jeudi 17 octobre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Navigate CMS 2.8 navigate_upload.php Request cross site scripting

A vulnerability, which was classified as problematic, has been found in Navigate CMS 2.8. This issue affects an unknown function of the file navigate_upload.php. The manipulation as part of a Request leads to a cross site scripting vulnerability...
Auteur: VulDB

PHP Scripts Mall Website Seller Script 2.0.5 Keyword cross site scripting

A vulnerability was found in PHP Scripts Mall Website Seller Script 2.0.5. It has been rated as problematic. Affected by this issue is an unknown function of the component Keyword Handler. The manipulation with an unknown input leads to a cross...
Auteur: VulDB

PHP Scripts Mall Market Place Script 1.0.1 Keyword cross site scripting

A vulnerability was found in PHP Scripts Mall Market Place Script 1.0.1. It has been declared as problematic. Affected by this vulnerability is an unknown function of the component Keyword Handler. The manipulation with an unknown input leads to...
Auteur: VulDB

PHP Scripts Mall Domain Lookup Script 3.0.5 Search Bar cross site scripting

A vulnerability was found in PHP Scripts Mall Domain Lookup Script 3.0.5. It has been classified as problematic. Affected is an unknown function of the component Search Bar. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

PHP Scripts Mall Olx Clone 3.4.2 cross site scripting [CVE-2018-16326]

A vulnerability was found in PHP Scripts Mall Olx Clone 3.4.2 and classified as problematic. This issue affects an unknown function. The manipulation with an unknown input leads to a cross site scripting vulnerability. Using CWE to declare the...
Auteur: VulDB

IBM Rational Quality Manager up to 6.0.6 Web UI cross site scripting

A vulnerability has been found in IBM Rational Quality Manager up to 6.0.6 and classified as problematic. This vulnerability affects an unknown function of the component Web UI. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

IBM Rational Quality Manager up to 6.0.6 Web UI cross site scripting

A vulnerability, which was classified as problematic, was found in IBM Rational Quality Manager up to 6.0.6. This affects an unknown function of the component Web UI. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

IBM Rational Quality Manager up to 6.0.6 Web UI cross site scripting

A vulnerability, which was classified as problematic, has been found in IBM Rational Quality Manager up to 6.0.6. Affected by this issue is an unknown function of the component Web UI. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

MediaWiki Web Access 1.31.0 .htaccess privilege escalation

A vulnerability classified as critical was found in MediaWiki Web Access 1.31.0. Affected by this vulnerability is an unknown function of the file .htaccess. The manipulation with an unknown input leads to a privilege escalation vulnerability....
Auteur: VulDB

Apache Tomcat up to 7.0.90/8.5.33/9.0.11 URL Open Redirect

A vulnerability was found in Apache Tomcat up to 7.0.90/8.5.33/9.0.11. It has been classified as critical. This affects an unknown function of the component URL Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

MediaWiki up to 1.31.0/1.30.0/1.29.2/1.27.4 BotPasswords privilege escalation

A vulnerability was found in MediaWiki up to 1.31.0/1.30.0/1.29.2/1.27.4 and classified as critical. Affected by this issue is an unknown function of the component BotPasswords. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

MediaWiki up to 1.31.0/1.30.0/1.29.2/1.27.4 Special:Redirect/logid information disclosure

A vulnerability has been found in MediaWiki up to 1.31.0/1.30.0/1.29.2/1.27.4 and classified as problematic. Affected by this vulnerability is an unknown function of the file Special:Redirect/logid. The manipulation with an unknown input leads...
Auteur: VulDB

MediaWiki up to 1.31.0/1.30.0/1.29.2/1.27.4 wgRateLimits privilege escalation

A vulnerability, which was classified as critical, was found in MediaWiki up to 1.31.0/1.30.0/1.29.2/1.27.4. Affected is an unknown function. The manipulation of the argument wgRateLimits with an unknown input leads to a privilege escalation...
Auteur: VulDB

NetApp E-Series SANtricity OS Controller Software up to 11.30.5 Remote Code Execution

A vulnerability, which was classified as critical, has been found in NetApp E-Series SANtricity OS Controller Software up to 11.30.5. Affected by this issue is an unknown function. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

IBM 3.0.2/3.0.4/3.0.6/3.2.0 sql injection [CVE-2018-1819]

A vulnerability classified as critical was found in IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2/3.0.4/3.0.6/3.2.0. Affected by this vulnerability is an unknown function. The manipulation with an unknown input...
Auteur: VulDB

IBM Financial Transaction Manager 3.0.2 Log File information disclosure

A vulnerability classified as problematic was found in IBM Financial Transaction Manager 3.0.2. This vulnerability affects an unknown function of the component Log File Handler. The manipulation with an unknown input leads to a information...
Auteur: VulDB

PHP Scripts Mall Open Source Real-Estate Script 3.6.2 img information disclosure

A vulnerability classified as problematic has been found in PHP Scripts Mall Open Source Real-Estate Script 3.6.2. This affects an unknown function of the file wp-content/themes/template_dp_dec2015/img. The manipulation with an unknown input...
Auteur: VulDB

SuSE Linux SMT up to 3.0.36 Sibling Server Host Header spoofing weak authentication

A vulnerability classified as critical has been found in SuSE Linux SMT up to 3.0.36. Affected is an unknown function of the component Sibling Server Handler. The manipulation as part of a Host Header leads to a weak authentication vulnerability...
Auteur: VulDB

SuSE Linux SMT up to 3.0.36 Blocking Element XML External Entity

A vulnerability was found in SuSE Linux SMT up to 3.0.36. It has been rated as critical. This issue affects an unknown function of the component Blocking Element Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

SuSE Linux SMT up to 3.0.36 RegistrationSharing sql injection

A vulnerability was found in SuSE Linux SMT up to 3.0.36. It has been declared as critical. This vulnerability affects an unknown function of the component RegistrationSharing. The manipulation with an unknown input leads to a sql injection...
Auteur: VulDB

Cisco Releases Security Updates

Original release date: October 03, 2018 Cisco has released security updates to address multiple vulnerabilities affecting Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected...
Auteur: US Cert

FTC Issues Alert on Recent Facebook Breach

Original release date: October 03, 2018 The Federal Trade Commission (FTC) has released an alert to provide Facebook users with recommended precautions against identity theft after the recent breach of the Facebook social media...
Auteur: US Cert

Cisco Releases Security Updates for Multiple Products

Original release date: October 03, 2018 Cisco has released several updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC...
Auteur: US Cert

APTs Targeting IT Service Provider Customers

Original release date: October 03, 2018 The National Cybersecurity and Communications Integration Center (NCCIC) has received multiple reports of advanced persistent threat (APT) actors actively exploiting trust relationships in...
Auteur: US Cert

CERTFR-2018-AVI-467 : Multiples vulnérabilités dans Mozilla Firefox (03 octobre 2018)

De multiples vulnérabilités ont été découvertes dans Mozilla Firefox. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur et une exécution de code arbitraire à distance.

Auteur: Cert FR
First697698699700701702703704705706Last

Événements SSI

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS