vendredi 19 juillet 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

QNAP QTS up to 4.2.6/4.3.3/4.3.4/4.3.5 Media Server NULL Pointer Dereference denial of service

A vulnerability was found in QNAP QTS up to 4.2.6/4.3.3/4.3.4/4.3.5 and classified as problematic. This issue affects an unknown function of the component Media Server. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

QNAP QTS up to 4.2.6/4.3.3/4.3.4/4.3.5 command injection [CVE-2018-14746]

A vulnerability has been found in QNAP QTS up to 4.2.6/4.3.3/4.3.4/4.3.5 and classified as critical. This vulnerability affects an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability (Command...
Auteur: VulDB

Samba up to 4.7.11/4.8.6/4.9.2 LDAP Server Loop denial of service

A vulnerability, which was classified as problematic, was found in Samba up to 4.7.11/4.8.6/4.9.2. This affects an unknown function of the component LDAP Server. The manipulation with an unknown input leads to a denial of service vulnerability...
Auteur: VulDB

Snapdragon Automobile/Mobile/Wear up to SXR1130 DRM Return Value memory corruption

A vulnerability, which was classified as critical, was found in Snapdragon Automobile, Mobile and Wear. Affected is an unknown function of the component DRM. The manipulation as part of a Return Value leads to a memory corruption vulnerability....
Auteur: VulDB

Snapdragon Automobile/Mobile up to SXR1130 OEM Crypto memory corruption

A vulnerability, which was classified as critical, has been found in Snapdragon Automobile and Mobile. This issue affects an unknown function of the component OEM Crypto. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Snapdragon Automobile/Mobile/Wear up to SXR1130 PDP Decoder Modify Request memory corruption

A vulnerability classified as critical was found in Snapdragon Automobile, Mobile and Wear. This vulnerability affects an unknown function of the component PDP Decoder. The manipulation as part of a Modify Request leads to a memory corruption...
Auteur: VulDB

Snapdragon Automobile/Mobile up to SDA660 Video memory corruption

A vulnerability classified as critical has been found in Snapdragon Automobile and Mobile up to SDA660. This affects an unknown function of the component Video. The manipulation with an unknown input leads to a memory corruption vulnerability....
Auteur: VulDB

Snapdragon Automobile/Mobile/Wear up to SDX20 Device Programmer memory corruption

A vulnerability was found in Snapdragon Automobile, Mobile and Wear. It has been rated as critical. Affected by this issue is an unknown function of the component Device Programmer. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

Snapdragon Mobile SD 835/SDA660/SDX24 Service Image Loader Pointer Dereference denial of service

A vulnerability was found in Snapdragon Mobile SD 835/SDA660/SDX24. It has been declared as problematic. Affected by this vulnerability is an unknown function of the component Service Image Loader. The manipulation with an unknown input leads to...
Auteur: VulDB

Rapid7 Komand up to 0.41.0 API Response Plaintext information disclosure

A vulnerability was found in Rapid7 Komand up to 0.41.0. It has been classified as problematic. Affected is an unknown function of the component API. The manipulation as part of a Response leads to a information disclosure vulnerability...
Auteur: VulDB

Interspire Email Marketer up to 6.1.6 remote.php Request Server-Side Request Forgery

A vulnerability was found in Interspire Email Marketer up to 6.1.6 and classified as critical. This issue affects an unknown function of the file admin/functions/remote.php. The manipulation as part of a Request leads to a privilege escalation...
Auteur: VulDB

ShowDoc 2.4.2 cross site request forgery [CVE-2018-19621]

A vulnerability, which was classified as problematic, has been found in ShowDoc 2.4.2. Affected by this issue is an unknown function of the file server/index.php?s=/api/teamMember/save. The manipulation with an unknown input leads to a cross...
Auteur: VulDB

Imperva SecureSphere 13.0.10/13.1.10/13.2.10 Python CGI Script Argument command injection

A vulnerability has been found in Imperva SecureSphere 13.0.10/13.1.10/13.2.10 and classified as critical. This vulnerability affects an unknown function of the component Python CGI Script. The manipulation as part of a Argument leads to a...
Auteur: VulDB

OpenWrt/LEDE uhttpd cgi-bin/ cgi_handle_request Request cross site scripting

A vulnerability, which was classified as problematic, was found in OpenWrt and LEDE. This affects the function cgi_handle_request of the file cgi-bin/ of the component uhttpd. The manipulation as part of a Request leads to a cross site scripting...
Auteur: VulDB

ShowDoc 2.4.1 page_id privilege escalation

A vulnerability classified as critical was found in ShowDoc 2.4.1. Affected by this vulnerability is an unknown function. The manipulation of the argument page_id with an unknown input leads to a privilege escalation vulnerability. The CWE...
Auteur: VulDB

Symantec Endpoint Protection up to 14.2 DLL Loader privilege escalation

A vulnerability was found in Symantec Endpoint Protection up to 14.2. It has been rated as problematic. This issue affects an unknown function of the component DLL Loader. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Symantec Endpoint Protection Detection Engine Bypass privilege escalation

A vulnerability was found in Symantec Endpoint Protection, Endpoint Protection Small Business Edition and Symantec Endpoint Protection Cloud. It has been declared as critical. This vulnerability affects an unknown function of the component...
Auteur: VulDB

Symantec Endpoint Protection Detection Engine Bypass privilege escalation

A vulnerability was found in Symantec Endpoint Protection, Endpoint Protection Small Business Edition and Symantec Endpoint Protection Cloud. It has been classified as critical. This affects an unknown function of the component Detection Engine....
Auteur: VulDB

3ve – Fraudulent Online Advertising

Original release date: November 27, 2018 The Department of Homeland Security and the Federal Bureau of Investigation have released a joint Technical Alert (TA) on a major online ad fraud operation—referred to by the U.S. Government as...
Auteur: US Cert

Samba Releases Security Updates

Original release date: November 27, 2018 The Samba Team has released security updates to address several vulnerabilities in Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system.NCCIC...
Auteur: US Cert

CERTFR-2018-AVI-574 : SCADA Multiples vulnérabilités dans Schneider Electric Modicon (27 novembre 2018)

De multiples vulnérabilités ont été découvertes dans Schneider Electric Modicon. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à...
Auteur: Cert FR

CERTFR-2018-AVI-573 : Multiples vulnérabilités dans le noyau Linux de SUSE (27 novembre 2018)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE . Elles permettent à un attaquant de provoquer un déni de service à distance.

Auteur: Cert FR

CERTFR-2018-AVI-572 : Multiples vulnérabilités dans le noyau Linux de RedHat (27 novembre 2018)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de RedHat . Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur et un déni de service.

Auteur: Cert FR

CERTFR-2018-AVI-571 : Multiples vulnérabilités dans Samba (27 novembre 2018)

De multiples vulnérabilités ont été découvertes dans Samba . Elles permettent à un attaquant de provoquer un déni de service à distance et une atteinte à l'intégrité des données.

Auteur: Cert FR

Google Android Fastboot Memory Leak denial of service

A vulnerability has been found in Google Android (the affected version is unknown) and classified as problematic. This vulnerability affects an unknown function of the component Fastboot. The manipulation with an unknown input leads to a denial...
Auteur: VulDB
First389390391392393394395396397398Last

Événements SSI

BLACK HAT

Événement majeur mondial sur la sécurité de l'information la conférence Black Hat USA a lieu du 3 au 8 août 2019 à Las Vegas (Mandalay Bay). Organisé par UBM.


Présentation par l'organisateur

Now in its 22nd year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2019 opens with four days of technical Trainings (August 3-6) followed by the two-day main conference (August 7-8) featuring Briefings, Arsenal, Business Hall, and more.

 Plus d'infos sur le site dédié à l'événement.

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

Présentation par l'organisateur



Retour sur Les Assises 2018

La 18ème édition des Assises de la Sécurité à Monaco, c’est terminé ! Encore merci aux 2800 participants dont les 160 partenaires qui pendant trois jours se sont retrouvés pour faire vivre cet événement unique en France. Conférences, one-to-one, tables-rondes, ateliers, moments de networking… Par leur contenu, par la qualité des visiteurs et par la richesse des échanges, les Assises se positionnent plus que jamais comme le rendez-vous incontournable de tous les professionnels de la cybersécurité. A l’image du marché qui ne cesse d’évoluer, les Assises savent adapter leur offre afin de répondre au mieux aux attentes du secteur. Ainsi cette édition a-t-elle voulu mettre en avant les grands enjeux du moment en multipliant les prises de parole, les démonstrations et les retours d’expérience.

Rendez-vous maintenant pour la prochaine édition qui aura lieu du 9 au 12 octobre 2019

Plus d'informations sur le site dédié à l'événement.

RSS