mercredi 16 octobre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Cobham Explorer 710 1.08 Default Admin Password weak authentication

A vulnerability classified as critical was found in Cobham Explorer 710 1.08. Affected by this vulnerability is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected object with...
Auteur: VulDB

Cobham Explorer 710 1.07 Web Application Portal Cleartext weak encryption

A vulnerability classified as critical has been found in Cobham Explorer 710 1.07. Affected is an unknown part of the component Web Application Portal. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Cobham Explorer 710 1.07 Web Application Portal privilege escalation

A vulnerability was found in Cobham Explorer 710 1.07. It has been rated as critical. This issue affects some unknown functionality of the component Web Application Portal. Addressing this vulnerability is possible by firewalling .
Auteur: VulDB

Cobham Explorer 710 1.07 Access Restriction privilege escalation

A vulnerability was found in Cobham Explorer 710 1.07. It has been declared as critical. This vulnerability affects an unknown functionality of the component Access Restriction. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Cobham Explorer 710 1.07 Web Application Portal weak authentication

A vulnerability was found in Cobham Explorer 710 1.07. It has been classified as critical. This affects an unknown function of the component Web Application Portal. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Tracker PDF-XChange Editor prior 8.0.330.0 NTLM SSO Hash information disclosure

A vulnerability was found in Tracker PDF-XChange Editor and classified as problematic. Affected by this issue is some unknown processing of the component NTLM SSO Hash Handler. Upgrading to version 8.0.330.0 eliminates this vulnerability.
Auteur: VulDB

Craft CMS up to 3.3.7 name Stored cross site scripting

A vulnerability has been found in Craft CMS up to 3.3.7 (Content Management System) and classified as problematic. Affected by this vulnerability is an unknown code block. Upgrading to version 3.3.8 eliminates this vulnerability.
Auteur: VulDB

Swagger UI up to 3.23.10 CSS JSON Data cross site request forgery

A vulnerability, which was classified as problematic, was found in Swagger UI up to 3.23.10. Affected is an unknown code of the component CSS Handler. Upgrading to version 3.23.11 eliminates this vulnerability.
Auteur: VulDB

laravel-bjyblog 6.1.1 URL cross site scripting

A vulnerability, which was classified as problematic, has been found in laravel-bjyblog 6.1.1. This issue affects an unknown part of the component URL Handler. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Jiangnan Online Judge 0.8.0 web/admin/problem/create Problem[sample_input] cross site scripting

A vulnerability classified as problematic was found in Jiangnan Online Judge 0.8.0. This vulnerability affects some unknown functionality of the file web/admin/problem/create. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Jiangnan Online Judge 0.8.0 web/admin/problem/create Problem[description] cross site scripting

A vulnerability classified as problematic has been found in Jiangnan Online Judge 0.8.0. This affects an unknown functionality of the file web/admin/problem/create. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Jiangnan Online Judge 0.8.0 File Upload ProblemController Filename privilege escalation

A vulnerability was found in Jiangnan Online Judge 0.8.0. It has been rated as critical. Affected by this issue is an unknown function of the file app\modules\polygon\controllers\ProblemController of the component File Upload. There is no...
Auteur: VulDB

Jiangnan Online Judge 0.8.0 create Problem[title] cross site scripting

A vulnerability was found in Jiangnan Online Judge 0.8.0. It has been declared as problematic. Affected by this vulnerability is some unknown processing of the file web/polygon/problem/create. There is no information about possible...
Auteur: VulDB

b3log Symphony up to 3.5.x HTTP Header User-Agent cross site scripting

A vulnerability was found in b3log Symphony up to 3.5.x. It has been classified as problematic. Affected is an unknown code block of the component HTTP Header Handler. Upgrading to version 3.6.0 eliminates this vulnerability.
Auteur: VulDB

Libntlm up to 1.5 smbutil.c memory corruption

A vulnerability was found in Libntlm up to 1.5 and classified as critical. This issue affects the function tSmbNtlmAuthRequest/tSmbNtlmAuthChallenge/tSmbNtlmAuthResponse of the file smbutil.c. There is no information about possible...
Auteur: VulDB

animate-it Plugin up to 2.3.5 on WordPress edsanimate.php cross site request forgery

A vulnerability has been found in animate-it Plugin up to 2.3.5 on WordPress (WordPress Plugin) and classified as problematic. This vulnerability affects an unknown part of the file edsanimate.php. Upgrading to version 2.3.6 eliminates this...
Auteur: VulDB

Softing uaGate SI/uaGate MB/uaGate 840D up to 1.71.00.1225 CGI Script Parameter command injection

A vulnerability, which was classified as critical, was found in Softing uaGate SI, uaGate MB and uaGate 840D up to 1.71.00.1225. This affects some unknown functionality of the component CGI Script. There is no information about possible...
Auteur: VulDB

EOS up to 4.22 Label Distribution Protocol race condition denial of service

A vulnerability, which was classified as problematic, has been found in EOS up to 4.22. Affected by this issue is an unknown functionality of the component Label Distribution Protocol. There is no information about possible countermeasures known....
Auteur: VulDB

Softing uaGate SI 1.60.01 privilege escalation [CVE-2019-11528]

A vulnerability classified as critical was found in Softing uaGate SI 1.60.01. Affected by this vulnerability is an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

Softing uaGate SI 1.60.01 CGI Script url command injection

A vulnerability classified as critical has been found in Softing uaGate SI 1.60.01. Affected is some unknown processing of the component CGI Script. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Softing uaGate SI 1.60.01 Maintenance Script Injection privilege escalation

A vulnerability was found in Softing uaGate SI 1.60.01. It has been rated as critical. This issue affects an unknown code block of the component Maintenance Script. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

VMware Workstation/Fusion IPv6 IPv6 Packet denial of service

A vulnerability was found in VMware Workstation and Fusion (Virtualization Software) (the affected version unknown). It has been classified as problematic. This affects an unknown part of the component IPv6 Handler. There is no information about...
Auteur: VulDB

VMware ESXi/Workstation/Fusion/VMRC/Horizon Client Virtual Sound Device Use-After-Free memory corruption

A vulnerability was found in VMware ESXi, Workstation, Fusion, VMRC and Horizon Client (Virtualization Software) and classified as critical. Affected by this issue is some unknown functionality of the component Virtual Sound Device. There is no...
Auteur: VulDB

IBM Maximo Anywhere 7.6.0/7.6.1/7.6.2/7.6.3 Root Detection information disclosure

A vulnerability has been found in IBM Maximo Anywhere 7.6.0/7.6.1/7.6.2/7.6.3 (Asset Management Software) and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Root Detection. There is no...
Auteur: VulDB

Bento4 1.5.1.0 Core/Ap4Descriptor.h AP4_Descriptor::GetTag denial of service

A vulnerability, which was classified as problematic, was found in Bento4 1.5.1.0 (Multimedia Player Software). Affected is the function AP4_Descriptor::GetTag of the file Core/Ap4Descriptor.h. There is no information about possible...
Auteur: VulDB
First3456789101112Last

Événements SSI

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS