samedi 30 mai 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Cisco Releases Security Updates for Multiple Products

Original release date: August 8, 2019Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

CERTFR-2019-AVI-377 : Multiples vulnérabilités dans les produits Cisco (08 août 2019)

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique...
Auteur: Cert FR

CERTFR-2019-AVI-376 : Multiples vulnérabilités dans le noyau Linux de SUSE (08 août 2019)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et un contournement de la politique...
Auteur: Cert FR

CERTFR-2019-AVI-375 : Multiples vulnérabilités dans le noyau Linux de Red Hat (08 août 2019)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et une atteinte à la confidentialité des données.

Auteur: Cert FR

Backdrop CMS up to 1.12.7/1.13.2 File Upload privilege escalation

A vulnerability classified as critical has been found in Backdrop CMS up to 1.12.7/1.13.2. This affects an unknown function of the component File Upload. Upgrading to version 1.12.8 or 1.13.3 eliminates this vulnerability.
Auteur: VulDB

Backdrop CMS up to 1.12.7/1.13.2 Menu Link cross site scripting

A vulnerability was found in Backdrop CMS up to 1.12.7/1.13.2. It has been rated as problematic. Affected by this issue is some unknown processing of the component Menu Link Handler. Upgrading to version 1.12.8 or 1.13.3 eliminates this...
Auteur: VulDB

Backdrop CMS up to 1.12.7/1.13.2 Block Label handler cross site scripting

A vulnerability was found in Backdrop CMS up to 1.12.7/1.13.2. It has been declared as problematic. Affected by this vulnerability is an unknown code block of the component Block Label handler. Upgrading to version 1.12.8 or 1.13.3 eliminates...
Auteur: VulDB

Nextcloud Lookup-Server up to 0.2.x sql injection

A vulnerability was found in Nextcloud Lookup-Server up to 0.2.x. It has been classified as critical. Affected is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

DWSurvey up to 2019-07-22 my-survey-design!copySurvey.action surveyName cross site scripting

A vulnerability was found in DWSurvey up to 2019-07-22 (Survey Software). It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file design/my-survey-design!copySurvey.action. There is no...
Auteur: VulDB

KuaiFanCMS 5.0 install.php db_name privilege escalation

A vulnerability was found in KuaiFanCMS 5.0. It has been classified as critical. Affected is an unknown function of the file install.php. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

YOURLS up to 1.7.3 API Type Casting weak authentication

A vulnerability was found in YOURLS up to 1.7.3 and classified as critical. This issue affects some unknown processing of the component API. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

eQ-3 Homematic CCU3 3.47.15 Call() denial of service

A vulnerability has been found in eQ-3 Homematic CCU3 3.47.15 and classified as problematic. This vulnerability affects the function Call(). There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Micro Focus Content Manager 9.1/9.2/9.3 Checkin Request privilege escalation

A vulnerability, which was classified as critical, was found in Micro Focus Content Manager 9.1/9.2/9.3. This affects an unknown code of the component Checkin Request Handler. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Spark up to 2.3.2 weak encryption

A vulnerability, which was classified as critical, has been found in Spark up to 2.3.2. Affected by this issue is an unknown part. Upgrading to version 2.3.3 eliminates this vulnerability.
Auteur: VulDB

Cisco ASA Smart Tunnel privilege escalation

A vulnerability was found in Cisco ASA (unknown version) and classified as critical. This issue affects an unknown part of the component Smart Tunnel Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco ASA Smart Tunnel privilege escalation

A vulnerability has been found in Cisco ASA (the affected version is unknown) and classified as critical. This vulnerability affects some unknown functionality of the component Smart Tunnel Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco ASA Web-based Management Interface HTTPS Request privilege escalation

A vulnerability, which was classified as critical, was found in Cisco ASA (the affected version unknown). This affects an unknown functionality of the component Web-based Management Interface. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco WebEx Network Recording Player/Webex Player on Windows ARF File Remote Code Execution

A vulnerability, which was classified as critical, has been found in Cisco WebEx Network Recording Player and Webex Player on Windows (affected version not known). Affected by this issue is an unknown function of the component ARF File Handler....
Auteur: VulDB

Cisco WebEx Network Recording Player/Webex Player on Windows ARF File Remote Code Execution

A vulnerability classified as critical was found in Cisco WebEx Network Recording Player and Webex Player on Windows (affected version unknown). Affected by this vulnerability is some unknown processing of the component ARF File Handler....
Auteur: VulDB

Cisco WebEx Network Recording Player/Webex Player on Windows ARF File Remote Code Execution

A vulnerability classified as critical has been found in Cisco WebEx Network Recording Player and Webex Player on Windows (version unknown). Affected is an unknown code block of the component ARF File Handler. Upgrading eliminates this...
Auteur: VulDB

Cisco WebEx Network Recording Player/Webex Player on Windows ARF File Remote Code Execution

A vulnerability was found in Cisco WebEx Network Recording Player and Webex Player on Windows (unknown version). It has been rated as critical. This issue affects an unknown code of the component ARF File Handler. Upgrading eliminates this...
Auteur: VulDB

Cisco WebEx Network Recording Player/Webex Player on Windows ARF File Remote Code Execution

A vulnerability was found in Cisco WebEx Network Recording Player and Webex Player on Windows (the affected version is unknown). It has been declared as critical. This vulnerability affects an unknown part of the component ARF File Handler....
Auteur: VulDB

Cisco WebEx Network Recording Player/Webex Player on Windows ARF File Remote Code Execution

A vulnerability was found in Cisco WebEx Network Recording Player and Webex Player on Windows (the affected version unknown). It has been classified as critical. This affects some unknown functionality of the component ARF File Handler. Upgrading...
Auteur: VulDB

Cisco IOS XR Routing Protocol Crash denial of service

A vulnerability was found in Cisco IOS XR (affected version not known) and classified as problematic. Affected by this issue is an unknown functionality of the component Routing Protocol Handler. Upgrading eliminates this vulnerability.
Auteur: VulDB

Cisco IOS XR up to 6.6.2 PDU Restart denial of service

A vulnerability has been found in Cisco IOS XR up to 6.6.2 and classified as problematic. Affected by this vulnerability is an unknown function of the component PDU Handler. Upgrading to version 6.6.3 eliminates this vulnerability.
Auteur: VulDB
First632633634635636637638639640641Last

Événements SSI