jeudi 19 septembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

MacCMS 8.0 inc/config/cache.php t_name cross site scripting

A vulnerability classified as problematic was found in MacCMS 8.0 (Content Management System). This vulnerability affects the functionality of the file inc/config/cache.php. The manipulation of the argument t_name as part of a Parameter leads to...
Auteur: VulDB

NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys denial of service

A vulnerability classified as problematic has been found in NVIDIA Windows GPU Display Driver (Hardware Driver Software). This affects an unknown function in the library nvlddmkm.sys of the component Kernel Mode Layer. The manipulation with an...
Auteur: VulDB

NVIDIA Windows GPU Display Driver Kernel Mode Layer Code Execution memory corruption

A vulnerability was found in NVIDIA Windows GPU Display Driver (Hardware Driver Software). It has been rated as critical. Affected by this issue is some processing of the component Kernel Mode Layer. The manipulation with an unknown input leads...
Auteur: VulDB

NVIDIA Windows GPU Display Driver Kernel Mode Layer memory corruption

A vulnerability was found in NVIDIA Windows GPU Display Driver (Hardware Driver Software). It has been declared as critical. Affected by this vulnerability is a code block of the component Kernel Mode Layer. The manipulation with an unknown...
Auteur: VulDB

NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys memory corruption

A vulnerability was found in NVIDIA Windows GPU Display Driver (Hardware Driver Software). It has been classified as critical. Affected is code in the library nvlddmkm.sys of the component Kernel Mode Layer. The manipulation with an unknown...
Auteur: VulDB

NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys memory corruption

A vulnerability was found in NVIDIA Windows GPU Display Driver (Hardware Driver Software) and classified as critical. This issue affects a part in the library nvlddmkm.sys of the component Kernel Mode Layer. The manipulation with an unknown...
Auteur: VulDB

NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys privilege escalation

A vulnerability has been found in NVIDIA Windows GPU Display Driver (Hardware Driver Software) and classified as critical. This vulnerability affects a functionality in the library nvlddmkm.sys of the component Kernel Mode Layer. The manipulation...
Auteur: VulDB

NVIDIA Windows GPU Display Driver 3D Vision Hard Link Code Execution

A vulnerability, which was classified as critical, was found in NVIDIA Windows GPU Display Driver (Hardware Driver Software). This affects a function of the component 3D Vision. The manipulation as part of a Hard Link leads to a privilege...
Auteur: VulDB

NetApp Clustered Data ONTAP up to 9.1P14/9.3P6 information disclosure

A vulnerability, which was classified as problematic, has been found in NetApp Clustered Data ONTAP up to 9.1P14/9.3P6. Affected by this issue is some functionality. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

IBM BigFix Platform 9.2/9.5 Query information disclosure

A vulnerability classified as problematic was found in IBM BigFix Platform 9.2/9.5. Affected by this vulnerability is the functionality of the component Query Handler. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

OpenSSL up to 1.0.2q Stitched Ciphersuite SSL_shutdown weak encryption

A vulnerability classified as critical has been found in OpenSSL up to 1.0.2q (Network Encryption Software). Affected is the function SSL_shutdown of the component Stitched Ciphersuite Handler. The manipulation with an unknown input leads to a...
Auteur: VulDB

PoDoFo 0.9.6 PdfMemoryManagement.cpp PoDoFo::podofo_calloc denial of service

A vulnerability was found in PoDoFo 0.9.6 (Document Reader Software). It has been rated as problematic. This issue affects the function PoDoFo::podofo_calloc of the file base/PdfMemoryManagement.cpp. The manipulation with an unknown input leads...
Auteur: VulDB

Apache Airflow up to 1.10.1 Metadata Database cross site scripting

A vulnerability was found in Apache Airflow up to 1.10.1. It has been declared as problematic. This vulnerability affects a code block of the component Metadata Database Handler. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

IBM SAN Volume Controller up to 8.2 directory traversal [CVE-2018-1775]

A vulnerability was found in IBM SAN Volume Controller, Storwize, Spectrum Virtualize and FlashSystem up to 8.2 (Network Encryption Software). It has been classified as problematic. This affects code. The manipulation with an unknown input leads...
Auteur: VulDB

PRTG Network Monitor 7.1.3.3378 cross site scripting [CVE-2019-9207]

A vulnerability, which was classified as problematic, has been found in PRTG Network Monitor 7.1.3.3378 (Network Management Software). Affected by this issue is some functionality of the file...
Auteur: VulDB

PRTG Network Monitor 7.1.3.3378 cross site scripting [CVE-2019-9206]

A vulnerability classified as problematic was found in PRTG Network Monitor 7.1.3.3378 (Network Management Software). Affected by this vulnerability is the functionality of the file...
Auteur: VulDB

OpenSSL Releases Security Update

Original release date: February 26, 2019 OpenSSL version 1.0.2r has been released to address a vulnerability for users of versions 1.0.2–1.0.2q. An attacker could exploit this vulnerability to obtain sensitive information.The Cybersecurity...
Auteur: US Cert

CERTFR-2019-AVI-079 : Vulnérabilité dans le noyau Linux de RedHat (26 février 2019)

Une vulnérabilité a été découverte dans le noyau Linux de RedHat . Elle permet à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Auteur: Cert FR

CERTFR-2019-AVI-078 : SCADA Multiples vulnérabilités dans Siemens WinCC OA (26 février 2019)

De multiples vulnérabilités ont été découvertes dans Siemens WinCC OA. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une élévation de privilèges.

Auteur: Cert FR

GNU C Library up to 2.29 Regular Expression posix/regexec.c proceed_next_node memory corruption

A vulnerability was found in GNU C Library up to 2.29 (Software Library). It has been classified as critical. This affects the function proceed_next_node of the file posix/regexec.c of the component Regular Expression Handler. The manipulation ...
Auteur: VulDB

GNU C Library up to 2.29 Regular Expression posix/regexec.c check_dst_limits_calc_pos_1 denial of service

A vulnerability was found in GNU C Library up to 2.29 (Software Library) and classified as problematic. Affected by this issue is the function check_dst_limits_calc_pos_1 of the file posix/regexec.c of the component Regular Expression Handler....
Auteur: VulDB

GNU C Library up to 2.27 Regular Expression posix/regcomp.c parse_reg_exp privilege escalation

A vulnerability has been found in GNU C Library up to 2.27 (Software Library) and classified as critical. Affected by this vulnerability is the function parse_reg_exp of the file posix/regcomp.c of the component Regular Expression Handler. The...
Auteur: VulDB

Woocommerce up to 3.5.4 Photoswipe Caption cross site scripting

A vulnerability, which was classified as problematic, was found in Woocommerce up to 3.5.4 (E-Commerce Management Software). Affected is a function of the component Photoswipe Caption Handler. The manipulation with an unknown input leads to a...
Auteur: VulDB

J2Store Plugin up to 3.3.6 on Joomla! product_option[] sql injection

A vulnerability has been found in J2Store Plugin up to 3.3.6 on Joomla! (Network Encryption Software) and classified as critical. This vulnerability affects a functionality. The manipulation of the argument product_option[] with an unknown input...
Auteur: VulDB

ZZZCMS zzzphp 1.6.1 save.php file/filetext privilege escalation

A vulnerability, which was classified as critical, was found in ZZZCMS zzzphp 1.6.1 (Content Management System). This affects a function of the file /admin015/save.php?act=editfile. The manipulation of the argument file/filetext with an unknown...
Auteur: VulDB
First393394395396397398399400401402Last

Événements SSI

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS