jeudi 19 septembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Escuela de Gestion Publica Plurinacional Sistema Integrado de Gestion Academica V1 Authentication Form username sql injection

A vulnerability was found in Escuela de Gestion Publica Plurinacional Sistema Integrado de Gestion Academica V1 and classified as critical. Affected by this issue is some unknown processing of the component Authentication Form. There is no...
Auteur: VulDB

Dolibarr 10.0.1 HTTP Header htdocs/societe/card.php User-Agent cross site scripting

A vulnerability has been found in Dolibarr 10.0.1 and classified as problematic. Affected by this vulnerability is an unknown code block of the file htdocs/societe/card.php of the component HTTP Header Handler. There is no information about...
Auteur: VulDB

GitLab Enterprise Edition up to 11.x/12.0.8/12.1.8/12.2.4 Access Control privilege escalation

A vulnerability, which was classified as critical, was found in GitLab Enterprise Edition up to 11.x/12.0.8/12.1.8/12.2.4. Affected is an unknown code of the component Access Control. Upgrading to version 12.0.9, 12.1.9 or 12.2.5 eliminates this...
Auteur: VulDB

D-Link DNS-320 up to 2.05.B10 CGI Script login_mgr.cgi command injection

A vulnerability, which was classified as critical, has been found in D-Link DNS-320 up to 2.05.B10. This issue affects an unknown part of the file login_mgr.cgi of the component CGI Script. There is no information about possible countermeasures...
Auteur: VulDB

CRM Plugin up to 4.2.3 on Redmine vCard Data cross site scripting

A vulnerability classified as problematic was found in CRM Plugin up to 4.2.3 on Redmine. This vulnerability affects some unknown functionality of the component vCard Data Handler. Upgrading to version 4.2.4 eliminates this vulnerability.
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.2.1 Branch Name information disclosure

A vulnerability classified as problematic has been found in GitLab Community Edition and Enterprise Edition up to 12.2.1. This affects an unknown functionality of the component Branch Name Handler. There is no information about possible...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.2.1 Project Import API information disclosure

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 12.2.1. It has been rated as problematic. Affected by this issue is an unknown function of the component Project Import API. There is no information about possible...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.2.1 Merge Request Comment privilege escalation

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 12.2.1 (Bug Tracking Software). It has been declared as critical. Affected by this vulnerability is some unknown processing of the component Merge Request Handler....
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.2.1 Jira Integration Request Server-Side Request Forgery

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 12.2.1 (Bug Tracking Software). It has been classified as critical. Affected is an unknown code block of the component Jira Integration. There is no information...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.2.1 Kubernetes Integration Request Server-Side Request Forgery

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 12.2.1 (Bug Tracking Software) and classified as critical. This issue affects an unknown code of the component Kubernetes Integration. There is no information...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.2.1 Permission Check information disclosure

A vulnerability has been found in GitLab Community Edition and Enterprise Edition up to 12.2.1 (Bug Tracking Software) and classified as problematic. This vulnerability affects an unknown part of the component Permission Check. There is no...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.2.1 Markdown IP Address information disclosure

A vulnerability, which was classified as problematic, was found in GitLab Community Edition and Enterprise Edition up to 12.2.1 (Bug Tracking Software). This affects some unknown functionality of the component Markdown Handler. There is no...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.2.1 API information disclosure

A vulnerability, which was classified as problematic, has been found in GitLab Community Edition and Enterprise Edition up to 12.2.1 (Bug Tracking Software). Affected by this issue is an unknown functionality of the component API. There is no...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.2.1 Label Description HTML Injection cross site scripting

A vulnerability classified as problematic was found in GitLab Community Edition and Enterprise Edition up to 12.2.1 (Bug Tracking Software). Affected by this vulnerability is an unknown function of the component Label Description Handler. There...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.9.x/11.10.0 Merge Request privilege escalation

A vulnerability classified as critical has been found in GitLab Community Edition and Enterprise Edition up to 11.9.x/11.10.0. Affected is some unknown processing. Upgrading to version 11.10.1 eliminates this vulnerability.
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.2.1 Markdown Expression Exhaustion denial of service

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 12.2.1. It has been rated as problematic. This issue affects an unknown code block of the component Markdown Handler. There is no information about possible...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 12.2.1 Internal Endpoint privilege escalation

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 12.2.1. It has been declared as critical. This vulnerability affects an unknown code of the component Internal Endpoint. There is no information about possible...
Auteur: VulDB

TELESTAR Imperial i600 Access Control /set_dname privilege escalation

A vulnerability was found in TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt and Imperial i600. It has been classified as...
Auteur: VulDB

Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 JUCI ACL Key information disclosure

A vulnerability was found in Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 and classified as problematic. Affected by this issue is some unknown functionality of the component JUCI ACL. There is no information about possible countermeasures...
Auteur: VulDB

Intel Microprocessor DDIO Cache information disclosure

A vulnerability has been found in Intel Microprocessor (affected version unknown) and classified as problematic. Affected by this vulnerability is an unknown functionality of the component DDIO Cache. There is no information about possible...
Auteur: VulDB

Intel Easy Streaming Wizard up to 2.1 File Permission privilege escalation

A vulnerability, which was classified as critical, was found in Intel Easy Streaming Wizard up to 2.1. Affected is an unknown function of the component File Permission. Upgrading to version 2.1.0731 eliminates this vulnerability.
Auteur: VulDB

Apache Tapestry 5.4.0/5.4.1/5.4.2/5.4.3 on Windows /assets/ctx ContextResource directory traversal

A vulnerability, which was classified as problematic, has been found in Apache Tapestry 5.4.0/5.4.1/5.4.2/5.4.3 on Windows. This issue affects the function ContextResource of the file /assets/ctx. Upgrading to version 5.4.5 eliminates this...
Auteur: VulDB

Apache Tapestry 5.4.0/5.4.1/5.4.2/5.4.3 AppModule t:formdata information disclosure

A vulnerability classified as problematic was found in Apache Tapestry 5.4.0/5.4.1/5.4.2/5.4.3. This vulnerability affects the function AppModule. Upgrading to version 5.4.5 eliminates this vulnerability.
Auteur: VulDB

GPAC 0.7.1 isomedia/box_code_base.c dinf_Read denial of service

A vulnerability classified as problematic has been found in GPAC 0.7.1. This affects the function dinf_Read of the file isomedia/box_code_base.c. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

GPAC 0.7.1 isomedia/box_code_base.c audio_sample_entry_AddBox() memory corruption

A vulnerability was found in GPAC 0.7.1. It has been rated as critical. Affected by this issue is the function audio_sample_entry_AddBox() of the file isomedia/box_code_base.c. There is no information about possible countermeasures known. It may...
Auteur: VulDB
First234567891011Last

Événements SSI

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS