mardi 16 juillet 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

SAP Information Steward 4.2 cross site scripting [CVE-2019-0329]

A vulnerability was found in SAP Information Steward 4.2. It has been declared as problematic. This vulnerability affects an unknown function. The manipulation with an unknown input leads to a cross site scripting vulnerability. The CWE...
Auteur: VulDB

SAP NetWeaver Process Integration up to 7.31 ABAP Tests Modules OS Command Injection privilege escalation

A vulnerability was found in SAP NetWeaver Process Integration up to 7.31. It has been classified as critical. This affects some unknown processing of the component ABAP Tests Modules. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

SAP NetWeaver for Java Application Server up to 7.31 File Upload privilege escalation

A vulnerability was found in SAP NetWeaver for Java Application Server up to 7.31 and classified as critical. Affected by this issue is an unknown code block of the component File Upload. The manipulation with an unknown input leads to a...
Auteur: VulDB

CERTFR-2019-AVI-324 : Multiples vulnérabilités dans Citrix SD-WAN (11 juillet 2019)

De multiples vulnérabilités ont été découvertes dans Citrix SD-WAN. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et une atteinte à l'intégrité des données.

Auteur: Cert FR

SAP Business Intelligence Platform 4.1/4.2/4.3 cross site scripting

A vulnerability has been found in SAP Business Intelligence Platform 4.1/4.2/4.3 and classified as problematic. Affected by this vulnerability is an unknown code. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

SAP ERP HCM 3 Authorization privilege escalation

A vulnerability, which was classified as critical, was found in SAP ERP HCM 3. Affected is an unknown part of the component Authorization. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is classifying...
Auteur: VulDB

SAP Commerce Cloud up to 1811 Flooding denial of service

A vulnerability, which was classified as problematic, has been found in SAP Commerce Cloud up to 1811. This issue affects some unknown functionality. The manipulation with an unknown input leads to a denial of service vulnerability (Flooding)....
Auteur: VulDB

SAP ABAP Server/ABAP Platform 7.4/7.5/7.31 cross site scripting

A vulnerability classified as problematic was found in SAP ABAP Server and ABAP Platform 7.4/7.5/7.31. This vulnerability affects an unknown functionality. The manipulation with an unknown input leads to a cross site scripting vulnerability. The...
Auteur: VulDB

SAP Gateway 7.5/7.51/7.52/7.53 Error Message Injection privilege escalation

A vulnerability classified as critical has been found in SAP Gateway 7.5/7.51/7.52/7.53. This affects an unknown function of the component Error Message Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

SAP NetWeaver Application Server for Java 7.21/7.22/7.45/7.49/7.53 privilege escalation

A vulnerability was found in SAP NetWeaver Application Server for Java 7.21/7.22/7.45/7.49/7.53 (Application Server Software). It has been rated as critical. Affected by this issue is some unknown processing. The manipulation with an unknown...
Auteur: VulDB

SAP SAPUI5/OpenUI5 up to 1.38.38/1.44.38/1.52.24/1.60.5 cross site scripting

A vulnerability was found in SAP SAPUI5 and OpenUI5 up to 1.38.38/1.44.38/1.52.24/1.60.5. It has been declared as problematic. Affected by this vulnerability is an unknown code block. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

Helpy up to 2.1.x Agents privilege escalation

A vulnerability was found in Helpy up to 2.1.x. It has been classified as critical. Affected is an unknown code of the component Agents. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is classifying the...
Auteur: VulDB

GitLab Enterprise Edition up to 11.3.10/11.4.7/11.5.0 Milestone Detail information disclosure

A vulnerability was found in GitLab Enterprise Edition up to 11.3.10/11.4.7/11.5.0 (Bug Tracking Software) and classified as problematic. This issue affects an unknown part of the component Milestone Detail Handler. The manipulation with an...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.3.10/11.4.7/11.5.0 Workhorse Log information disclosure

A vulnerability has been found in GitLab Community Edition and Enterprise Edition up to 11.3.10/11.4.7/11.5.0 (Bug Tracking Software) and classified as problematic. This vulnerability affects some unknown functionality of the component Workhorse...
Auteur: VulDB

GitLab Enterprise Edition up to 11.4.7/11.5.0 Object Merge Request information disclosure

A vulnerability, which was classified as problematic, was found in GitLab Enterprise Edition up to 11.4.7/11.5.0 (Bug Tracking Software). This affects an unknown functionality of the component Object Handler. The manipulation as part of a Merge...
Auteur: VulDB

GitLab Enterprise Edition up to 11.3.10/11.4.7/11.5.0 Object privilege escalation

A vulnerability, which was classified as critical, has been found in GitLab Enterprise Edition up to 11.3.10/11.4.7/11.5.0 (Bug Tracking Software). Affected by this issue is an unknown function of the component Object Handler. The manipulation ...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.3.10/11.4.7/11.5.0 Email privilege escalation

A vulnerability classified as critical was found in GitLab Community Edition and Enterprise Edition up to 11.3.10/11.4.7/11.5.0 (Bug Tracking Software). Affected by this vulnerability is some unknown processing of the component Email Handler. The...
Auteur: VulDB

GitLab Enterprise Edition 11.5.0 Operations Page cross site scripting

A vulnerability classified as problematic has been found in GitLab Enterprise Edition 11.5.0 (Bug Tracking Software). Affected is an unknown code block of the component Operations Page. The manipulation with an unknown input leads to a cross...
Auteur: VulDB

GitLab Enterprise Edition 11.5.0 Jaeger Tracing Operations Page information disclosure

A vulnerability was found in GitLab Enterprise Edition 11.5.0 (Bug Tracking Software). It has been rated as problematic. This issue affects an unknown code of the component Jaeger Tracing Operations Page. The manipulation with an unknown input...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.3.10/11.4.7/11.5.0 Access Control privilege escalation

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 11.3.10/11.4.7/11.5.0 (Bug Tracking Software). It has been declared as critical. This vulnerability affects an unknown part of the component Access Control. The...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.3.10/11.4.7/11.5.0 Access Control privilege escalation

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 11.3.10/11.4.7/11.5.0 (Bug Tracking Software). It has been classified as critical. This affects some unknown functionality of the component Access Control. The...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.3.10/11.4.7/11.5.0 Comment privilege escalation

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 11.3.10/11.4.7/11.5.0 (Bug Tracking Software) and classified as critical. Affected by this issue is an unknown functionality of the component Comment Handler. The...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.3.10/11.4.7/11.5.0 OAuth Authorization Page cross site scripting

A vulnerability has been found in GitLab Community Edition and Enterprise Edition up to 11.3.10/11.4.7/11.5.0 (Bug Tracking Software) and classified as problematic. Affected by this vulnerability is an unknown function of the component OAuth...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.3.10/11.4.7/11.5.0 Markdown cross site scripting

A vulnerability, which was classified as problematic, was found in GitLab Community Edition and Enterprise Edition up to 11.3.10/11.4.7/11.5.0 (Bug Tracking Software). Affected is some unknown processing of the component Markdown Handler. The...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition prior 11.3.11/11.4.8/11.5.1 privilege escalation

A vulnerability, which was classified as critical, has been found in GitLab Community Edition and Enterprise Edition (Bug Tracking Software). This issue affects an unknown code block. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB
First3456789101112Last

Événements SSI

BLACK HAT

Événement majeur mondial sur la sécurité de l'information la conférence Black Hat USA a lieu du 3 au 8 août 2019 à Las Vegas (Mandalay Bay). Organisé par UBM.


Présentation par l'organisateur

Now in its 22nd year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2019 opens with four days of technical Trainings (August 3-6) followed by the two-day main conference (August 7-8) featuring Briefings, Arsenal, Business Hall, and more.

 Plus d'infos sur le site dédié à l'événement.

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

Présentation par l'organisateur



Retour sur Les Assises 2018

La 18ème édition des Assises de la Sécurité à Monaco, c’est terminé ! Encore merci aux 2800 participants dont les 160 partenaires qui pendant trois jours se sont retrouvés pour faire vivre cet événement unique en France. Conférences, one-to-one, tables-rondes, ateliers, moments de networking… Par leur contenu, par la qualité des visiteurs et par la richesse des échanges, les Assises se positionnent plus que jamais comme le rendez-vous incontournable de tous les professionnels de la cybersécurité. A l’image du marché qui ne cesse d’évoluer, les Assises savent adapter leur offre afin de répondre au mieux aux attentes du secteur. Ainsi cette édition a-t-elle voulu mettre en avant les grands enjeux du moment en multipliant les prises de parole, les démonstrations et les retours d’expérience.

Rendez-vous maintenant pour la prochaine édition qui aura lieu du 9 au 12 octobre 2019

Plus d'informations sur le site dédié à l'événement.

RSS