mercredi 26 février 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Trend Micro Security 2019 up to 15.0.0.1163 Malware Protection denial of service

A vulnerability was found in Trend Micro Security 2019 up to 15.0.0.1163. It has been declared as problematic. This vulnerability affects an unknown function of the component Malware Protection. There is no information about possible...
Auteur: VulDB

ONOS 1.14 Ethernet VPN Application Code Execution

A vulnerability was found in ONOS 1.14. It has been classified as critical. This affects some unknown processing of the component Ethernet VPN Application. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

ONOS 1.14 Virtual Tenant Network Application Code Execution

A vulnerability was found in ONOS 1.14 and classified as critical. Affected by this issue is an unknown code block of the component Virtual Tenant Network Application. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ONOS 1.14 Access Control Application Code Execution

A vulnerability has been found in ONOS 1.14 and classified as critical. Affected by this vulnerability is an unknown code of the component Access Control Application. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ONOS 1.14 Mobility Application Code Execution

A vulnerability, which was classified as critical, was found in ONOS 1.14. Affected is an unknown part of the component Mobility Application. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

ONOS 1.14 Virtual Broadband Network Gateway application Code Execution

A vulnerability, which was classified as critical, has been found in ONOS 1.14. This issue affects some unknown functionality of the component Virtual Broadband Network Gateway application. There is no information about possible countermeasures...
Auteur: VulDB

ONOS 1.14 Event Code Execution

A vulnerability classified as critical was found in ONOS 1.14. This vulnerability affects an unknown functionality of the component Event Handler. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Trend Micro Installer DLL privilege escalation [CVE-2019-14688]

A vulnerability classified as critical has been found in Trend Micro Installer (the affected version unknown). This affects an unknown function of the component DLL Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

ONOS up to 2.0 ARP Reply weak authentication

A vulnerability was found in ONOS up to 2.0. It has been rated as critical. Affected by this issue is some unknown processing of the component ARP Reply Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

libarchive up to 3.4.1 RAR5 File archive_read_support_format_rar5.c memory corruption

A vulnerability was found in libarchive up to 3.4.1 (File Compression Software). It has been declared as critical. Affected by this vulnerability is an unknown code block of the file archive_read_support_format_rar5.c of the component RAR5 File...
Auteur: VulDB

mod_auth_openidc up to 2.4.0 Open Redirect [CVE-2019-20479]

A vulnerability was found in mod_auth_openidc up to 2.4.0. It has been classified as problematic. Affected is an unknown code. Upgrading to version 2.4.1 eliminates this vulnerability.
Auteur: VulDB

Cisco Releases Security Updates

Original release date: February 20, 2020Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates...
Auteur: US Cert

Adobe Releases Security Updates for After Effects and Media Encoder

Original release date: February 20, 2020Adobe has released security updates to address vulnerabilities in After Effects and Media Encoder. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity...
Auteur: US Cert

CERTFR-2020-AVI-106 : Multiples vulnérabilités dans IBM WebSphere (20 février 2020)

De multiples vulnérabilités ont été découvertes dans IBM WebSphere. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et une élévation de privilèges.

Auteur: Cert FR

CERTFR-2020-AVI-105 : Vulnérabilité dans Cisco Unified Contact Center Express (Unified CCX) (20 février 2020)

Une vulnérabilité a été découverte dans Cisco Unified Contact Center Express (Unified CCX) . Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance et une atteinte à l'intégrité des données.

Auteur: Cert FR

CERTFR-2020-AVI-104 : Vulnérabilité dans Cisco Smart Software Manager On-Prem (20 février 2020)

Une vulnérabilité a été découverte dans Cisco Smart Software Manager On-Prem. Elle permet à un attaquant de provoquer une atteinte à l'intégrité des données, une atteinte à la confidentialité des données et une élévation de privilèges.

Auteur: Cert FR

CERTFR-2020-AVI-103 : Vulnérabilité dans les produits UCS Cisco (20 février 2020)

Une vulnérabilité a été découverte dans les produits UCS Cisco. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Auteur: Cert FR

CERTFR-2020-AVI-102 : Vulnérabilité dans Cisco Content Security Management Appliance (20 février 2020)

Une vulnérabilité a été découverte dans Cisco Content Security Management Appliance. Elle permet à un attaquant de provoquer un déni de service à distance.

Auteur: Cert FR

CERTFR-2020-AVI-101 : Multiples vulnérabilités dans Cisco Email Security Appliance (ESA) (20 février 2020)

De multiples vulnérabilités ont été découvertes dans Cisco Email Security Appliance. Elles permettent à un attaquant de provoquer un déni de service à distance.

Auteur: Cert FR

CERTFR-2020-AVI-100 : Multiples vulnérabilités dans Cisco Data Center Network Manager (20 février 2020)

De multiples vulnérabilités ont été découvertes dans Cisco Data Center Network Manager. Elles permettent à un attaquant de provoquer une élévation de privilèges et une injection de requêtes illégitimes par rebond (CSRF).

Auteur: Cert FR

Western Digital WesternDigitalSSDDashboardSetup.exe prior 3.0.2.0 DLL privilege escalation

A vulnerability was found in Western Digital WesternDigitalSSDDashboardSetup.exe and classified as critical. This issue affects an unknown part of the component DLL Handler. Upgrading to version 3.0.2.0 eliminates this vulnerability.
Auteur: VulDB

Hitron CODA-4582U 7.1.1.30 Managed Device cross site scripting

A vulnerability has been found in Hitron CODA-4582U 7.1.1.30 and classified as problematic. This vulnerability affects some unknown functionality of the component Managed Device Handler. There is no information about possible countermeasures...
Auteur: VulDB

Jyaml up to 1.3 load() privilege escalation

A vulnerability, which was classified as critical, was found in Jyaml up to 1.3. This affects the function load(). There is no information about possible countermeasures known. It may be suggested to replace the affected object with an...
Auteur: VulDB

Puppet Enterprise 6.13.0 puppet.conf Certificate weak authentication

A vulnerability, which was classified as problematic, has been found in Puppet Enterprise 6.13.0. Affected by this issue is an unknown function of the file puppet.conf. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Emerson OpenEnterprise SCADA Server up to 2.83 Modbus Heap-based memory corruption

A vulnerability classified as critical was found in Emerson OpenEnterprise SCADA Server up to 2.83. Affected by this vulnerability is some unknown processing of the component Modbus. There is no information about possible countermeasures known....
Auteur: VulDB
First234567891011Last

Événements SSI