vendredi 15 février 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Live555 0.95 Setup Packet Memory Leak denial of service

A vulnerability was found in Live555 0.95. It has been rated as problematic. This issue affects some processing of the component Setup Packet Handler. The manipulation with an unknown input leads to a denial of service vulnerability (Memory...
Auteur: VulDB

MyWebSQL 3.7 Backup Archive File Remote Code Execution

A vulnerability was found in MyWebSQL 3.7. It has been declared as critical. This vulnerability affects a code block of the component Backup Handler. The manipulation as part of a Archive File leads to a privilege escalation vulnerability (Code...
Auteur: VulDB

MyWebSQL 3.7 ?q=wrkfrm&type=databases cross site request forgery

A vulnerability was found in MyWebSQL 3.7. It has been classified as problematic. This affects code of the file /?q=wrkfrm&type=databases. The manipulation with an unknown input leads to a cross site request forgery vulnerability. CWE is...
Auteur: VulDB

PMD up to 5.8.1 XML Data Request privilege escalation

A vulnerability was found in PMD up to 5.8.1 and classified as problematic. Affected by this issue is a part of the component XML Data Handler. The manipulation as part of a Request leads to a privilege escalation vulnerability. Using CWE to...
Auteur: VulDB

Django up to 1.11.18/2.0.10/2.1.5 django.utils.numberformat.format() denial of service

A vulnerability has been found in Django up to 1.11.18/2.0.10/2.1.5 (Content Management System) and classified as problematic. Affected by this vulnerability is the function django.utils.numberformat.format(). The manipulation with an unknown...
Auteur: VulDB

runc up to 1.0-rc6 /proc/self/exe privilege escalation

A vulnerability, which was classified as critical, was found in runc up to 1.0-rc6. Affected is a function of the file /proc/self/exe. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is classifying the...
Auteur: VulDB

Bitcoin Core/Bitcoin Knots Access Control Request privilege escalation

A vulnerability, which was classified as critical, has been found in Bitcoin Core and Bitcoin Knots. This issue affects some functionality of the component Access Control. The manipulation as part of a Request leads to a privilege escalation...
Auteur: VulDB

MailSherlock up to 1.5 letgo.cgi select_mid sql injection

A vulnerability classified as critical was found in MailSherlock up to 1.5. This vulnerability affects the functionality of the file letgo.cgi. The manipulation of the argument select_mid as part of a Parameter leads to a sql injection...
Auteur: VulDB

MailMate up to 1.11.2 Secure Mail unknown vulnerability [CVE-2018-15588]

A vulnerability classified as critical has been found in MailMate up to 1.11.2. This affects an unknown function of the component Secure Mail Handler. The impact remains unknown. The summary by CVE is:MailMate before 1.11.3 mishandles a...
Auteur: VulDB

GNOME Evolution up to 3.28.2 OpenPGP Signature spoofing

A vulnerability was found in GNOME Evolution up to 3.28.2. It has been rated as critical. Affected by this issue is some processing of the component OpenPGP Signature Handler. The manipulation with an unknown input leads to a spoofing...
Auteur: VulDB

Enigmail up to 2.0.5 OpenPGP Signature HTML Email spoofing

A vulnerability was found in Enigmail up to 2.0.5. It has been declared as critical. Affected by this vulnerability is a code block of the component OpenPGP Signature Handler. The manipulation as part of a HTML Email leads to a spoofing...
Auteur: VulDB

Google Android Linux Kernel Out-of-Bounds memory corruption

A vulnerability was found in Google Android (Smartphone Operating System). It has been classified as critical. Affected is code of the component Linux Kernel. The manipulation with an unknown input leads to a memory corruption vulnerability...
Auteur: VulDB

Eclipse OpenJ9 0.11.0 JIT Compiler unknown vulnerability [CVE-2018-12549]

A vulnerability was found in Eclipse OpenJ9 0.11.0 and classified as critical. This issue affects a part of the component JIT Compiler. The impact remains unknown. The summary by CVE is:In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler...
Auteur: VulDB

Eclipse OpenJ9 up to 0.11.x API jio_snprintf/jio_vsnprintf length memory corruption

A vulnerability has been found in Eclipse OpenJ9 up to 0.11.x and classified as critical. This vulnerability affects the function jio_snprintf/jio_vsnprintf of the component API Handler. The manipulation of the argument length as part of a...
Auteur: VulDB

Google Android Linux Kernel Uninitialized Memory information disclosure

A vulnerability, which was classified as problematic, was found in Google Android (Smartphone Operating System). This affects a function of the component Linux Kernel. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

Google Android Linux Kernel Stack-based memory corruption

A vulnerability, which was classified as critical, has been found in Google Android (Smartphone Operating System). Affected by this issue is some functionality of the component Linux Kernel. The manipulation with an unknown input leads to a...
Auteur: VulDB

Google Android Linux Kernel Uninitialized Memory information disclosure

A vulnerability classified as problematic was found in Google Android (Smartphone Operating System). Affected by this vulnerability is the functionality of the component Linux Kernel. The manipulation with an unknown input leads to a information...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDX24 Radio Index unknown vulnerability

A vulnerability classified as critical has been found in Qualcomm Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Voice & Music (Chip Software). Affected is an unknown...
Auteur: VulDB

Qualcomm Snapdragon Auto up to SDM660 SCP11 Sample OCE Code memory corruption

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT and Snapdragon Mobile (Chip Software). It has...
Auteur: VulDB

DbNinja 3.2.7 includes\online.php task cross site scripting

A vulnerability, which was classified as problematic, has been found in DbNinja 3.2.7. This issue affects some functionality of the file includes\online.php. The manipulation of the argument task as part of a Parameter leads to a cross site...
Auteur: VulDB

DbNinja 3.2.7 data.php sessid weak authentication

A vulnerability classified as critical was found in DbNinja 3.2.7. This vulnerability affects the functionality of the file data.php. The manipulation of the argument sessid as part of a Parameter leads to a weak authentication vulnerability...
Auteur: VulDB

C.P.Sub up to 5.2 manage.php cross site request forgery

A vulnerability classified as problematic has been found in C.P.Sub up to 5.2. This affects an unknown function of the file manage.php?p=article_del&id. The manipulation with an unknown input leads to a cross site request forgery vulnerability....
Auteur: VulDB

Verydows 2.0 index.php cross site request forgery

A vulnerability was found in Verydows 2.0. It has been rated as problematic. Affected by this issue is some processing of the file index.php?m=backend&c=admin&a=add&step=submit. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

Lexmark CX/MX/X/XC/XM/XS/6500e Devices denial of service [CVE-2019-6489]

A vulnerability was found in Lexmark CX, MX, X, XC, XM, XS and 6500e. It has been declared as problematic. Affected by this vulnerability is a code block of the component Devices. The manipulation with an unknown input leads to a denial of...
Auteur: VulDB

Apache JSPWiki up to 2.10.5 URL cross site scripting

A vulnerability, which was classified as problematic, was found in Apache JSPWiki up to 2.10.5 (Content Management System). This affects a function of the component URL Handler. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB
First3456789101112Last

Événements SSI

ACCESSECURITY

AccesSecurity, salon euro-méditerranéen de la sécurité globale, se tient à Marseille (Chanot) les 6 et 7 mars 2019. Organisé par Safim.

IT & IT SECURITY MEETINGS

IT & IT Security Meetings, «salon des réseaux, du cloud, de la mobilité et de la sécurité informatique», se tient à Cannes, Palais des Festivals et des Congrès du 19 au 21 mars 2019. Organisé par Weyou Group.

RSS