mardi 7 avril 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Open CIT Password Protection information disclosure [CVE-2019-0178]

A vulnerability, which was classified as problematic, has been found in Open CIT (unknown version). This issue affects an unknown function of the component Password Protection. The manipulation with an unknown input leads to a information...
Auteur: VulDB

Open CIT Password Protection information disclosure [CVE-2019-0177]

A vulnerability classified as problematic was found in Open CIT (the affected version is unknown). This vulnerability affects some unknown processing of the component Password Protection. The manipulation with an unknown input leads to a...
Auteur: VulDB

Open CIT Password Protection information disclosure [CVE-2019-0175]

A vulnerability classified as problematic has been found in Open CIT (the affected version unknown). This affects an unknown code block of the component Password Protection. The manipulation with an unknown input leads to a information...
Auteur: VulDB

Intel Turbo Boost Max Technology 3.0 Driver up to 1.0.0 Installer privilege escalation

A vulnerability was found in Intel Turbo Boost Max Technology 3.0 Driver up to 1.0.0 (Hardware Driver Software). It has been rated as critical. Affected by this issue is an unknown code of the component Installer. The manipulation with an...
Auteur: VulDB

Intel SGX Driver on Linux denial of service [CVE-2019-0157]

A vulnerability was found in Intel SGX Driver on Linux (Hardware Driver Software) (affected version unknown). It has been declared as problematic. Affected by this vulnerability is an unknown part. The manipulation with an unknown input leads...
Auteur: VulDB

Intel PROSet Wireless WiFi Software driver up to 21.9 Access Control denial of service

A vulnerability was found in Intel PROSet Wireless WiFi Software driver up to 21.9 (Hardware Driver Software). It has been classified as problematic. Affected is some unknown functionality of the component Access Control. The manipulation with...
Auteur: VulDB

Intel RSTe up to 5.5.0 Accelerated Storage Manager Reflected cross site scripting

A vulnerability was found in Intel RSTe up to 5.5.0 and classified as problematic. This issue affects an unknown functionality of the component Accelerated Storage Manager. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

Intel Chipset Device Software up to 10.1.1 Installer privilege escalation

A vulnerability has been found in Intel Chipset Device Software up to 10.1.1 and classified as critical. This vulnerability affects an unknown function of the component Installer. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

ITE Tech Consumer Infrared Driver up to 5.4.2.x on Windows 10 Permission privilege escalation

A vulnerability, which was classified as critical, was found in ITE Tech Consumer Infrared Driver up to 5.4.2.x on Windows 10 (Hardware Driver Software). This affects some unknown processing of the component Permission. The manipulation with an...
Auteur: VulDB

Intel CSME HECI Subsystem privilege escalation [CVE-2018-12147]

A vulnerability, which was classified as critical, has been found in Intel CSME, Server Platform Services and Trusted Execution Engine Firmware (affected version not known). Affected by this issue is an unknown code block of the component HECI...
Auteur: VulDB

Polycom RealPresence Debut up to 1.3.1 Cookie Reboot weak authentication

A vulnerability classified as critical was found in Polycom RealPresence Debut up to 1.3.1. Affected by this vulnerability is an unknown code of the component Cookie Handler. The manipulation with an unknown input leads to a weak authentication...
Auteur: VulDB

Polycom RealPresence Debut up to 1.3.0 Admin Web UI Password information disclosure

A vulnerability classified as problematic has been found in Polycom RealPresence Debut up to 1.3.0. Affected is an unknown part of the component Admin Web UI. The manipulation with an unknown input leads to a information disclosure vulnerability...
Auteur: VulDB

Mozilla Releases Security Update for Thunderbird

Original release date: June 13, 2019 Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit these vulnerabilities to take control of an affected system.The Cybersecurity and...
Auteur: US Cert

Google Releases Security Updates for Chrome

Original release date: June 13, 2019 Google has released Chrome 75.0.3770.90 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker can exploit to take control of an affected system.The Cybersecurity and...
Auteur: US Cert

Le Conseil national des barreaux et la CNIL renouvellent leur convention de partenariat pour 3 ans

Marie-Laure Denis, présidente de la CNIL, et Christiane Féral-Schuhl, présidente du CNB, renouvellent leur partenariat destiné à mener des actions communes de sensibilisation et de formation à la Règlementation Informatique et Libertés auprès des...
Auteur: Cnil

Exim Releases Security Patches

Original release date: June 13, 2019 Exim has released patches to address a vulnerability affecting Exim versions 4.87–4.91. A remote attacker could exploit this vulnerability to take control of an affected email server. This vulnerability...
Auteur: US Cert

FTC Releases Alert on Updating Software

Original release date: June 13, 2019 The Federal Trade Commission (FTC) has released an alert on keeping software up to date to help protect sensitive information such as financial and tax information.The Cybersecurity and Infrastructure...
Auteur: US Cert

Critical Vulnerabilities in Microsoft NTLM (CERT-EU Security Advisory 2019-014)

Two critical Microsoft vulnerabilities were discovered by the research team Preempt. The vulnerabilities consist of three logical flaws in NTLM (NT Lan Manager). The vulnerabilities allow an attacker to potentially execute malicious code remotely...
Auteur: Cert EU

CERTFR-2019-AVI-271 : Multiples vulnérabilités dans les produits Intel (13 juin 2019)

De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une élévation de privilèges.

Auteur: Cert FR

CERTFR-2019-AVI-270 : Vulnérabilité dans Cisco IOS XE (13 juin 2019)

Une vulnérabilité a été découverte dans Cisco IOS XE. Elle permet à un attaquant de provoquer une injection de requêtes illégitimes par rebond (CSRF).

Auteur: Cert FR

CERTFR-2019-AVI-269 : Multiples vulnérabilités dans Apple iCloud pour Windows (13 juin 2019)

De multiples vulnérabilités ont été découvertes dans Apple iCloud pour Windows. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une élévation de...
Auteur: Cert FR

CERTFR-2019-AVI-268 : Vulnérabilité dans Fortinet FortiWeb (13 juin 2019)

Une vulnérabilité a été découverte dans Fortinet FortiWeb. Elle permet à un attaquant de provoquer une injection de code indirecte à distance (XSS).

Auteur: Cert FR

Cisco Releases Security Update for Cisco IOS XE

Original release date: June 12, 2019 Cisco has released a security update to address a vulnerability in Cisco IOS XE. A remote attacker could exploit this vulnerability to take control of an affected system.The Cybersecurity and...
Auteur: US Cert

Cisco IOS XE Web UI cross site request forgery

A vulnerability was found in Cisco IOS XE (unknown version). It has been rated as critical. This issue affects some unknown functionality of the component Web UI. The manipulation with an unknown input leads to a cross site request forgery...
Auteur: VulDB

Dahua IPC-HFW1XXX/IPC-HDW1XXX/IPC-HFW2XXX prior 2018-11 Redirect Code Execution

A vulnerability was found in Dahua IPC-HFW1XXX, IPC-HDW1XXX and IPC-HFW2XXX. It has been classified as critical. This affects an unknown function of the component Redirect Handler. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB
First629630631632633634635636637638Last

Événements SSI