lundi 16 septembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

JIRA up to 8.4.0 Cache AccessLogFilter information disclosure

A vulnerability classified as problematic has been found in JIRA up to 8.4.0. Affected is the function AccessLogFilter of the component Cache Handler. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

JIRA up to 7.13.6 FilterPickerPopup.jspa searchOwnerUserName cross site scripting

A vulnerability was found in JIRA up to 7.13.6. It has been rated as problematic. This issue affects an unknown function of the file FilterPickerPopup.jspa. Upgrading to version 7.13.7 eliminates this vulnerability.
Auteur: VulDB

JIRA up to 8.3.x Attachment /rest/api/1.0/render information disclosure

A vulnerability was found in JIRA up to 8.3.x. It has been declared as problematic. This vulnerability affects some unknown processing of the file /rest/api/1.0/render of the component Attachment Handler. Upgrading to version 8.4.0 eliminates...
Auteur: VulDB

Easy!Appointments Plugin 1.3.2 on WordPress Credentials information disclosure

A vulnerability was found in Easy!Appointments Plugin 1.3.2 on WordPress (WordPress Plugin). It has been classified as problematic. This affects an unknown code block. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Delta Electronics TPEditor up to 1.94 Project File Out-of-Bounds memory corruption

A vulnerability was found in Delta Electronics TPEditor up to 1.94 and classified as critical. Affected by this issue is an unknown code of the component Project File Handler. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Delta Electronics TPEditor up to 1.94 Project File Stack-based memory corruption

A vulnerability has been found in Delta Electronics TPEditor up to 1.94 and classified as critical. Affected by this vulnerability is an unknown part of the component Project File Handler. There is no information about possible countermeasures...
Auteur: VulDB

Delta Electronics TPEditor up to 1.94 Project File Heap-based memory corruption

A vulnerability, which was classified as critical, was found in Delta Electronics TPEditor up to 1.94. Affected is some unknown functionality of the component Project File Handler. There is no information about possible countermeasures known. It...
Auteur: VulDB

TELESTAR Imperial i600 Telnet Service privilege escalation

A vulnerability, which was classified as critical, has been found in TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt and...
Auteur: VulDB

Eclipse Paho Java Client Library 1.2.0 TLS Connection weak authentication

A vulnerability classified as critical has been found in Eclipse Paho Java Client Library 1.2.0 (Software Library). This affects some unknown processing of the component TLS Connection Handler. There is no information about possible...
Auteur: VulDB

TeamViewer 14.2.2558 GUI Teamviewer.exe information disclosure

A vulnerability was found in TeamViewer 14.2.2558. It has been rated as problematic. Affected by this issue is an unknown code block of the file Teamviewer.exe of the component GUI. There is no information about possible countermeasures known. It...
Auteur: VulDB

Apache OFBiz up to 16.11.05 Form Widget Freemarker Markup Remote Code Execution

A vulnerability was found in Apache OFBiz up to 16.11.05. It has been declared as critical. Affected by this vulnerability is an unknown code of the component Form Widget. Upgrading to version 16.11.06 eliminates this vulnerability.
Auteur: VulDB

Apache OFBiz up to 16.11.05 Application Stored cross site scripting

A vulnerability was found in Apache OFBiz up to 16.11.05. It has been classified as problematic. Affected is an unknown part. Upgrading to version 16.11.06 eliminates this vulnerability.
Auteur: VulDB

Apache OFBiz up to 16.11.05 HTTP Service httpService serviceContent privilege escalation

A vulnerability has been found in Apache OFBiz up to 16.11.05 and classified as critical. This vulnerability affects an unknown functionality of the file /webtools/control/httpService of the component HTTP Service. Upgrading to version 16.11.06...
Auteur: VulDB

Microsoft Windows up to Server 2019 Common Log File System Driver information disclosure

A vulnerability classified as problematic was found in Microsoft Windows (Operating System). This vulnerability affects an unknown function of the component Common Log File System Driver. Applying a patch is able to eliminate this problem. A...
Auteur: VulDB

ArcGIS Enterprise up to 10.6.1 My Profile iFRAME Element cross site scripting

A vulnerability, which was classified as problematic, was found in ArcGIS Enterprise up to 10.6.1. This affects an unknown function of the component My Profile. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

CentOS-WebPanel.com CentOS Web Panel 0.9.8.851 Email privilege escalation

A vulnerability, which was classified as critical, has been found in CentOS-WebPanel.com CentOS Web Panel 0.9.8.851. Affected by this issue is some unknown processing of the component Email Handler. There is no information about possible...
Auteur: VulDB

CentOS-WebPanel.com CentOS Web Panel 0.9.8.851 Email Forwarding privilege escalation

A vulnerability classified as critical was found in CentOS-WebPanel.com CentOS Web Panel 0.9.8.851. Affected by this vulnerability is an unknown code block of the component Email Forwarding Handler. There is no information about possible...
Auteur: VulDB

Apache OFBiz up to 16.11.05 XmlSerializer httpService deserialize serviceContext Code Execution

A vulnerability was found in Apache OFBiz up to 16.11.05 and classified as critical. This issue affects the function deserialize of the file webtools/control/httpService of the component XmlSerializer. Upgrading to version 16.11.06 eliminates...
Auteur: VulDB

Adobe Flash Player up to 32.0.0.207/32.0.0.238 Same-Origin Policy privilege escalation

A vulnerability classified as critical has been found in Adobe Flash Player up to 32.0.0.207/32.0.0.238 (Multimedia Player Software). Affected is an unknown code. Upgrading to version 32.0.0.255 eliminates this vulnerability. A possible...
Auteur: VulDB

Adobe Flash Player up to 32.0.0.207/32.0.0.238 Use-After-Free memory corruption

A vulnerability was found in Adobe Flash Player up to 32.0.0.207/32.0.0.238. It has been rated as critical. This issue affects an unknown part. Upgrading to version 32.0.0.255 eliminates this vulnerability. A possible mitigation has been...
Auteur: VulDB

Adobe Application Manager 10.0 Installer privilege escalation

A vulnerability was found in Adobe Application Manager 10.0. It has been declared as critical. This vulnerability affects some unknown functionality of the component Installer. Upgrading eliminates this vulnerability. A possible mitigation has...
Auteur: VulDB

Microsoft SharePoint Foundation 2013 SP1 cross site request forgery

A vulnerability was found in Microsoft SharePoint Foundation 2013 SP1 (Groupware Software). It has been classified as problematic. This affects an unknown functionality. Applying a patch is able to eliminate this problem. A possible mitigation...
Auteur: VulDB

Microsoft Team Foundation Server/Azure DevOps Server cross site scripting

A vulnerability was found in Microsoft Team Foundation Server and Azure DevOps Server (Programming Tool Software) (affected version not known) and classified as problematic. Affected by this issue is an unknown function. Applying a patch is able...
Auteur: VulDB

Microsoft Windows up to Server 2019 AppX Deployment Server privilege escalation

A vulnerability has been found in Microsoft Windows up to Server 2019 (Operating System) and classified as critical. Affected by this vulnerability is some unknown processing of the component AppX Deployment Server. Applying a patch is able to...
Auteur: VulDB

Microsoft ASP.NET Core 2.1/2.2/3.0 Project Template privilege escalation

A vulnerability, which was classified as critical, was found in Microsoft ASP.NET Core 2.1/2.2/3.0. Affected is an unknown code block of the component Project Template Handler. Applying a patch is able to eliminate this problem. A possible...
Auteur: VulDB
First234567891011Last

Événements SSI

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS