mardi 16 juillet 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Intersystems Cache 2017.2.2.865.0 cross site scripting [CVE-2018-17150]

A vulnerability was found in Intersystems Cache 2017.2.2.865.0. It has been classified as problematic. This affects an unknown functionality. The manipulation with an unknown input leads to a cross site scripting vulnerability. CWE is...
Auteur: VulDB

Atlassian Releases Security Updates for Jira

Original release date: July 11, 2019Atlassian has released security updates to address a vulnerability affecting Jira Server and Jira Data Center. A remote attacker could exploit this vulnerability to take control of an affected system. The...
Auteur: US Cert

Certification des compétences du DPO : la CNIL délivre son premier agrément

En application du référentiel d’agrément en matière de certification des compétences du délégué à la protection des données (DPO) adopté en septembre 2018, la CNIL agrée AFNOR CERTIFICATION.
Auteur: Cnil

D-Link DIR-655 C up to 3.02B05 BETA02 Management Console cross site request forgery

A vulnerability was found in D-Link DIR-655 C up to 3.02B05 BETA02 and classified as problematic. Affected by this issue is an unknown function of the component Management Console. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

D-Link DIR-655 C up to 3.02B05 BETA02 /www/ping_response.cgi Parameter cross site scripting

A vulnerability has been found in D-Link DIR-655 C up to 3.02B05 BETA02 and classified as problematic. Affected by this vulnerability is some unknown processing of the file /www/ping_response.cgi. The manipulation as part of a Parameter leads to...
Auteur: VulDB

D-Link DIR-655 C up to 3.02B05 BETA02 online_firmware_check.cgi check_fw_url command injection

A vulnerability, which was classified as critical, was found in D-Link DIR-655 C up to 3.02B05 BETA02. Affected is an unknown code block of the file online_firmware_check.cgi. The manipulation of the argument check_fw_url as part of a Shell...
Auteur: VulDB

D-Link DIR-655 C up to 3.02B05 BETA02 apply_sec.cgi setup_wizard privilege escalation

A vulnerability, which was classified as critical, has been found in D-Link DIR-655 C up to 3.02B05 BETA02. This issue affects an unknown code of the file apply_sec.cgi. The manipulation of the argument setup_wizard as part of a Parameter leads...
Auteur: VulDB

hidea.com AZ Admin 1.0 news_detphp cod sql injection

A vulnerability classified as critical was found in hidea.com AZ Admin 1.0. This vulnerability affects an unknown part of the file news_detphp. The manipulation of the argument cod as part of a Parameter leads to a sql injection vulnerability....
Auteur: VulDB

nuxt devalue up to 1.2.2 Object Key cross site scripting

A vulnerability classified as problematic has been found in nuxt devalue up to 1.2.2. This affects some unknown functionality of the component Object Key Handler. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

Appointment Hour Booking Plugin 1.1.44 on WordPress email_1 cross site scripting

A vulnerability was found in Appointment Hour Booking Plugin 1.1.44 on WordPress. It has been rated as problematic. Affected by this issue is an unknown functionality. The manipulation of the argument email_1 with an unknown input leads to a...
Auteur: VulDB

SchedMD Slurm up to 19.05.0 sql injection [CVE-2019-12838]

A vulnerability was found in SchedMD Slurm up to 19.05.0. It has been declared as critical. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a sql injection vulnerability. The CWE definition...
Auteur: VulDB

Zoho ManageEngine AssetExplorer ResourcesAttachments.jsp pageName cross site scripting

A vulnerability was found in Zoho ManageEngine AssetExplorer (version unknown). It has been classified as problematic. Affected is some unknown processing of the file ResourcesAttachments.jsp. The manipulation of the argument pageName as part of...
Auteur: VulDB

Zoho ManageEngine AssetExplorer SoftwareListView.do swType/swComplianceType cross site scripting

A vulnerability was found in Zoho ManageEngine AssetExplorer (unknown version) and classified as problematic. This issue affects an unknown code block of the file SoftwareListView.do. The manipulation of the argument swType/swComplianceType as...
Auteur: VulDB

Zoho ManageEngine AssetExplorer RCSettings.do rdsName cross site scripting

A vulnerability has been found in Zoho ManageEngine AssetExplorer (the affected version is unknown) and classified as problematic. This vulnerability affects an unknown code of the file RCSettings.do. The manipulation of the argument rdsName as...
Auteur: VulDB

Zoho ManageEngine ServiceDesk Plus 10.5 WorkOrder.do search cross site scripting

A vulnerability, which was classified as problematic, was found in Zoho ManageEngine ServiceDesk Plus 10.5. This affects an unknown part of the file WorkOrder.do. The manipulation of the argument search with an unknown input leads to a cross...
Auteur: VulDB

Zoho ManageEngine ServiceDesk Plus SearchN.do search cross site scripting

A vulnerability, which was classified as problematic, has been found in Zoho ManageEngine ServiceDesk Plus (affected version not known). Affected by this issue is some unknown functionality of the file SearchN.do. The manipulation of the...
Auteur: VulDB

Zoho ManageEngine AssetExplorer SearchN.do search cross site scripting

A vulnerability classified as problematic was found in Zoho ManageEngine AssetExplorer (affected version unknown). Affected by this vulnerability is an unknown functionality of the file SearchN.do. The manipulation of the argument search with an...
Auteur: VulDB

JN-Jones MyBB-2FA Plugin up to 2014-11-05 on MyBB usercp.php cross site request forgery

A vulnerability classified as problematic has been found in JN-Jones MyBB-2FA Plugin up to 2014-11-05 on MyBB (Content Management System). Affected is an unknown function of the file usercp.php?action=mybb2fa&do=deactivate. The manipulation with...
Auteur: VulDB

Caliper CI Plugin on Jenkins config.xml weak encryption

A vulnerability was found in Caliper CI Plugin on Jenkins (Jenkins Plugin) (unknown version). It has been rated as problematic. This issue affects some unknown processing of the file config.xml. The manipulation with an unknown input leads to a...
Auteur: VulDB

Port Allocator Plugin on Jenkins config.xml weak encryption

A vulnerability was found in Port Allocator Plugin on Jenkins (Jenkins Plugin) (the affected version is unknown). It has been declared as problematic. This vulnerability affects an unknown code block of the file config.xml. The manipulation ...
Auteur: VulDB

Gogs Plugin on Jenkins config.xml weak encryption

A vulnerability was found in Gogs Plugin on Jenkins (Jenkins Plugin) (affected version not known) and classified as problematic. Affected by this issue is an unknown part of the file config.xml. The manipulation with an unknown input leads to a...
Auteur: VulDB

Mashup Portlets Plugin on Jenkins Credentials weak encryption

A vulnerability has been found in Mashup Portlets Plugin on Jenkins (Jenkins Plugin) (affected version unknown) and classified as critical. Affected by this vulnerability is some unknown functionality. The manipulation with an unknown input...
Auteur: VulDB

Embeddable Build Status Plugin up to 2.0.1 on Jenkins Response Reflected cross site scripting

A vulnerability, which was classified as problematic, was found in Embeddable Build Status Plugin up to 2.0.1 on Jenkins (Jenkins Plugin). Affected is an unknown functionality. The manipulation as part of a Response leads to a cross site...
Auteur: VulDB

Docker Plugin up to 1.1.6 on Jenkins Permission Check fillCredentialsIdItems information disclosure

A vulnerability, which was classified as problematic, has been found in Docker Plugin up to 1.1.6 on Jenkins (Virtualization Software). This issue affects the function fillCredentialsIdItems of the component Permission Check. The manipulation ...
Auteur: VulDB

Dependency Graph Viewer Plugin up to 0.13 on Jenkins Job Configuration Stored cross site scripting

A vulnerability was found in Dependency Graph Viewer Plugin up to 0.13 on Jenkins (Jenkins Plugin). It has been classified as problematic. This affects an unknown code of the component Job Configuration Handler. The manipulation with an unknown...
Auteur: VulDB
12345678910Last

Événements SSI

BLACK HAT

Événement majeur mondial sur la sécurité de l'information la conférence Black Hat USA a lieu du 3 au 8 août 2019 à Las Vegas (Mandalay Bay). Organisé par UBM.


Présentation par l'organisateur

Now in its 22nd year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2019 opens with four days of technical Trainings (August 3-6) followed by the two-day main conference (August 7-8) featuring Briefings, Arsenal, Business Hall, and more.

 Plus d'infos sur le site dédié à l'événement.

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

Présentation par l'organisateur



Retour sur Les Assises 2018

La 18ème édition des Assises de la Sécurité à Monaco, c’est terminé ! Encore merci aux 2800 participants dont les 160 partenaires qui pendant trois jours se sont retrouvés pour faire vivre cet événement unique en France. Conférences, one-to-one, tables-rondes, ateliers, moments de networking… Par leur contenu, par la qualité des visiteurs et par la richesse des échanges, les Assises se positionnent plus que jamais comme le rendez-vous incontournable de tous les professionnels de la cybersécurité. A l’image du marché qui ne cesse d’évoluer, les Assises savent adapter leur offre afin de répondre au mieux aux attentes du secteur. Ainsi cette édition a-t-elle voulu mettre en avant les grands enjeux du moment en multipliant les prises de parole, les démonstrations et les retours d’expérience.

Rendez-vous maintenant pour la prochaine édition qui aura lieu du 9 au 12 octobre 2019

Plus d'informations sur le site dédié à l'événement.

RSS