lundi 18 novembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Foreman up to 1.14.x information disclosure [CVE-2016-7078]

A vulnerability was found in Foreman up to 1.14.x and classified as problematic. Affected by this issue is an unknown function. The manipulation with an unknown input leads to a information disclosure vulnerability. Using CWE to declare the...
Auteur: VulDB

Foreman up to 1.13.x Form Helper information disclosure

A vulnerability has been found in Foreman up to 1.13.x and classified as problematic. Affected by this vulnerability is an unknown function of the component Form Helper. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

OpenShift Enterprise 3 X.509 Certificate Validation weak authentication

A vulnerability, which was classified as critical, was found in OpenShift Enterprise 3. Affected is an unknown function of the component X.509 Certificate Validation. The manipulation with an unknown input leads to a weak authentication...
Auteur: VulDB

Monit up to 5.19.x cross site request forgery [CVE-2016-7067]

A vulnerability classified as critical has been found in Monit up to 5.19.x. This affects an unknown function. The manipulation with an unknown input leads to a cross site request forgery vulnerability. CWE is classifying the issue as CWE-352....
Auteur: VulDB

Red Hat JBoss Enterprise Application Platform up to 7.0.3 RBAC information disclosure

A vulnerability was found in Red Hat JBoss Enterprise Application Platform up to 7.0.3. It has been rated as problematic. Affected by this issue is an unknown function of the component RBAC. The manipulation with an unknown input leads to a...
Auteur: VulDB

Pacemaker up to 1.1.15 IPC Interface privilege escalation

A vulnerability was found in Pacemaker up to 1.1.15. It has been classified as critical. Affected is an unknown function of the component IPC Interface. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is...
Auteur: VulDB

PotPlayer 1.8.7556 PotPlayerMini.exe BytesPerSec/SamplesPerSec/Data_Chunk_Size memory corruption

A vulnerability was found in PotPlayer 1.8.7556. It has been classified as critical. Affected is an unknown function of the file PotPlayerMini.exe. The manipulation of the argument BytesPerSec/SamplesPerSec/Data_Chunk_Size as part of a WAV File...
Auteur: VulDB

FURUNO FELCOM 250/FELCOM 500 xml/permission.xml information disclosure

A vulnerability has been found in FURUNO FELCOM 250 and FELCOM 500 (the affected version is unknown) and classified as critical. This vulnerability affects an unknown function of the file xml/permission.xml. The manipulation with an unknown...
Auteur: VulDB

FURUNO FELCOM 250/FELCOM 500 Password sm_changepassword.cgi weak authentication

A vulnerability, which was classified as critical, has been found in FURUNO FELCOM 250 and FELCOM 500 (the affected version is unknown). Affected by this issue is an unknown function of the file /cgi-bin/sm_changepassword.cgi of the component...
Auteur: VulDB

PowerDNS Authoritative Server up to 3.4.10/4.0.1 Web Server TCP Connection denial of service

A vulnerability, which was classified as problematic, has been found in PowerDNS Authoritative Server up to 3.4.10/4.0.1. This issue affects an unknown function of the component Web Server. The manipulation as part of a TCP Connection leads to a...
Auteur: VulDB

CloudForms up to 5.6.2.1/5.7.0.6 Permission privilege escalation

A vulnerability classified as critical was found in CloudForms up to 5.6.2.1/5.7.0.6. This vulnerability affects an unknown function of the component Permission. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Drools Workbench directory traversal [CVE-2016-7041]

A vulnerability was found in Drools Workbench (the affected version is unknown). It has been declared as critical. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a directory traversal...
Auteur: VulDB

Samsung SmartThings Hub 0.20.17 Video-Core Process /cameras/XXXX/clips memory corruption

A vulnerability classified as critical has been found in Samsung SmartThings Hub 0.20.17. This affects an unknown function of the file /cameras/XXXX/clips of the component Video-Core Process. The manipulation with an unknown input leads to a...
Auteur: VulDB

Samsung SmartThings Hub 0.20.17 Video-Core Process /cameras/XXXX/clips memory corruption

A vulnerability was found in Samsung SmartThings Hub 0.20.17. It has been rated as critical. Affected by this issue is an unknown function of the file /cameras/XXXX/clips of the component Video-Core Process. The manipulation with an unknown...
Auteur: VulDB

Samsung SmartThings Hub STH-ETH-250 0.20.17 Credentials Stack-based memory corruption

A vulnerability classified as critical has been found in Samsung SmartThings Hub STH-ETH-250 0.20.17. Affected is an unknown function of the component Credentials Handler. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Pektron Passive Keyless Entry and Start 5.4 DST40 weak encryption

A vulnerability was found in Pektron Passive Keyless Entry and Start 5.4. It has been declared as critical. This vulnerability affects an unknown function of the component DST40. The manipulation with an unknown input leads to a weak encryption...
Auteur: VulDB

openstack-neutron up to 11.0.4/12.0.2/13.0.0.0b1 privilege escalation

A vulnerability has been found in openstack-neutron up to 11.0.4/12.0.2/13.0.0.0b1 and classified as critical. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

openstack-neutron up to 11.0.4/12.0.2/13.0.0.0b1 Linux Bridge ml2 Driver denial of service

A vulnerability, which was classified as problematic, was found in openstack-neutron up to 11.0.4/12.0.2/13.0.0.0b1. Affected is an unknown function of the component Linux Bridge ml2 Driver. The manipulation with an unknown input leads to a...
Auteur: VulDB

OpenStack rabbitmq privilege escalation [CVE-2018-14620]

A vulnerability, which was classified as critical, has been found in OpenStack rabbitmq (the affected version is unknown). This issue affects an unknown function. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Apache ActiveMQ Client up to 5.15.5 TLS Hostname Verification Man-in-the-Middle weak authentication

A vulnerability classified as critical was found in Apache ActiveMQ Client up to 5.15.5. This vulnerability affects an unknown function of the component TLS Hostname Verification. The manipulation with an unknown input leads to a weak...
Auteur: VulDB

b3log Solo 2.9.3 Site name Stored cross site scripting

A vulnerability was found in b3log Solo 2.9.3. It has been classified as problematic. This affects an unknown function of the component Site name. The manipulation with an unknown input leads to a cross site scripting vulnerability (Stored). CWE...
Auteur: VulDB

Fuel CMS 1.4.1 filter/data PHP Code Execution privilege escalation

A vulnerability was found in Fuel CMS 1.4.1. It has been classified as critical. Affected is an unknown function. The manipulation of the argument filter/data as part of a Parameter leads to a privilege escalation vulnerability (PHP Code...
Auteur: VulDB

Fuel CMS 1.4.1 layout/published/search_term sql injection

A vulnerability was found in Fuel CMS 1.4.1 and classified as critical. This issue affects an unknown function. The manipulation of the argument layout/published/search_term as part of a Parameter leads to a sql injection vulnerability. Using...
Auteur: VulDB

Eventum up to 3.3.x Open Redirect [CVE-2018-16761]

A vulnerability has been found in Eventum up to 3.3.x and classified as problematic. This vulnerability affects an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability (Redirect). The CWE...
Auteur: VulDB

EasyCMS v1.4 App/Common/common.php removeXSS cross site scripting

A vulnerability, which was classified as problematic, was found in EasyCMS v1.4. This affects the function removeXSS of the file App/Common/common.php. The manipulation with an unknown input leads to a cross site scripting vulnerability. CWE is...
Auteur: VulDB
First817818819820821822823824825826Last

Événements SSI

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS