lundi 6 avril 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

ITE Tech Consumer Infrared Driver up to 5.4.2.x on Windows 10 Permission privilege escalation

A vulnerability, which was classified as critical, was found in ITE Tech Consumer Infrared Driver up to 5.4.2.x on Windows 10 (Hardware Driver Software). This affects some unknown processing of the component Permission. The manipulation with an...
Auteur: VulDB

Intel CSME HECI Subsystem privilege escalation [CVE-2018-12147]

A vulnerability, which was classified as critical, has been found in Intel CSME, Server Platform Services and Trusted Execution Engine Firmware (affected version not known). Affected by this issue is an unknown code block of the component HECI...
Auteur: VulDB

Polycom RealPresence Debut up to 1.3.1 Cookie Reboot weak authentication

A vulnerability classified as critical was found in Polycom RealPresence Debut up to 1.3.1. Affected by this vulnerability is an unknown code of the component Cookie Handler. The manipulation with an unknown input leads to a weak authentication...
Auteur: VulDB

Polycom RealPresence Debut up to 1.3.0 Admin Web UI Password information disclosure

A vulnerability classified as problematic has been found in Polycom RealPresence Debut up to 1.3.0. Affected is an unknown part of the component Admin Web UI. The manipulation with an unknown input leads to a information disclosure vulnerability...
Auteur: VulDB

Mozilla Releases Security Update for Thunderbird

Original release date: June 13, 2019 Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit these vulnerabilities to take control of an affected system.The Cybersecurity and...
Auteur: US Cert

Google Releases Security Updates for Chrome

Original release date: June 13, 2019 Google has released Chrome 75.0.3770.90 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker can exploit to take control of an affected system.The Cybersecurity and...
Auteur: US Cert

Le Conseil national des barreaux et la CNIL renouvellent leur convention de partenariat pour 3 ans

Marie-Laure Denis, présidente de la CNIL, et Christiane Féral-Schuhl, présidente du CNB, renouvellent leur partenariat destiné à mener des actions communes de sensibilisation et de formation à la Règlementation Informatique et Libertés auprès des...
Auteur: Cnil

Exim Releases Security Patches

Original release date: June 13, 2019 Exim has released patches to address a vulnerability affecting Exim versions 4.87–4.91. A remote attacker could exploit this vulnerability to take control of an affected email server. This vulnerability...
Auteur: US Cert

FTC Releases Alert on Updating Software

Original release date: June 13, 2019 The Federal Trade Commission (FTC) has released an alert on keeping software up to date to help protect sensitive information such as financial and tax information.The Cybersecurity and Infrastructure...
Auteur: US Cert

Critical Vulnerabilities in Microsoft NTLM (CERT-EU Security Advisory 2019-014)

Two critical Microsoft vulnerabilities were discovered by the research team Preempt. The vulnerabilities consist of three logical flaws in NTLM (NT Lan Manager). The vulnerabilities allow an attacker to potentially execute malicious code remotely...
Auteur: Cert EU

CERTFR-2019-AVI-271 : Multiples vulnérabilités dans les produits Intel (13 juin 2019)

De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une élévation de privilèges.

Auteur: Cert FR

CERTFR-2019-AVI-270 : Vulnérabilité dans Cisco IOS XE (13 juin 2019)

Une vulnérabilité a été découverte dans Cisco IOS XE. Elle permet à un attaquant de provoquer une injection de requêtes illégitimes par rebond (CSRF).

Auteur: Cert FR

CERTFR-2019-AVI-269 : Multiples vulnérabilités dans Apple iCloud pour Windows (13 juin 2019)

De multiples vulnérabilités ont été découvertes dans Apple iCloud pour Windows. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une élévation de...
Auteur: Cert FR

CERTFR-2019-AVI-268 : Vulnérabilité dans Fortinet FortiWeb (13 juin 2019)

Une vulnérabilité a été découverte dans Fortinet FortiWeb. Elle permet à un attaquant de provoquer une injection de code indirecte à distance (XSS).

Auteur: Cert FR

Cisco Releases Security Update for Cisco IOS XE

Original release date: June 12, 2019 Cisco has released a security update to address a vulnerability in Cisco IOS XE. A remote attacker could exploit this vulnerability to take control of an affected system.The Cybersecurity and...
Auteur: US Cert

Cisco IOS XE Web UI cross site request forgery

A vulnerability was found in Cisco IOS XE (unknown version). It has been rated as critical. This issue affects some unknown functionality of the component Web UI. The manipulation with an unknown input leads to a cross site request forgery...
Auteur: VulDB

Dahua IPC-HFW1XXX/IPC-HDW1XXX/IPC-HFW2XXX prior 2018-11 Redirect Code Execution

A vulnerability was found in Dahua IPC-HFW1XXX, IPC-HDW1XXX and IPC-HFW2XXX. It has been classified as critical. This affects an unknown function of the component Redirect Handler. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Siemens LOGO!8 Web Server Logout weak authentication

A vulnerability was found in Siemens LOGO!8 (affected version not known) and classified as critical. Affected by this issue is some unknown processing of the component Web Server. The manipulation with an unknown input leads to a weak...
Auteur: VulDB

Siveillance VMS 2017 R2/2018 R1/2018 R2/2019 R1 Service Port 80 privilege escalation

A vulnerability has been found in Siveillance VMS 2017 R2/2018 R1/2018 R2/2019 R1 and classified as critical. Affected by this vulnerability is an unknown code block of the component Service Port 80. The manipulation with an unknown input leads...
Auteur: VulDB

Siveillance VMS 2017 R2/2018 R1/2018 R2/2019 R1 Service Port 80 privilege escalation

A vulnerability, which was classified as critical, was found in Siveillance VMS 2017 R2/2018 R1/2018 R2/2019 R1. Affected is an unknown code of the component Service Port 80. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Siveillance VMS 2017 R2/2018 R1/2018 R2/2019 R1 Service Port 80 privilege escalation

A vulnerability, which was classified as critical, has been found in Siveillance VMS 2017 R2/2018 R1/2018 R2/2019 R1. This issue affects an unknown part of the component Service Port 80. The manipulation with an unknown input leads to a...
Auteur: VulDB

Siemens LOGO!8 Service Port 10005 Crafted Packet denial of service

A vulnerability classified as problematic was found in Siemens LOGO!8 (the affected version is unknown). This vulnerability affects some unknown functionality of the component Service Port 10005. The manipulation as part of a Crafted Packet...
Auteur: VulDB

Siemens Scalance X-200 Password Storage weak encryption [CVE-2019-6567]

A vulnerability classified as critical has been found in Siemens Scalance X-200, SCALANCE X-200IRT, SCALANCE X-300 and SCALANCE X-414-3E (the affected version unknown). This affects an unknown functionality of the component Password Storage. The...
Auteur: VulDB

Pippo 1.12.0 JVM Process Recursion denial of service

A vulnerability was found in Pippo 1.12.0. It has been rated as problematic. Affected by this issue is an unknown function of the component JVM Process Handler. The manipulation with an unknown input leads to a denial of service vulnerability...
Auteur: VulDB

Fuji Electric V-Server prior 6.0.33.0 Project File Plaintext weak encryption

A vulnerability was found in Fuji Electric V-Server. It has been declared as critical. Affected by this vulnerability is some unknown processing of the component Project File Handler. The manipulation with an unknown input leads to a weak...
Auteur: VulDB
First629630631632633634635636637638Last

Événements SSI