mardi 21 mai 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Cisco ARF/WRF File memory corruption [CVE-2019-1772]

A vulnerability has been found in Cisco WebEx Network Recording Player for Microsoft Windows and Webex Player for Microsoft Windows (Operating System) (affected version unknown) and classified as critical. Affected by this vulnerability is a...
Auteur: VulDB

Cisco ARF/WRF File memory corruption [CVE-2019-1771]

A vulnerability, which was classified as critical, was found in Cisco WebEx Network Recording Player for Microsoft Windows and Webex Player for Microsoft Windows (Operating System) (version unknown). Affected is a function of the component...
Auteur: VulDB

Cisco NX-OS CLI privilege escalation [CVE-2019-1770]

A vulnerability, which was classified as critical, has been found in Cisco NX-OS (Router Operating System) (unknown version). This issue affects some functionality of the component CLI. The manipulation with an unknown input leads to a...
Auteur: VulDB

Cisco NX-OS CLI privilege escalation [CVE-2019-1769]

A vulnerability classified as critical was found in Cisco NX-OS (Router Operating System) (the affected version is unknown). This vulnerability affects the functionality of the component CLI. The manipulation with an unknown input leads to a...
Auteur: VulDB

MiniUPnP MiniUPnPd up to 2.1 pcpserver.c copyIPv6IfDifferent denial of service

A vulnerability classified as problematic has been found in MiniUPnP MiniUPnPd up to 2.1. This affects the function copyIPv6IfDifferent of the file pcpserver.c. The manipulation with an unknown input leads to a denial of service vulnerability...
Auteur: VulDB

MiniUPnP MiniUPnPd up to 2.1 upnpredirect.c AddPortMapping denial of service

A vulnerability was found in MiniUPnP MiniUPnPd up to 2.1. It has been rated as problematic. Affected by this issue is the function AddPortMapping of the file upnpredirect.c. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

MiniUPnP MiniUPnPd up to 2.1 upnpsoap.c GetOutboundPinholeTimeout denial of service

A vulnerability was found in MiniUPnP MiniUPnPd up to 2.1. It has been declared as problematic. Affected by this vulnerability is the function GetOutboundPinholeTimeout of the file upnpsoap.c. The manipulation with an unknown input leads to a...
Auteur: VulDB

MiniUPnP MiniUPnPd up to 2.1 upnpsoap.c GetOutboundPinholeTimeout denial of service

A vulnerability was found in MiniUPnP MiniUPnPd up to 2.1. It has been classified as problematic. Affected is the function GetOutboundPinholeTimeout of the file upnpsoap.c. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

MiniUPnP MiniUPnPd up to 2.1 upnpevents.c upnp_event_prepare Return Value information disclosure

A vulnerability was found in MiniUPnP MiniUPnPd up to 2.1 and classified as problematic. This issue affects the function upnp_event_prepare of the file upnpevents.c. The manipulation as part of a Return Value leads to a information disclosure...
Auteur: VulDB

MiniUPnP MiniSSDPd 1.4/1.5 minissdpd.c updateDevice denial of service

A vulnerability has been found in MiniUPnP MiniSSDPd 1.4/1.5 and classified as problematic. This vulnerability affects the function updateDevice of the file minissdpd.c. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

Heimdal 7.6.0 lib/krb5/init_creds_pw.c weak authentication

A vulnerability, which was classified as critical, was found in Heimdal 7.6.0. This affects a function in the library lib/krb5/init_creds_pw.c. The manipulation with an unknown input leads to a weak authentication vulnerability...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.7.7/11.8.3/11.9.1 Resolve Conflicts Page Persistent cross site scripting

A vulnerability, which was classified as problematic, has been found in GitLab Community Edition and Enterprise Edition up to 11.7.7/11.8.3/11.9.1. Affected by this issue is some functionality of the component Resolve Conflicts Page. The...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.7.7/11.8.3/11.9.1 Permission privilege escalation

A vulnerability classified as critical was found in GitLab Community Edition and Enterprise Edition up to 11.7.7/11.8.3/11.9.1. Affected by this vulnerability is the functionality of the component Permission. The manipulation with an unknown...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.7.7/11.8.3/11.9.1 EXIF Data Location information disclosure

A vulnerability classified as problematic has been found in GitLab Community Edition and Enterprise Edition up to 11.7.7/11.8.3/11.9.1. Affected is an unknown function of the component EXIF Data Handler. The manipulation with an unknown input...
Auteur: VulDB

GitLab Community Edition/Enterprise Edition up to 11.7.7/11.8.3/11.9.1 Access Control privilege escalation

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 11.7.7/11.8.3/11.9.1. It has been rated as critical. This issue affects some processing of the component Access Control. The manipulation with an unknown input...
Auteur: VulDB

ntp up to 4.2.8p12 NULL Pointer Dereference denial of service

A vulnerability was found in ntp up to 4.2.8p12. It has been declared as problematic. This vulnerability affects a code block. The manipulation with an unknown input leads to a denial of service vulnerability (NULL Pointer Dereference). The CWE...
Auteur: VulDB

FreeBSD up to 11.2/11.3/12.0 Packet Filter ICMPv6 Packet privilege escalation

A vulnerability was found in FreeBSD up to 11.2/11.3/12.0 (Operating System). It has been classified as critical. This affects code of the component Packet Filter. The manipulation as part of a ICMPv6 Packet leads to a privilege escalation...
Auteur: VulDB

FreeBSD up to 11.2/11.3/12.0 Packet Filter IPv6 Packet privilege escalation

A vulnerability was found in FreeBSD up to 11.2/11.3/12.0 (Operating System) and classified as critical. Affected by this issue is a part of the component Packet Filter. The manipulation as part of a IPv6 Packet leads to a privilege escalation...
Auteur: VulDB

VMware Workstation up to 15.0.x DLL Loader privilege escalation

A vulnerability has been found in VMware Workstation up to 15.0.x (Virtualization Software) and classified as critical. Affected by this vulnerability is a functionality of the component DLL Loader. The manipulation with an unknown input leads...
Auteur: VulDB

Dell EMC RecoverPoint/RecoverPoint for VMs Boxmgmt CLI OS Command Injection privilege escalation

A vulnerability, which was classified as critical, was found in Dell EMC RecoverPoint and RecoverPoint for VMs (Backup Software) (version unknown). Affected is a function of the component Boxmgmt CLI. The manipulation with an unknown input...
Auteur: VulDB

Dell EMC RSA NetWitness Platform/RSA Security Analytics command injection

A vulnerability, which was classified as critical, has been found in Dell EMC RSA NetWitness Platform and RSA Security Analytics (unknown version). This issue affects some functionality. The manipulation with an unknown input leads to a...
Auteur: VulDB

Dell EMC RSA NetWitness Platform/RSA Security Analytics Authorization privilege escalation

A vulnerability classified as critical was found in Dell EMC RSA NetWitness Platform and RSA Security Analytics (the affected version is unknown). This vulnerability affects the functionality of the component Authorization. The manipulation with...
Auteur: VulDB

McAfee Network Security Manager up to 9.1 Update 4 cross site scripting

A vulnerability classified as problematic has been found in McAfee Network Security Manager up to 9.1 Update 4. This affects an unknown function. The manipulation with an unknown input leads to a cross site scripting vulnerability. CWE is...
Auteur: VulDB

McAfee Endpoint Security up to 10.6.0 May 2019 Update Firewall privilege escalation

A vulnerability was found in McAfee Endpoint Security up to 10.6.0 May 2019 Update. It has been rated as critical. Affected by this issue is some processing of the component Firewall. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Cisco NX-OS CLI command injection memory corruption

A vulnerability was found in Cisco NX-OS (Router Operating System) (affected version unknown). It has been declared as critical. Affected by this vulnerability is a code block of the component CLI. The manipulation with an unknown input leads...
Auteur: VulDB
First3456789101112Last

Événements SSI

READY FOR IT

La première édition de Ready For IT se déroule du 20 au 22 mai 2019 à Monaco (Grimaldi Forum) : conférences, keynotes, ateliers et rendez-vous one-to-one. Organisé par DG Consultants.

Présentation de l'événement par l'organisateur

DG Consultants, l’organisateur depuis 18 ans des Assises de la Sécurité, innove en lançant Ready For It, un nouveau rendez-vous business, centré sur la convergence des technologies et l’expérience client.
Pourquoi ce nouvel événement ?
Parce que la demande explose de la part des entreprises qui sont toutes engagées dans la transformation numérique.
Tandis que les fournisseurs font évoluer leurs offres et s’organisent en écosystèmes technologiques afin d’ être au plus proches des besoins de leurs clients.
Entre les impératifs business, les demandes des métiers, les contraintes techniques, les promesses des nouveaux concepts (IA, BlockChain…), les organisations sont en attente de solutions, de conseils et de service.
S’engager dans le Cloud ?
Oui mais comment et avec quel partenaire ?
Structurer les données mais avec quelles technologies et dans quel cadre ? Et quid de la sécurité qui doit désormais être au cœur de tous les processus IT ?
Voilà pourquoi DG Consultants, la référence dans le monde des rencontres d’affaires a conçu Ready For It.
Pour réunir dans un cadre convivial et autour de contenu de qualité tous les acteurs importants de l’IT, mais également les start-ups qui savent apporter l’innovation et la « disruption ».
Rendez-vous du 20 au 22 mai 2019 à Monaco !

Plus d'infos sur le site dédié à l'événement.

 

HACK IN PARIS

Pour sa 9ème édition la conférence Hack In Paris sur la sécurité IT se tient du 16 au 20 juin 2019 à Paris, Maison de la Chimie. Organisée par Sysdream.

RSS