lundi 14 octobre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

IBM Rational Quality Manager up to 6.0.6 Web UI cross site scripting

A vulnerability, which was classified as problematic, was found in IBM Rational Quality Manager up to 6.0.6. This affects an unknown function of the component Web UI. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

IBM Rational Quality Manager up to 6.0.6 Web UI cross site scripting

A vulnerability, which was classified as problematic, has been found in IBM Rational Quality Manager up to 6.0.6. Affected by this issue is an unknown function of the component Web UI. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

MediaWiki Web Access 1.31.0 .htaccess privilege escalation

A vulnerability classified as critical was found in MediaWiki Web Access 1.31.0. Affected by this vulnerability is an unknown function of the file .htaccess. The manipulation with an unknown input leads to a privilege escalation vulnerability....
Auteur: VulDB

Apache Tomcat up to 7.0.90/8.5.33/9.0.11 URL Open Redirect

A vulnerability was found in Apache Tomcat up to 7.0.90/8.5.33/9.0.11. It has been classified as critical. This affects an unknown function of the component URL Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

MediaWiki up to 1.31.0/1.30.0/1.29.2/1.27.4 BotPasswords privilege escalation

A vulnerability was found in MediaWiki up to 1.31.0/1.30.0/1.29.2/1.27.4 and classified as critical. Affected by this issue is an unknown function of the component BotPasswords. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

MediaWiki up to 1.31.0/1.30.0/1.29.2/1.27.4 Special:Redirect/logid information disclosure

A vulnerability has been found in MediaWiki up to 1.31.0/1.30.0/1.29.2/1.27.4 and classified as problematic. Affected by this vulnerability is an unknown function of the file Special:Redirect/logid. The manipulation with an unknown input leads...
Auteur: VulDB

MediaWiki up to 1.31.0/1.30.0/1.29.2/1.27.4 wgRateLimits privilege escalation

A vulnerability, which was classified as critical, was found in MediaWiki up to 1.31.0/1.30.0/1.29.2/1.27.4. Affected is an unknown function. The manipulation of the argument wgRateLimits with an unknown input leads to a privilege escalation...
Auteur: VulDB

NetApp E-Series SANtricity OS Controller Software up to 11.30.5 Remote Code Execution

A vulnerability, which was classified as critical, has been found in NetApp E-Series SANtricity OS Controller Software up to 11.30.5. Affected by this issue is an unknown function. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

IBM 3.0.2/3.0.4/3.0.6/3.2.0 sql injection [CVE-2018-1819]

A vulnerability classified as critical was found in IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2/3.0.4/3.0.6/3.2.0. Affected by this vulnerability is an unknown function. The manipulation with an unknown input...
Auteur: VulDB

IBM Financial Transaction Manager 3.0.2 Log File information disclosure

A vulnerability classified as problematic was found in IBM Financial Transaction Manager 3.0.2. This vulnerability affects an unknown function of the component Log File Handler. The manipulation with an unknown input leads to a information...
Auteur: VulDB

PHP Scripts Mall Open Source Real-Estate Script 3.6.2 img information disclosure

A vulnerability classified as problematic has been found in PHP Scripts Mall Open Source Real-Estate Script 3.6.2. This affects an unknown function of the file wp-content/themes/template_dp_dec2015/img. The manipulation with an unknown input...
Auteur: VulDB

SuSE Linux SMT up to 3.0.36 Sibling Server Host Header spoofing weak authentication

A vulnerability classified as critical has been found in SuSE Linux SMT up to 3.0.36. Affected is an unknown function of the component Sibling Server Handler. The manipulation as part of a Host Header leads to a weak authentication vulnerability...
Auteur: VulDB

SuSE Linux SMT up to 3.0.36 Blocking Element XML External Entity

A vulnerability was found in SuSE Linux SMT up to 3.0.36. It has been rated as critical. This issue affects an unknown function of the component Blocking Element Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

SuSE Linux SMT up to 3.0.36 RegistrationSharing sql injection

A vulnerability was found in SuSE Linux SMT up to 3.0.36. It has been declared as critical. This vulnerability affects an unknown function of the component RegistrationSharing. The manipulation with an unknown input leads to a sql injection...
Auteur: VulDB

Cisco Releases Security Updates

Original release date: October 03, 2018 Cisco has released security updates to address multiple vulnerabilities affecting Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected...
Auteur: US Cert

FTC Issues Alert on Recent Facebook Breach

Original release date: October 03, 2018 The Federal Trade Commission (FTC) has released an alert to provide Facebook users with recommended precautions against identity theft after the recent breach of the Facebook social media...
Auteur: US Cert

Cisco Releases Security Updates for Multiple Products

Original release date: October 03, 2018 Cisco has released several updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC...
Auteur: US Cert

APTs Targeting IT Service Provider Customers

Original release date: October 03, 2018 The National Cybersecurity and Communications Integration Center (NCCIC) has received multiple reports of advanced persistent threat (APT) actors actively exploiting trust relationships in...
Auteur: US Cert

CERTFR-2018-AVI-467 : Multiples vulnérabilités dans Mozilla Firefox (03 octobre 2018)

De multiples vulnérabilités ont été découvertes dans Mozilla Firefox. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur et une exécution de code arbitraire à distance.

Auteur: Cert FR

CERTFR-2018-AVI-466 : Multiples vulnérabilités dans le noyau Linux de SUSE (03 octobre 2018)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et un déni de service.
Auteur: Cert FR

Mozilla Releases Security Updates for Firefox

Original release date: October 02, 2018 Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit these vulnerabilities to take control of an affected system.NCCIC...
Auteur: US Cert

Naviwebs Navigate CMS 2.8 File Upload navigate_upload.php POST Request directory traversal

A vulnerability classified as critical was found in Naviwebs Navigate CMS 2.8. Affected by this vulnerability is an unknown function of the file navigate_upload.php of the component File Upload. The manipulation as part of a POST Request leads...
Auteur: VulDB

strongSwan up to 5.7.0 gmp Plugin Crafted Certificate memory corruption

A vulnerability was found in strongSwan up to 5.7.0. It has been rated as critical. This issue affects an unknown function of the component gmp Plugin. The manipulation as part of a Crafted Certificate leads to a memory corruption vulnerability....
Auteur: VulDB

OPAC EasyWeb Five 5.7 index.php biblio sql injection

A vulnerability was found in OPAC EasyWeb Five 5.7. It has been declared as critical. This vulnerability affects an unknown function of the file w2001/index.php?scelta=campi. The manipulation of the argument biblio as part of a Parameter leads...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.2.1 information disclosure

A vulnerability, which was classified as problematic, was found in GitLab Community Edition and Enterprise Edition up to 11.2.1. Affected is an unknown function. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB
First688689690691692693694695696697Last

Événements SSI

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS