jeudi 17 octobre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

HP LaserJet Application Signature Code Execution [CVE-2019-6334]

A vulnerability, which was classified as critical, has been found in HP LaserJet, PageWide, OfficeJet Enterprise and LaserJet Managed Printer (Printing Software) (affected version not known). Affected by this issue is an unknown part of the...
Auteur: VulDB

CMS Made Simple 2.2.11 News Screen Image File Stored cross site scripting

A vulnerability classified as problematic was found in CMS Made Simple 2.2.11 (Content Management System). Affected by this vulnerability is some unknown functionality of the component News Screen. There is no information about possible...
Auteur: VulDB

CMS Made Simple 2.2.11 File Manager Image File Stored cross site scripting

A vulnerability classified as problematic has been found in CMS Made Simple 2.2.11 (Content Management System). Affected is an unknown functionality of the component File Manager. There is no information about possible countermeasures known. It...
Auteur: VulDB

events-manager Plugin up to 5.9.5 on WordPress Shortcode Stored cross site scripting

A vulnerability was found in events-manager Plugin up to 5.9.5 on WordPress (WordPress Plugin). It has been rated as problematic. This issue affects an unknown function. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

eu-cookie-law Plugin up to 3.0.6 on WordPress Stored cross site scripting

A vulnerability was found in eu-cookie-law Plugin up to 3.0.6 on WordPress (WordPress Plugin). It has been declared as problematic. This vulnerability affects some unknown processing. There is no information about possible countermeasures known....
Auteur: VulDB

broken-link-checker Plugin up to 1.11.8 on WordPress GET Parameter Reflected cross site scripting

A vulnerability was found in broken-link-checker Plugin up to 1.11.8 on WordPress (WordPress Plugin). It has been classified as problematic. This affects an unknown code block. There is no information about possible countermeasures known. It may...
Auteur: VulDB

all-in-one-seo-pack Plugin up to 3.2.6 on WordPress Stored cross site scripting

A vulnerability was found in all-in-one-seo-pack Plugin up to 3.2.6 on WordPress and classified as problematic. Affected by this issue is an unknown code. Upgrading to version 3.2.7 eliminates this vulnerability.
Auteur: VulDB

Sonatype Nexus Repository Manager up to 2.14.14 Code Execution

A vulnerability has been found in Sonatype Nexus Repository Manager up to 2.14.14 and classified as critical. Affected by this vulnerability is an unknown part. Upgrading to version 2.14.15 eliminates this vulnerability.
Auteur: VulDB

Puppet Enterprise Pipeline up to 1.3.1 on Jenkins Custom Script Security Whitelist privilege escalation

A vulnerability, which was classified as critical, was found in Puppet Enterprise Pipeline up to 1.3.1 on Jenkins. Affected is some unknown functionality of the component Custom Script Security Whitelist. There is no information about possible...
Auteur: VulDB

on Jenkins privilege escalation [CVE-2019-10457]

A vulnerability, which was classified as critical, has been found in Oracle Cloud Infrastructure Compute Classic Plugin on Jenkins (unknown version). This issue affects an unknown functionality. There is no information about possible...
Auteur: VulDB

on Jenkins cross site request forgery [CVE-2019-10456]

A vulnerability classified as problematic was found in Oracle Cloud Infrastructure Compute Classic Plugin on Jenkins (Cloud Software) (the affected version is unknown). This vulnerability affects an unknown function. There is no information about...
Auteur: VulDB

Rundeck Plugin on Jenkins Permission Check privilege escalation

A vulnerability classified as critical has been found in Rundeck Plugin on Jenkins (Jenkins Plugin) (the affected version unknown). This affects some unknown processing of the component Permission Check. There is no information about possible...
Auteur: VulDB

Rundeck Plugin on Jenkins cross site request forgery [CVE-2019-10454]

A vulnerability was found in Rundeck Plugin on Jenkins (Jenkins Plugin) (affected version not known). It has been rated as problematic. Affected by this issue is an unknown code block. There is no information about possible countermeasures known....
Auteur: VulDB

Delphix Plugin on Jenkins Global Configuration Credentials weak encryption

A vulnerability was found in Delphix Plugin on Jenkins (Jenkins Plugin) (affected version unknown). It has been declared as problematic. Affected by this vulnerability is an unknown code of the component Global Configuration. There is no...
Auteur: VulDB

View26 Test-Reporting Plugin on Jenkins config.xml weak encryption

A vulnerability was found in View26 Test-Reporting Plugin on Jenkins (Reporting Software) (version unknown). It has been classified as problematic. Affected is an unknown part of the file config.xml. There is no information about possible...
Auteur: VulDB

SOASTA CloudTest Plugin on Jenkins Global Configuration Credentials weak encryption

A vulnerability was found in SOASTA CloudTest Plugin on Jenkins (unknown version) and classified as problematic. This issue affects some unknown functionality of the component Global Configuration. There is no information about possible...
Auteur: VulDB

ElasticBox CI Plugin on Jenkins Configuration File config.xml weak encryption

A vulnerability has been found in ElasticBox CI Plugin on Jenkins (the affected version is unknown) and classified as problematic. This vulnerability affects an unknown functionality of the file config.xml of the component Configuration File....
Auteur: VulDB

Fortify on Demand Plugin on Jenkins config.xml weak encryption

A vulnerability, which was classified as problematic, was found in Fortify on Demand Plugin on Jenkins (the affected version unknown). This affects an unknown function of the file config.xml. There is no information about possible countermeasures...
Auteur: VulDB

Extensive Testing Plugin on Jenkins config.xml weak encryption

A vulnerability, which was classified as problematic, has been found in Extensive Testing Plugin on Jenkins (affected version not known). Affected by this issue is some unknown processing of the file config.xml. There is no information about...
Auteur: VulDB

Sofy.AI Plugin on Jenkins config.xml information disclosure

A vulnerability classified as problematic was found in Sofy.AI Plugin on Jenkins (affected version unknown). Affected by this vulnerability is an unknown code block of the file config.xml. There is no information about possible countermeasures...
Auteur: VulDB

Cadence vManager Plugin up to 2.7.0 on Jenkins Hostname Verification weak authentication

A vulnerability classified as critical has been found in Cadence vManager Plugin up to 2.7.0 on Jenkins. Affected is an unknown code of the component Hostname Verification. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Google Kubernetes Engine Plugin up to 0.7.0 on Jenkins Permission Check information disclosure

A vulnerability was found in Google Kubernetes Engine Plugin up to 0.7.0 on Jenkins. It has been rated as problematic. This issue affects an unknown part of the component Permission Check. There is no information about possible countermeasures...
Auteur: VulDB

Bumblebee HP ALM Plugin up to 4.1.3 on Jenkins Hostname Verification weak authentication

A vulnerability was found in Bumblebee HP ALM Plugin up to 4.1.3 on Jenkins. It has been declared as critical. This vulnerability affects some unknown functionality of the component Hostname Verification. There is no information about possible...
Auteur: VulDB

iceScrum Plugin up to 1.1.4 on Jenkins config.xml weak encryption

A vulnerability was found in iceScrum Plugin up to 1.1.4 on Jenkins. It has been classified as problematic. This affects an unknown functionality of the file config.xml. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

iceScrum Plugin up to 1.1.5 on Jenkins Permission Check privilege escalation

A vulnerability was found in iceScrum Plugin up to 1.1.5 on Jenkins and classified as critical. Affected by this issue is an unknown function of the component Permission Check. There is no information about possible countermeasures known. It may...
Auteur: VulDB
12345678910Last

Événements SSI

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS