vendredi 13 décembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

XHQ up to 6.0.0.1 Web Interface privilege escalation

A vulnerability, which was classified as critical, was found in XHQ up to 6.0.0.1. This affects an unknown code of the component Web Interface. Upgrading to version 6.0.0.2 eliminates this vulnerability.
Auteur: VulDB

XHQ up to 6.0.0.1 Web Interface cross site request forgery

A vulnerability, which was classified as problematic, has been found in XHQ up to 6.0.0.1. Affected by this issue is an unknown part of the component Web Interface. Upgrading to version 6.0.0.2 eliminates this vulnerability.
Auteur: VulDB

Apache SpamAssassin up to 3.4.2 Message Resource Exhaustion denial of service

A vulnerability classified as problematic was found in Apache SpamAssassin up to 3.4.2 (Anti-Spam Software). Affected by this vulnerability is some unknown functionality of the component Message Handler. Upgrading to version 3.4.3 eliminates this...
Auteur: VulDB

Apache SpamAssassin up to 3.4.2 CF File privilege escalation

A vulnerability classified as critical has been found in Apache SpamAssassin up to 3.4.2 (Anti-Spam Software). Affected is an unknown functionality of the component CF File Handler. Upgrading to version 3.4.3 eliminates this vulnerability.
Auteur: VulDB

IBM DB2 High Performance Unload 6.1/6.5 Search Path privilege escalation

A vulnerability was found in IBM DB2 High Performance Unload 6.1/6.5 (Database Software). It has been rated as problematic. This issue affects an unknown function. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

minerstat msOS SSH Key weak authentication [CVE-2019-19750]

A vulnerability was found in minerstat msOS (the affected version is unknown). It has been declared as critical. This vulnerability affects some unknown processing of the component SSH Key. Upgrading eliminates this vulnerability. A possible...
Auteur: VulDB

Electronic Arts Origin up to 10.5.x privilege escalation [CVE-2019-19248]

A vulnerability was found in Electronic Arts Origin up to 10.5.x. It has been classified as critical. This affects an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Electronic Arts Origin up to 10.5.x privilege escalation [CVE-2019-19247]

A vulnerability was found in Electronic Arts Origin up to 10.5.x and classified as critical. Affected by this issue is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Scoutnet Kalender Plugin 1.1.0 on WordPress cross site scripting

A vulnerability has been found in Scoutnet Kalender Plugin 1.1.0 on WordPress (WordPress Plugin) and classified as problematic. Affected by this vulnerability is an unknown part. There is no information about possible countermeasures known. It...
Auteur: VulDB

DAViCal up to 1.1.8 action Reflected cross site scripting

A vulnerability, which was classified as problematic, was found in DAViCal up to 1.1.8. Affected is some unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected object with...
Auteur: VulDB

Intesync Solismed 3.3sp1 Database Stored weak encryption

A vulnerability, which was classified as problematic, has been found in Intesync Solismed 3.3sp1. This issue affects an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Cacti up to 1.2.7 Deserialization lib/functions.php Array memory corruption

A vulnerability classified as critical was found in Cacti up to 1.2.7 (Log Management Software). This vulnerability affects an unknown function in the library lib/functions.php of the component Deserialization. There is no information about...
Auteur: VulDB

Intesync Solismed 3.3sp1 Local File Inclusion privilege escalation

A vulnerability classified as critical has been found in Intesync Solismed 3.3sp1. This affects some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Intesync Solismed 3.3sp File Upload privilege escalation

A vulnerability was found in Intesync Solismed 3.3sp. It has been rated as critical. Affected by this issue is an unknown code block of the component File Upload. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Intesync Solismed 3.3sp cross site scripting [CVE-2019-15935]

A vulnerability was found in Intesync Solismed 3.3sp. It has been declared as problematic. Affected by this vulnerability is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Intesync Solismed 3.3sp cross site request forgery [CVE-2019-15934]

A vulnerability was found in Intesync Solismed 3.3sp. It has been classified as problematic. Affected is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Intesync Solismed 3.3sp sql injection [CVE-2019-15933]

A vulnerability was found in Intesync Solismed 3.3sp and classified as critical. This issue affects some unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected object with...
Auteur: VulDB

Intesync Solismed 3.3sp Access Control privilege escalation

A vulnerability has been found in Intesync Solismed 3.3sp and classified as critical. This vulnerability affects an unknown functionality of the component Access Control. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Intesync Solismed 3.3sp directory traversal [CVE-2019-15931]

A vulnerability, which was classified as critical, was found in Intesync Solismed 3.3sp. This affects an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Intesync Solismed 3.3sp Clickjacking cross site scripting

A vulnerability, which was classified as problematic, has been found in Intesync Solismed 3.3sp. Affected by this issue is some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

3scale up to 2.5 Session Cookie httponly privilege escalation

A vulnerability classified as problematic was found in 3scale up to 2.5. Affected by this vulnerability is an unknown code block of the component Session Cookie Handler. Upgrading to version 2.6 eliminates this vulnerability.
Auteur: VulDB

Siemens SIMATIC S7-1200 CPU UART privilege escalation [CVE-2019-13945]

A vulnerability classified as critical has been found in Siemens SIMATIC S7-1200 CPU (version unknown). Affected is an unknown code of the component UART Handler. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Desigo PXC00-E.D Web Server HTTP Message denial of service

A vulnerability was found in Desigo PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D, PXC00-U, PXC64-U, PXC128-U, PXA30-W0, PXA30-W1, PXA30-W2, PXC22.1-E.D, PXC36-E.D and PXC36.1-E.D. It has been rated as problematic. This issue affects an unknown...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130 Image memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wired Infrastructure and Networking. It has been declared as...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SXR2130 EMM memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wearables (Chip Software). It has been classified as critical. This affects an unknown...
Auteur: VulDB
12345678910Last

Événements SSI

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS