lundi 19 août 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Linux Kernel up to 5.2.8 Endpoint Descriptor usb.c denial of service

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.2.8. Affected is an unknown functionality of the file drivers/net/wireless/ath/ath10k/usb.c of the component Endpoint Descriptor Handler. There is no...
Auteur: VulDB

Linux Kernel up to 5.2.8 Endpoint Descriptor usb.c denial of service

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.2.8 (Operating System). This issue affects an unknown function of the file drivers/net/wireless/ath/ath6kl/usb.c of the component Endpoint Descriptor...
Auteur: VulDB

GNU Patch up to 2.7.6 String pch.c do_ed_script Shell Metacharacter privilege escalation

A vulnerability was found in GNU Patch up to 2.7.6. It has been declared as critical. Affected by this vulnerability is the function do_ed_script of the file pch.c of the component String Handler. There is no information about possible...
Auteur: VulDB

CERTFR-2019-AVI-402 : Multiples vulnérabilités dans Apache Httpd (16 août 2019)

De multiples vulnérabilités ont été découvertes dans Apache Httpd. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur et un déni de service à distance.

Auteur: Cert FR

CERTFR-2019-AVI-401 : Multiples vulnérabilités dans LibreOffice (16 août 2019)

De multiples vulnérabilités ont été découvertes dans LibreOffice. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité.

Auteur: Cert FR

CERTFR-2019-AVI-400 : Vulnérabilité dans Mozilla Firefox (16 août 2019)

Une vulnérabilité a été découverte dans Mozilla Firefox. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

Auteur: Cert FR

LibreOffice up to 6.2.5 Macro share/Scripts/python Document directory traversal

A vulnerability, which was classified as critical, has been found in LibreOffice up to 6.2.5 (Office Suite Software). Affected by this issue is an unknown part of the file share/Scripts/python of the component Macro Handler. Upgrading to version...
Auteur: VulDB

stb_vorbis up to 2019-03-04 OGG Vorbis File lookup1_values denial of service

A vulnerability was found in stb_vorbis up to 2019-03-04. It has been declared as problematic. Affected by this vulnerability is the function lookup1_values of the component OGG Vorbis File Handler. There is no information about possible...
Auteur: VulDB

stb_vorbis up to 2019-03-04 OGG Vorbis File draw_line memory corruption

A vulnerability was found in stb_vorbis up to 2019-03-04. It has been classified as critical. Affected is the function draw_line of the component OGG Vorbis File Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

stb_vorbis up to 2019-03-04 OGG Vorbis File compute_codewords memory corruption

A vulnerability was found in stb_vorbis up to 2019-03-04 and classified as critical. This issue affects the function compute_codewords of the component OGG Vorbis File Handler. There is no information about possible countermeasures known. It may...
Auteur: VulDB

LibreOffice up to 6.2.5 LibreLogo Python Command privilege escalation

A vulnerability classified as critical was found in LibreOffice up to 6.2.5 (Office Suite Software). Affected by this vulnerability is some unknown functionality of the component LibreLogo. Upgrading to version 6.2.6 eliminates this vulnerability.
Auteur: VulDB

LibreOffice up to 6.2.5 LibreLogo URL privilege escalation

A vulnerability classified as critical has been found in LibreOffice up to 6.2.5. Affected is an unknown functionality of the component LibreLogo. Upgrading to version 6.2.6 eliminates this vulnerability.
Auteur: VulDB

3S-Smart CODESYS Control V3 weak encryption

A vulnerability was found in 3S-Smart CODESYS Control V3 (unknown version). It has been rated as critical. This issue affects an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

3S-Smart CODESYS Control V3 prior 3.5.14.20 denial of service

A vulnerability was found in 3S-Smart CODESYS Control V3. It has been declared as problematic. This vulnerability affects some unknown processing. Upgrading to version 3.5.14.20 eliminates this vulnerability.
Auteur: VulDB

3S-Smart CODESYS Control V3 prior 3.5.14.20 Gateway privilege escalation

A vulnerability was found in 3S-Smart CODESYS Control V3. It has been classified as critical. This affects an unknown code block of the component Gateway. Upgrading to version 3.5.14.20 eliminates this vulnerability.
Auteur: VulDB

Tenable Nessus up to 8.5.2 on Windows denial of service

A vulnerability was found in Tenable Nessus up to 8.5.2 on Windows and classified as problematic. Affected by this issue is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

ZTE ZXHN F670 up to V1.1.10P3T18 cross site scripting

A vulnerability has been found in ZTE ZXHN F670 up to V1.1.10P3T18 and classified as problematic. Affected by this vulnerability is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

ZTE ZXHN F670 up to V1.1.10P3T18 Parameter command injection

A vulnerability, which was classified as critical, was found in ZTE ZXHN F670 up to V1.1.10P3T18. Affected is some unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

OpenCA 3.x Admin Panel Stored cross site scripting

A vulnerability, which was classified as problematic, has been found in OpenCA 3.x. This issue affects an unknown functionality of the component Admin Panel. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Dolibarr 11.0.0-alpha Settings Page user/card.php cross site request forgery

A vulnerability classified as problematic was found in Dolibarr 11.0.0-alpha. This vulnerability affects an unknown function of the file user/card.php of the component Settings Page. There is no information about possible countermeasures known....
Auteur: VulDB

FV Flowplayer Video Player prior 7.3.15.727 on WordPress Email Subscription List admin-post.php information disclosure

A vulnerability classified as problematic has been found in FV Flowplayer Video Player on WordPress. This affects some unknown processing of the file wp-admin/admin-post.php?page=fvplayer&fv-email-export=1 of the component Email Subscription List...
Auteur: VulDB

toggle-the-title Plugin 1.4 on WordPress admin-ajax.php Parameter cross site scripting

A vulnerability was found in toggle-the-title Plugin 1.4 on WordPress. It has been rated as problematic. Affected by this issue is an unknown code block of the file wp-admin/admin-ajax.php?action=update_title_options. There is no information...
Auteur: VulDB

limb-gallery Plugin 1.4.0 on WordPress admin-ajax.php task cross site scripting

A vulnerability was found in limb-gallery Plugin 1.4.0 on WordPress (Photo Gallery Software). It has been declared as problematic. Affected by this vulnerability is an unknown code of the file...
Auteur: VulDB

Custom 404 Pro Plugin 3.2.8 on WordPress admin.php page cross site scripting

A vulnerability was found in Custom 404 Pro Plugin 3.2.8 on WordPress (WordPress Plugin). It has been classified as problematic. Affected is an unknown part of the file wp-admin/admin.php?page=c4p-main. There is no information about possible...
Auteur: VulDB

Tribulant Newsletters Plugin up to 4.6.18 on WordPress admin-ajax.php subscribers[1][1] directory traversal

A vulnerability was found in Tribulant Newsletters Plugin up to 4.6.18 on WordPress and classified as critical. This issue affects some unknown functionality of the file wp-admin/admin-ajax.php?action=newsletters_exportmultiple. Upgrading to...
Auteur: VulDB
12345678910Last

Événements SSI

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

Présentation par l'organisateur



Retour sur Les Assises 2018

La 18ème édition des Assises de la Sécurité à Monaco, c’est terminé ! Encore merci aux 2800 participants dont les 160 partenaires qui pendant trois jours se sont retrouvés pour faire vivre cet événement unique en France. Conférences, one-to-one, tables-rondes, ateliers, moments de networking… Par leur contenu, par la qualité des visiteurs et par la richesse des échanges, les Assises se positionnent plus que jamais comme le rendez-vous incontournable de tous les professionnels de la cybersécurité. A l’image du marché qui ne cesse d’évoluer, les Assises savent adapter leur offre afin de répondre au mieux aux attentes du secteur. Ainsi cette édition a-t-elle voulu mettre en avant les grands enjeux du moment en multipliant les prises de parole, les démonstrations et les retours d’expérience.

Rendez-vous maintenant pour la prochaine édition qui aura lieu du 9 au 12 octobre 2019

Plus d'informations sur le site dédié à l'événement.

RSS