vendredi 15 février 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

jforum 2.1.8 username information disclosure

A vulnerability has been found in jforum 2.1.8 (Forum Software) and classified as problematic. This vulnerability affects a functionality of the file register/check/username?username. The manipulation with an unknown input leads to a information...
Auteur: VulDB

Cisco Network Assurance Engine 3.0(1) Management Web Interface weak authentication

A vulnerability was found in Cisco Network Assurance Engine 3.0(1). It has been declared as critical. This vulnerability affects a code block of the component Management Web Interface. The manipulation with an unknown input leads to a weak...
Auteur: VulDB

ATTO FibreBridge 7500N 2.95 denial of service [CVE-2018-5499]

A vulnerability was found in ATTO FibreBridge 7500N 2.95. It has been classified as problematic. This affects code. The manipulation with an unknown input leads to a denial of service vulnerability. CWE is classifying the issue as CWE-404. This...
Auteur: VulDB

GNOME Keyring up to 3.27.1 pam/gkr-pam-module.c information disclosure

A vulnerability was found in GNOME Keyring up to 3.27.1 and classified as problematic. Affected by this issue is a part of the file pam/gkr-pam-module.c. The manipulation with an unknown input leads to a information disclosure vulnerability...
Auteur: VulDB

Solutions Business Manager up to 11.4 weak authentication [CVE-2018-19645]

A vulnerability, which was classified as critical, was found in Solutions Business Manager up to 11.4. Affected is a function. The manipulation with an unknown input leads to a weak authentication vulnerability. CWE is classifying the issue as...
Auteur: VulDB

CX-Supervisor up to 3.42 Project File memory corruption

A vulnerability, which was classified as critical, has been found in CX-Supervisor up to 3.42. This issue affects some functionality of the component Project File Handler. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

CX-Supervisor up to 3.42 Project File privilege escalation

A vulnerability classified as critical was found in CX-Supervisor up to 3.42. This vulnerability affects the functionality of the component Project File Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

airMAX/EdgeMAX Discovery Protocol Amplification denial of service

A vulnerability classified as problematic has been found in airMAX and EdgeMAX. This affects an unknown function of the component Discovery Protocol. The manipulation with an unknown input leads to a denial of service vulnerability...
Auteur: VulDB

runc Open-Source Container Vulnerability

Original release date: February 11, 2019 The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a vulnerability affecting several...
Auteur: US Cert

CERTFR-2019-AVI-050 : Multiples vulnérabilités dans Google Chrome OS (11 février 2019)

De multiples vulnérabilités ont été découvertes dans Google Chrome OS. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Auteur: Cert FR

nc-cms 3.5 lib/NCCms.class.php name/editordata privilege escalation

A vulnerability was found in nc-cms 3.5 (Content Management System). It has been declared as critical. This vulnerability affects a code block in the library lib/NCCms.class.php. The manipulation of the argument name/editordata as part of a...
Auteur: VulDB

taocms up to 2014-05-24 install.php db_name privilege escalation

A vulnerability was found in taocms up to 2014-05-24 (Content Management System). It has been classified as critical. This affects code of the file install.php. The manipulation of the argument db_name as part of a Parameter leads to a privilege...
Auteur: VulDB

Nibbleblog 4.0.5 install.php username privilege escalation

A vulnerability was found in Nibbleblog 4.0.5 (Blog Software) and classified as critical. Affected by this issue is a part of the file install.php. The manipulation of the argument username as part of a Parameter leads to a privilege escalation...
Auteur: VulDB

MetInfo 6.x index.php race condition

A vulnerability has been found in MetInfo 6.x (Content Management System) and classified as critical. Affected by this vulnerability is a functionality of the file admin/index.php?n=databack&c=index&a=dogetsql&tables=. The manipulation with an...
Auteur: VulDB

Traq 3.7.1 admin/users/new cross site request forgery

A vulnerability, which was classified as problematic, was found in Traq 3.7.1. This affects a function of the file admin/users/new. The manipulation with an unknown input leads to a cross site request forgery vulnerability. CWE is classifying...
Auteur: VulDB

Traq 3.7.1 tickets sql injection

A vulnerability, which was classified as critical, has been found in Traq 3.7.1. Affected by this issue is some functionality of the file tickets?search. The manipulation with an unknown input leads to a sql injection vulnerability. Using CWE to...
Auteur: VulDB

Frog CMS 0.9.5 IMG Element cross site scripting

A vulnerability classified as problematic was found in Frog CMS 0.9.5 (Content Management System). Affected by this vulnerability is the functionality of the file admin/?/plugin/file_manager. The manipulation as part of a IMG Element leads to a...
Auteur: VulDB

Frog CMS 0.9.5 admin/ Body cross site scripting

A vulnerability classified as problematic has been found in Frog CMS 0.9.5 (Content Management System). Affected is an unknown function of the file admin/?/snippet/edit/1. The manipulation of the argument Body with an unknown input leads to a...
Auteur: VulDB

Frog CMS 0.9.5 /public information disclosure

A vulnerability was found in Frog CMS 0.9.5 (Content Management System). It has been rated as problematic. This issue affects some processing of the file /public. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

Frog CMS 0.9.5 privilege escalation [CVE-2018-20775]

A vulnerability was found in Frog CMS 0.9.5 (Content Management System). It has been declared as critical. This vulnerability affects a code block of the file admin/?/plugin/file_manager. The manipulation with an unknown input leads to a...
Auteur: VulDB

Frog CMS 0.9.5 admin/ Body cross site scripting

A vulnerability was found in Frog CMS 0.9.5 (Content Management System). It has been classified as problematic. This affects code of the file admin/?/layout/edit/1. The manipulation of the argument Body with an unknown input leads to a cross...
Auteur: VulDB

Frog CMS 0.9.5 admin/ privilege escalation

A vulnerability was found in Frog CMS 0.9.5 (Content Management System) and classified as critical. Affected by this issue is a part of the file admin/?/page/edit/1. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Frog CMS 0.9.5 admin/ privilege escalation

A vulnerability has been found in Frog CMS 0.9.5 (Content Management System) and classified as critical. Affected by this vulnerability is a functionality of the file admin/?/layout/edit/1. The manipulation with an unknown input leads to a...
Auteur: VulDB

D-Link DIR-600M C1 3.04 wan.htm Request weak authentication

A vulnerability classified as critical was found in D-Link DIR-600M C1 3.04 (Router Operating System). Affected by this vulnerability is the functionality of the file wan.htm. The manipulation as part of a Request leads to a weak authentication...
Auteur: VulDB

Live555 0.95 Content-Length Header handleRequestBytes HTTP Header memory corruption

A vulnerability classified as critical has been found in Live555 0.95. Affected is the function handleRequestBytes of the component Content-Length Header Handler. The manipulation as part of a HTTP Header leads to a memory corruption...
Auteur: VulDB
First234567891011Last

Événements SSI

ACCESSECURITY

AccesSecurity, salon euro-méditerranéen de la sécurité globale, se tient à Marseille (Chanot) les 6 et 7 mars 2019. Organisé par Safim.

IT & IT SECURITY MEETINGS

IT & IT Security Meetings, «salon des réseaux, du cloud, de la mobilité et de la sécurité informatique», se tient à Cannes, Palais des Festivals et des Congrès du 19 au 21 mars 2019. Organisé par Weyou Group.

RSS