lundi 14 octobre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

GNU binutils 3.32 libbfd dwarf2.c find_abstract_instance ELF File denial of service

A vulnerability was found in GNU binutils 3.32 (Programming Tool Software). It has been rated as problematic. Affected by this issue is the function find_abstract_instance of the file dwarf2.c of the component libbfd. There is no information...
Auteur: VulDB

Avira Software Updater prior 2.0.6.21094 DLL privilege escalation

A vulnerability was found in Avira Software Updater. It has been declared as critical. Affected by this vulnerability is some unknown functionality of the component DLL Handler. Upgrading to version 2.0.6.21094 eliminates this vulnerability.
Auteur: VulDB

LavaLite up to 5.7 Account Name cross site scripting

A vulnerability was found in LavaLite up to 5.7. It has been classified as problematic. Affected is an unknown functionality of the component Account Name Handler. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

z-song laravel-admin 1.7.3 cross site scripting [CVE-2019-17433]

A vulnerability was found in z-song laravel-admin 1.7.3 and classified as problematic. This issue affects an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected object with...
Auteur: VulDB

FastAdmin 1.0.0.20190705_beta edit Parameter cross site request forgery

A vulnerability has been found in FastAdmin 1.0.0.20190705_beta and classified as problematic. This vulnerability affects some unknown processing of the file public/admin/general.config/edit. There is no information about possible countermeasures...
Auteur: VulDB

FastAdmin 1.0.0.20190705_beta add cross site request forgery

A vulnerability, which was classified as problematic, was found in FastAdmin 1.0.0.20190705_beta. This affects an unknown code block of the file public/index.php/admin/auth/admin/add. There is no information about possible countermeasures known....
Auteur: VulDB

EyouCms up to 2019-07-11 login.php web_recordnum cross site scripting

A vulnerability, which was classified as problematic, has been found in EyouCms up to 2019-07-11. Affected by this issue is an unknown code of the file login.php. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Adhouma CMS up to 2019-10-09 post.php p_id sql injection

A vulnerability classified as critical was found in Adhouma CMS up to 2019-10-09 (Content Management System). Affected by this vulnerability is an unknown part of the file post.php. There is no information about possible countermeasures known. It...
Auteur: VulDB

NetSarang XFTP Client up to 6.0149 File Copy File Name memory corruption

A vulnerability classified as critical has been found in NetSarang XFTP Client up to 6.0149. Affected is some unknown functionality of the component File Copy Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

new-contact-form-widget Plugin 1.0.9 on WordPress all-query-page.php sql injection

A vulnerability was found in new-contact-form-widget Plugin 1.0.9 on WordPress (WordPress Plugin). It has been rated as critical. This issue affects an unknown functionality of the file all-query-page.php. There is no information about possible...
Auteur: VulDB

client-dash Plugin 2.1.4 on WordPress cross site scripting [CVE-2019-17071]

A vulnerability was found in client-dash Plugin 2.1.4 on WordPress (WordPress Plugin). It has been declared as problematic. This vulnerability affects an unknown function. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

liquid-speech-balloon Plugin 1.0.5 on WordPress cross site scripting

A vulnerability was found in liquid-speech-balloon Plugin 1.0.5 on WordPress (WordPress Plugin). It has been classified as problematic. This affects some unknown processing. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Siemens SIMATIC IT UADM up to 1.2 Service Port 1434 Credentials information disclosure

A vulnerability was found in Siemens SIMATIC IT UADM up to 1.2 (SCADA Software) and classified as problematic. Affected by this issue is an unknown code block of the component Service Port 1434. Addressing this vulnerability is possible by...
Auteur: VulDB

Siemens WinAC RTX 2010 HTTP Request denial of service

A vulnerability has been found in Siemens WinAC RTX 2010 and classified as problematic. Affected by this vulnerability is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Siemens SIMATIC/SINAMICS UDP Packet denial of service [CVE-2019-10936]

A vulnerability, which was classified as problematic, was found in Siemens SIMATIC and SINAMICS (SCADA Software) (version unknown). Affected is an unknown part. Upgrading eliminates this vulnerability.
Auteur: VulDB

Siemens SIMATIC/SINAMICS IRT denial of service [CVE-2019-10923]

A vulnerability, which was classified as problematic, has been found in Siemens SIMATIC and SINAMICS (SCADA Software) (unknown version). This issue affects some unknown functionality of the component IRT. Upgrading eliminates this vulnerability.
Auteur: VulDB

RobotCPA Plugin 5 on WordPress f.php l directory traversal

A vulnerability classified as critical was found in RobotCPA Plugin 5 on WordPress (WordPress Plugin). This vulnerability affects an unknown functionality of the file f.php. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ACF-Frontend-Display Plugin up to 2015-07-03 on WordPress File Upload index.php Request privilege escalation

A vulnerability classified as critical has been found in ACF-Frontend-Display Plugin up to 2015-07-03 on WordPress (WordPress Plugin). This affects an unknown function of the file js/blueimp-jQuery-File-Upload-d45deb1/server/php/index.php of the...
Auteur: VulDB

prettyPhoto up to 3.1.5 js/jquery.prettyPhoto.js cross site scripting

A vulnerability was found in prettyPhoto up to 3.1.5. It has been rated as problematic. Affected by this issue is some unknown processing of the file js/jquery.prettyPhoto.js. Upgrading to version 3.1.6 eliminates this vulnerability.
Auteur: VulDB

Vernissage Theme 1.2.8 on WordPress Option Update privilege escalation

A vulnerability was found in Vernissage Theme 1.2.8 on WordPress (WordPress Plugin). It has been declared as critical. Affected by this vulnerability is an unknown code block of the component Option Update Handler. There is no information about...
Auteur: VulDB

Teardrop Theme 1.8.1 on WordPress Option Update privilege escalation

A vulnerability was found in Teardrop Theme 1.8.1 on WordPress (WordPress Plugin). It has been classified as critical. Affected is an unknown code of the component Option Update Handler. There is no information about possible countermeasures...
Auteur: VulDB

Pont Theme 1.5 on WordPress Option Update privilege escalation

A vulnerability was found in Pont Theme 1.5 on WordPress (WordPress Plugin) and classified as critical. This issue affects an unknown part of the component Option Update Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

Simpolio Theme 1.3.2 on WordPress Option Update privilege escalation

A vulnerability has been found in Simpolio Theme 1.3.2 on WordPress (WordPress Plugin) and classified as critical. This vulnerability affects some unknown functionality of the component Option Update Handler. There is no information about...
Auteur: VulDB

estrutura-basica Theme up to 2015-09-13 on WordPress scripts/download.php arquivo directory traversal

A vulnerability, which was classified as critical, was found in estrutura-basica Theme up to 2015-09-13 on WordPress (WordPress Plugin). This affects an unknown functionality of the file scripts/download.php. There is no information about...
Auteur: VulDB

incoming-links Plugin up to 0.9.10 on WordPress HTTP Header referrers.php cross site scripting

A vulnerability, which was classified as problematic, has been found in incoming-links Plugin up to 0.9.10 on WordPress (WordPress Plugin). Affected by this issue is an unknown function of the file referrers.php of the component HTTP Header...
Auteur: VulDB
12345678910Last

Événements SSI

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS