vendredi 20 septembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Cisco WebEx Network Recording Player on Windows ARF File Email Attachment privilege escalation

A vulnerability was found in Cisco WebEx Network Recording Player on Windows (the affected version is unknown). It has been rated as critical. Affected by this issue is an unknown function of the component ARF File Handler. The manipulation as...
Auteur: VulDB

Cisco HyperFlex Software Installation information disclosure

A vulnerability was found in Cisco HyperFlex Software (the affected version is unknown). It has been declared as problematic. Affected by this vulnerability is an unknown function of the component Installation. The manipulation with an unknown...
Auteur: VulDB

Cisco UCS Director Web-based Management Interface Stored cross site scripting

A vulnerability was found in Cisco UCS Director (the affected version is unknown). It has been classified as problematic. Affected is an unknown function of the component Web-based Management Interface. The manipulation with an unknown input...
Auteur: VulDB

Cisco Integrated Management Controller Web Interface HTTP Request information disclosure

A vulnerability was found in Cisco Integrated Management Controller and UCS Director Software (the affected version is unknown) and classified as problematic. This issue affects an unknown function of the component Web Interface. The manipulation...
Auteur: VulDB

Cisco Integrated Management Controller Web Interface HTTP Request denial of service

A vulnerability has been found in Cisco Integrated Management Controller and UCS Director Software (the affected version is unknown) and classified as problematic. This vulnerability affects an unknown function of the component Web Interface. The...
Auteur: VulDB

Apache Releases Security Updates for Apache Tomcat

Original release date: October 04, 2018 The Apache Software Foundation has released security updates to address a vulnerability in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33, and 7.0.23 to 7.0.90. A remote attacker could...
Auteur: US Cert

NCCIC Webinar Series on Protecting Enterprise Network Infrastructure Devices

Original release date: October 04, 2018 NCCIC is conducting a series of webinars on protecting enterprise network infrastructure devices. The webinar on Thursday, October 4, 2018, is the last in the series, and will be held from 1-2:30...
Auteur: US Cert

CERTFR-2018-AVI-468 : Multiples vulnérabilités dans les produits Cisco (04 octobre 2018)

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à...
Auteur: Cert FR

Cybersecurity Threats to Precision Agriculture

Original release date: October 03, 2018 DHS has released a report to address cybersecurity threats to new precision agriculture technologies used in crop and livestock production. Precision agriculture employs a variety of embedded and...
Auteur: US Cert

Applications mobiles : clôture de la mise en demeure à l’encontre de la société TEEMO

Le 19 juillet 2018, la Présidente de la CNIL a rendu publique une mise en demeure à l’encontre de la société TEEMO pour absence de consentement des personnes au traitement de leurs données de géolocalisation à des fins de ciblage publicitaire. La...
Auteur: Cnil

Apache Pony Mail 0.7/0.8/0.9 Statistics Generator Timestamp Data information disclosure

A vulnerability, which was classified as problematic, has been found in Apache Pony Mail 0.7/0.8/0.9. This issue affects an unknown function of the component Statistics Generator. The manipulation as part of a Timestamp Data leads to a...
Auteur: VulDB

VideoWhisper videowhisper-video-conference-integration Plugin 4.91.8 vc/vw_upload.php PHTML File Remote Code Execution

A vulnerability classified as critical was found in VideoWhisper videowhisper-video-conference-integration Plugin 4.91.8. This vulnerability affects an unknown function of the file vc/vw_upload.php. The manipulation as part of a PHTML File leads...
Auteur: VulDB

GNU libiberty cp-demangle.c cplus_demangle_type denial of service

A vulnerability classified as problematic has been found in GNU libiberty (the affected version is unknown). Affected is the function cplus_demangle_type of the file cp-demangle.c. The manipulation with an unknown input leads to a denial of...
Auteur: VulDB

ISPConfig up to 3.1.12 Regular Expression Code Execution

A vulnerability was found in ISPConfig up to 3.1.12. It has been rated as critical. This issue affects an unknown function of the component Regular Expression. The manipulation with the input value /[a-z]{2}/ leads to a privilege escalation...
Auteur: VulDB

Mercurial up to 4.7.1 Manifest Entry cext/manifest.c memory corruption

A vulnerability was found in Mercurial up to 4.7.1. It has been declared as critical. This vulnerability affects an unknown function of the file cext/manifest.c of the component Manifest Entry Handler. The manipulation with an unknown input...
Auteur: VulDB

Carestream Vue RIS/RIS Client up to 11.2 on Windows 8.1 Error information disclosure

A vulnerability was found in Carestream Vue RIS and RIS Client up to 11.2 on Windows 8.1. It has been classified as problematic. This affects an unknown function of the component Error Handler. The manipulation with an unknown input leads to a...
Auteur: VulDB

Coast CMS 5.5.0 Stored cross site scripting

A vulnerability was found in Coast CMS 5.5.0 and classified as problematic. Affected by this issue is an unknown function. The manipulation with an unknown input leads to a cross site scripting vulnerability (Stored). Using CWE to declare the...
Auteur: VulDB

Verba up to 9.2.1 Permission privilege escalation

A vulnerability has been found in Verba Collaboration Compliance and Quality Management Platform up to 9.2.1 and classified as critical. Affected by this vulnerability is an unknown function of the component Permission. The manipulation with an...
Auteur: VulDB

Verba up to 9.2.1 Access Control privilege escalation

A vulnerability, which was classified as critical, was found in Verba Collaboration Compliance and Quality Management Platform up to 9.2.1. Affected is an unknown function of the component Access Control. The manipulation with an unknown input...
Auteur: VulDB

Navigate CMS 2.8 navigate_upload.php Request cross site scripting

A vulnerability, which was classified as problematic, has been found in Navigate CMS 2.8. This issue affects an unknown function of the file navigate_upload.php. The manipulation as part of a Request leads to a cross site scripting vulnerability...
Auteur: VulDB

PHP Scripts Mall Website Seller Script 2.0.5 Keyword cross site scripting

A vulnerability was found in PHP Scripts Mall Website Seller Script 2.0.5. It has been rated as problematic. Affected by this issue is an unknown function of the component Keyword Handler. The manipulation with an unknown input leads to a cross...
Auteur: VulDB

PHP Scripts Mall Market Place Script 1.0.1 Keyword cross site scripting

A vulnerability was found in PHP Scripts Mall Market Place Script 1.0.1. It has been declared as problematic. Affected by this vulnerability is an unknown function of the component Keyword Handler. The manipulation with an unknown input leads to...
Auteur: VulDB

PHP Scripts Mall Domain Lookup Script 3.0.5 Search Bar cross site scripting

A vulnerability was found in PHP Scripts Mall Domain Lookup Script 3.0.5. It has been classified as problematic. Affected is an unknown function of the component Search Bar. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

PHP Scripts Mall Olx Clone 3.4.2 cross site scripting [CVE-2018-16326]

A vulnerability was found in PHP Scripts Mall Olx Clone 3.4.2 and classified as problematic. This issue affects an unknown function. The manipulation with an unknown input leads to a cross site scripting vulnerability. Using CWE to declare the...
Auteur: VulDB

IBM Rational Quality Manager up to 6.0.6 Web UI cross site scripting

A vulnerability has been found in IBM Rational Quality Manager up to 6.0.6 and classified as problematic. This vulnerability affects an unknown function of the component Web UI. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB
First627628629630631632633634635636Last

Événements SSI

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS