vendredi 13 décembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

CERTFR-2019-AVI-051 : Multiples vulnérabilités dans le noyau Linux de SUSE (12 février 2019)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE . Elles permettent à un attaquant de provoquer un déni de service et une élévation de privilèges.

Auteur: Cert FR

Verydows 2.0 index.php referrer cross site scripting

A vulnerability, which was classified as problematic, was found in Verydows 2.0. Affected is a function of the file index.php?m=api&c=stats&a=count. The manipulation of the argument referrer as part of a Parameter leads to a cross site scripting...
Auteur: VulDB

FreeBSD up to 11.2/12.0 Unix Domain Socket privilege escalation

A vulnerability was found in FreeBSD up to 11.2/12.0 (Operating System). It has been classified as critical. Affected is code of the component Unix Domain Socket Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

FreeBSD up to 11.2/12.0 Kernel System Calls information disclosure

A vulnerability was found in FreeBSD up to 11.2/12.0 (Operating System) and classified as problematic. This issue affects a part of the component Kernel. The manipulation as part of a System Calls leads to a information disclosure vulnerability....
Auteur: VulDB

Tenable Nessus up to 8.2.1 Request Stored cross site scripting

A vulnerability has been found in Tenable Nessus up to 8.2.1 (Testing Software) and classified as problematic. This vulnerability affects a functionality. The manipulation as part of a Request leads to a cross site scripting vulnerability...
Auteur: VulDB

Microsoft Windows up to Server 1803 JET Database Engine memory corruption

A vulnerability classified as critical has been found in Microsoft Windows (Operating System). Affected is an unknown function of the component JET Database Engine. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Microsoft Windows up to Server 1803 JET Database Engine memory corruption

A vulnerability was found in Microsoft Windows (Operating System). It has been rated as critical. This issue affects some processing of the component JET Database Engine. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Microsoft Windows up to Server 1803 JET Database Engine memory corruption

A vulnerability was found in Microsoft Windows (Operating System). It has been declared as critical. This vulnerability affects a code block of the component JET Database Engine. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

Microsoft Office 2010 SP2/2013 SP1/2016/2019/365 ProPlus Security Feature Phishing spoofing

A vulnerability was found in Microsoft Office 2010 SP2/2013 SP1/2016/2019/365 ProPlus (Office Suite Software). It has been classified as critical. This affects code of the component Security Feature. The manipulation with an unknown input leads...
Auteur: VulDB

Microsoft Windows up to Server 1803 GDI+ memory corruption

A vulnerability was found in Microsoft Windows (Operating System) and classified as critical. Affected by this issue is a part of the component GDI+. The manipulation with an unknown input leads to a memory corruption vulnerability. Using CWE to...
Auteur: VulDB

Microsoft Edge memory corruption [CVE-2019-0634]

A vulnerability has been found in Microsoft Edge (Web Browser) and classified as critical. Affected by this vulnerability is a functionality. The manipulation with an unknown input leads to a memory corruption vulnerability. The CWE definition...
Auteur: VulDB

Microsoft Windows up to Server 1803 DHCP Server memory corruption

A vulnerability, which was classified as critical, was found in Microsoft Windows (Operating System). Affected is a function of the component DHCP Server. The manipulation with an unknown input leads to a memory corruption vulnerability. CWE is...
Auteur: VulDB

Microsoft Windows up to Server 1803 GDI+ memory corruption

A vulnerability, which was classified as critical, has been found in Microsoft Windows (Operating System). This issue affects some functionality of the component GDI+. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Microsoft ChakraCore/Edge Scripting Engine memory corruption

A vulnerability classified as critical was found in Microsoft ChakraCore and Edge (Web Browser). This vulnerability affects the functionality of the component Scripting Engine. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Microsoft ChakraCore/Edge Scripting Engine memory corruption

A vulnerability classified as critical has been found in Microsoft ChakraCore and Edge (Web Browser). This affects an unknown function of the component Scripting Engine. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Microsoft SharePoint Server Application Package Code Execution

A vulnerability was found in Microsoft SharePoint Server (Groupware Software). It has been rated as critical. Affected by this issue is some processing of the component Application Package Handler. The manipulation with an unknown input leads to...
Auteur: VulDB

Microsoft SharePoint Server Application Package Code Execution

A vulnerability was found in Microsoft SharePoint Server (Groupware Software). It has been declared as critical. Affected by this vulnerability is a code block of the component Application Package Handler. The manipulation with an unknown input...
Auteur: VulDB

Microsoft Edge memory corruption [CVE-2019-0650]

A vulnerability was found in Microsoft Edge (Web Browser). It has been classified as critical. Affected is code. The manipulation with an unknown input leads to a memory corruption vulnerability. CWE is classifying the issue as CWE-119. This is...
Auteur: VulDB

Microsoft Edge memory corruption [CVE-2019-0645]

A vulnerability was found in Microsoft Edge (Web Browser) and classified as critical. This issue affects a part. The manipulation with an unknown input leads to a memory corruption vulnerability. Using CWE to declare the problem leads to...
Auteur: VulDB

Microsoft Internet Explorer 11 memory corruption [CVE-2019-0606]

A vulnerability has been found in Microsoft Internet Explorer 11 (Web Browser) and classified as critical. This vulnerability affects a functionality. The manipulation with an unknown input leads to a memory corruption vulnerability. The CWE...
Auteur: VulDB

Microsoft ChakraCore/Edge Scripting Engine memory corruption

A vulnerability, which was classified as critical, was found in Microsoft ChakraCore and Edge (Web Browser). This affects a function of the component Scripting Engine. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Microsoft ChakraCore/Edge Scripting Engine memory corruption

A vulnerability, which was classified as critical, has been found in Microsoft ChakraCore and Edge (Web Browser). Affected by this issue is some functionality of the component Scripting Engine. The manipulation with an unknown input leads to a...
Auteur: VulDB

Microsoft ChakraCore/Edge Scripting Engine memory corruption

A vulnerability classified as critical was found in Microsoft ChakraCore and Edge (Web Browser). Affected by this vulnerability is the functionality of the component Scripting Engine. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

Microsoft ChakraCore/Edge Scripting Engine memory corruption

A vulnerability classified as critical has been found in Microsoft ChakraCore and Edge (Web Browser). Affected is an unknown function of the component Scripting Engine. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Microsoft ChakraCore/Edge Scripting Engine memory corruption

A vulnerability was found in Microsoft ChakraCore and Edge (Web Browser). It has been rated as critical. This issue affects some processing of the component Scripting Engine. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB
First614615616617618619620621622623Last

Événements SSI

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS