pour sa 9ème édition la conférence Hack In Paris sur la sécurité IT se tient du 16 au 20 juin 2019 à Paris, Maison de la Chimie. Organisée par Sysdream.

RSS