jeudi 19 septembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

TELESTAR Imperial i600 Access Control /set_dname privilege escalation

A vulnerability was found in TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt and Imperial i600. It has been classified as...
Auteur: VulDB

Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 JUCI ACL Key information disclosure

A vulnerability was found in Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 and classified as problematic. Affected by this issue is some unknown functionality of the component JUCI ACL. There is no information about possible countermeasures...
Auteur: VulDB

Intel Microprocessor DDIO Cache information disclosure

A vulnerability has been found in Intel Microprocessor (affected version unknown) and classified as problematic. Affected by this vulnerability is an unknown functionality of the component DDIO Cache. There is no information about possible...
Auteur: VulDB

Intel Easy Streaming Wizard up to 2.1 File Permission privilege escalation

A vulnerability, which was classified as critical, was found in Intel Easy Streaming Wizard up to 2.1. Affected is an unknown function of the component File Permission. Upgrading to version 2.1.0731 eliminates this vulnerability.
Auteur: VulDB

Apache Tapestry 5.4.0/5.4.1/5.4.2/5.4.3 on Windows /assets/ctx ContextResource directory traversal

A vulnerability, which was classified as problematic, has been found in Apache Tapestry 5.4.0/5.4.1/5.4.2/5.4.3 on Windows. This issue affects the function ContextResource of the file /assets/ctx. Upgrading to version 5.4.5 eliminates this...
Auteur: VulDB

Apache Tapestry 5.4.0/5.4.1/5.4.2/5.4.3 AppModule t:formdata information disclosure

A vulnerability classified as problematic was found in Apache Tapestry 5.4.0/5.4.1/5.4.2/5.4.3. This vulnerability affects the function AppModule. Upgrading to version 5.4.5 eliminates this vulnerability.
Auteur: VulDB

GPAC 0.7.1 isomedia/box_code_base.c dinf_Read denial of service

A vulnerability classified as problematic has been found in GPAC 0.7.1. This affects the function dinf_Read of the file isomedia/box_code_base.c. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

GPAC 0.7.1 isomedia/box_code_base.c audio_sample_entry_AddBox() memory corruption

A vulnerability was found in GPAC 0.7.1. It has been rated as critical. Affected by this issue is the function audio_sample_entry_AddBox() of the file isomedia/box_code_base.c. There is no information about possible countermeasures known. It may...
Auteur: VulDB

GPAC 0.7.1 isomedia/avc_ext.c AVC_DuplicateConfig() denial of service

A vulnerability was found in GPAC 0.7.1. It has been declared as problematic. Affected by this vulnerability is the function AVC_DuplicateConfig() of the file isomedia/avc_ext.c. There is no information about possible countermeasures known. It...
Auteur: VulDB

newspaper Theme up to 6.7.1 on WordPress admin-ajax.php td_ads[header] cross site scripting

A vulnerability was found in newspaper Theme up to 6.7.1 on WordPress. It has been classified as problematic. Affected is an unknown functionality of the file admin-ajax.php. Upgrading to version 6.7.2 eliminates this vulnerability.
Auteur: VulDB

Brafton Plugin up to 3.4.7 on WordPress admin.php tab cross site scripting

A vulnerability was found in Brafton Plugin up to 3.4.7 on WordPress (WordPress Plugin) and classified as problematic. This issue affects an unknown function of the file wp-admin/admin.php?page=BraftonArticleLoader. Upgrading to version 3.4.8...
Auteur: VulDB

newspaper Theme up to 6.7.1 on WordPress Access Control td_ajax_update_panel privilege escalation

A vulnerability has been found in newspaper Theme up to 6.7.1 on WordPress and classified as critical. This vulnerability affects the function td_ajax_update_panel of the component Access Control. Upgrading to version 6.7.2 eliminates this...
Auteur: VulDB

MemberSonic Lite Plugin up to 1.301 on WordPress Access Control weak authentication

A vulnerability, which was classified as critical, was found in MemberSonic Lite Plugin up to 1.301 on WordPress (WordPress Plugin). This affects an unknown code block of the component Access Control. Upgrading to version 1.302 eliminates this...
Auteur: VulDB

supportflow Plugin up to 0.6 on WordPress Ticket Excerpt cross site scripting

A vulnerability, which was classified as problematic, has been found in supportflow Plugin up to 0.6 on WordPress (WordPress Plugin). Affected by this issue is an unknown code of the component Ticket Excerpt Handler. Upgrading to version 0.7...
Auteur: VulDB

supportflow Plugin up to 0.6 on WordPress Discussion Ticket Title cross site scripting

A vulnerability classified as problematic was found in supportflow Plugin up to 0.6 on WordPress (WordPress Plugin). Affected by this vulnerability is an unknown part of the component Discussion Ticket Title Handler. Upgrading to version 0.7...
Auteur: VulDB

peepso-core Plugin up to 1.6.0 on WordPress PeepSoProfilePreferencesAjax->save() privilege escalation

A vulnerability classified as critical has been found in peepso-core Plugin up to 1.6.0 on WordPress. Affected is the function PeepSoProfilePreferencesAjax->save(). Upgrading to version 1.6.1 eliminates this vulnerability.
Auteur: VulDB

real3d-flipbook-lite Plugin 1.0 on WordPress flipbooks.php bookId cross site scripting

A vulnerability was found in real3d-flipbook-lite Plugin 1.0 on WordPress. It has been rated as problematic. This issue affects an unknown functionality of the file wp-content/plugins/real3d-flipbook/includes/flipbooks.php. There is no...
Auteur: VulDB

real3d-flipbook-lite Plugin 1.0 on WordPress File Upload bookName directory traversal

A vulnerability was found in real3d-flipbook-lite Plugin 1.0 on WordPress. It has been declared as critical. This vulnerability affects an unknown function of the component File Upload. There is no information about possible countermeasures...
Auteur: VulDB

real3d-flipbook-lite Plugin 1.0 on WordPress deleteBook directory traversal

A vulnerability was found in real3d-flipbook-lite Plugin 1.0 on WordPress (WordPress Plugin). It has been classified as problematic. This affects some unknown processing. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

dwnldr Plugin up to 1.00 on WordPress User-Agent cross site scripting

A vulnerability was found in dwnldr Plugin up to 1.00 on WordPress and classified as problematic. Affected by this issue is an unknown code block. Upgrading to version 1.01 eliminates this vulnerability.
Auteur: VulDB

icegram Plugin up to 1.9.18 on WordPress cross site scripting

A vulnerability has been found in icegram Plugin up to 1.9.18 on WordPress and classified as problematic. Affected by this vulnerability is an unknown code. Upgrading to version 1.9.19 eliminates this vulnerability.
Auteur: VulDB

icegram Plugin up to 1.9.18 on WordPress wp-admin/edit.php option_name cross site request forgery

A vulnerability, which was classified as problematic, was found in icegram Plugin up to 1.9.18 on WordPress (WordPress Plugin). Affected is an unknown part of the file wp-admin/edit.php. Upgrading to version 1.9.19 eliminates this vulnerability.
Auteur: VulDB

colorway Theme up to 3.4.1 on WordPress contactName cross site scripting

A vulnerability, which was classified as problematic, has been found in colorway Theme up to 3.4.1 on WordPress. This issue affects some unknown functionality. Upgrading to version 3.4.2 eliminates this vulnerability.
Auteur: VulDB

wsecure Plugin up to 2.3 on WordPress wsecure-config.php publish Remote Code Execution

A vulnerability classified as critical was found in wsecure Plugin up to 2.3 on WordPress. This vulnerability affects an unknown functionality of the file wsecure-config.php. Upgrading to version 2.4 eliminates this vulnerability.
Auteur: VulDB

estatik Plugin up to 2.3.0 on WordPress File Upload wp-admin/admin-ajax.php es_media_images[] privilege escalation

A vulnerability classified as critical has been found in estatik Plugin up to 2.3.0 on WordPress. This affects an unknown function of the file wp-admin/admin-ajax.php of the component File Upload. Upgrading to version 2.3.1 eliminates this...
Auteur: VulDB
12345678910Last

Événements SSI

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS