jeudi 20 juin 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera up to 3.x Web Interface /etc/shadow directory traversal

A vulnerability classified as problematic has been found in Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera up to 3.x. This affects some unknown functionality of the file /etc/shadow of the component Web Interface. The manipulation...
Auteur: VulDB

HP IPP Parser memory corruption [CVE-2019-6327]

A vulnerability was found in HP Color LaserJet Pro M280-M281 Multifunction Printer and LaserJet Pro MFP M28-M31 Printer (Printing Software) (affected version not known). It has been rated as critical. Affected by this issue is an unknown...
Auteur: VulDB

HP Embedded Web Server memory corruption [CVE-2019-6326]

A vulnerability was found in HP Color LaserJet Pro M280-M281 Multifunction Printer and LaserJet Pro MFP M28-M31 Printer (Printing Software) (affected version unknown). It has been declared as critical. Affected by this vulnerability is an...
Auteur: VulDB

HP Embedded Web Server cross site request forgery [CVE-2019-6325]

A vulnerability was found in HP Color LaserJet Pro M280-M281 Multifunction Printer and LaserJet Pro MFP M28-M31 Printer (Printing Software) (version unknown). It has been classified as problematic. Affected is some unknown processing of the...
Auteur: VulDB

HP Embedded Web Server Stored cross site scripting

A vulnerability was found in HP Color LaserJet Pro M280-M281 Multifunction Printer and LaserJet Pro MFP M28-M31 Printer (Printing Software) (unknown version) and classified as problematic. This issue affects an unknown code block of the...
Auteur: VulDB

HP Embedded Web Server Reflected cross site scripting

A vulnerability has been found in HP Color LaserJet Pro M280-M281 Multifunction Printer and LaserJet Pro MFP M28-M31 Printer (Printing Software) (the affected version is unknown) and classified as problematic. This vulnerability affects an...
Auteur: VulDB

Kcodes NetUSB.ko Kernel Module Packet information disclosure

A vulnerability, which was classified as problematic, was found in Kcodes NetUSB.ko Kernel Module. This affects an unknown part. The manipulation as part of a Packet leads to a information disclosure vulnerability. CWE is classifying the issue...
Auteur: VulDB

Kcodes NetUSB.ko Kernel Module Crafted Packet memory corruption

A vulnerability, which was classified as critical, has been found in Kcodes NetUSB.ko Kernel Module. Affected by this issue is some unknown functionality. The manipulation as part of a Crafted Packet leads to a memory corruption vulnerability....
Auteur: VulDB

IBM Cognos Controller 10.2.0/10.2.1/10.3.0/10.3.1/10.4.0 Stored information disclosure

A vulnerability classified as problematic was found in IBM Cognos Controller 10.2.0/10.2.1/10.3.0/10.3.1/10.4.0 (Business Process Management Software). Affected by this vulnerability is an unknown functionality. The manipulation with an unknown...
Auteur: VulDB

IBM Cognos Controller 10.2.0/10.2.1/10.3.0/10.3.1/10.4.0 HTTP Method Bypass privilege escalation

A vulnerability classified as critical has been found in IBM Cognos Controller 10.2.0/10.2.1/10.3.0/10.3.1/10.4.0 (Business Process Management Software). Affected is an unknown function of the component HTTP Method Handler. The manipulation with...
Auteur: VulDB

IBM Cognos Controller 10.2.0/10.2.1/10.3.0/10.3.1/10.4.0 Stored information disclosure

A vulnerability was found in IBM Cognos Controller 10.2.0/10.2.1/10.3.0/10.3.1/10.4.0 (Business Process Management Software). It has been rated as problematic. This issue affects some unknown processing. The manipulation with an unknown input...
Auteur: VulDB

IBM Cognos Controller 10.2.0/10.2.1/10.3.0/10.3.1/10.4.0 HTTP Method HTTP Request information disclosure

A vulnerability was found in IBM Cognos Controller 10.2.0/10.2.1/10.3.0/10.3.1/10.4.0 (Business Process Management Software). It has been declared as problematic. This vulnerability affects an unknown code block of the component HTTP Method...
Auteur: VulDB

IBM Cognos Controller 10.2.0/10.2.1/10.3.0/10.3.1/10.4.0 Web UI cross site scripting

A vulnerability was found in IBM Cognos Controller 10.2.0/10.2.1/10.3.0/10.3.1/10.4.0. It has been classified as problematic. This affects an unknown code of the component Web UI. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

IBM Tivoli Netcool Impact 7.1.0 Remote Code Execution [CVE-2019-4103]

A vulnerability was found in IBM Tivoli Netcool Impact 7.1.0 and classified as critical. Affected by this issue is an unknown part. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code Execution). Using CWE...
Auteur: VulDB

radare2 up to 3.5.1 libr/core/cmd_mount.c Command memory corruption

A vulnerability has been found in radare2 up to 3.5.1 and classified as critical. Affected by this vulnerability is some unknown functionality of the file libr/core/cmd_mount.c. The manipulation as part of a Command leads to a memory corruption...
Auteur: VulDB

Twisted up to 19.2.1 XMPP Support words.protocols.jabber.xmlstream weak authentication

A vulnerability, which was classified as critical, was found in Twisted up to 19.2.1. Affected is the function words.protocols.jabber.xmlstream of the component XMPP Support. The manipulation with an unknown input leads to a weak authentication...
Auteur: VulDB

SeedDMS 5.1.11 out/out.GroupMgr.php GROUP cross site scripting

A vulnerability, which was classified as problematic, has been found in SeedDMS 5.1.11. This issue affects an unknown function of the file out/out.GroupMgr.php. The manipulation of the argument GROUP with an unknown input leads to a cross site...
Auteur: VulDB

Telus Actiontec T2200H T2200H-31.128L.08 UART privilege escalation

A vulnerability classified as critical was found in Telus Actiontec T2200H T2200H-31.128L.08. This vulnerability affects some unknown processing of the component UART Handler. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

WAGO 852-303/852-1305/852-1505 SSH/Telnet User weak authentication

A vulnerability classified as critical has been found in WAGO 852-303, 852-1305 and 852-1505 (the affected version unknown). This affects an unknown code block of the component SSH/Telnet. The manipulation with an unknown input leads to a weak...
Auteur: VulDB

WAGO 852-303/852-1305/852-1505 SSH Keys Default Key weak authentication

A vulnerability was found in WAGO 852-303, 852-1305 and 852-1505 (affected version not known). It has been rated as critical. Affected by this issue is an unknown code of the component SSH Keys Handler. The manipulation with an unknown input...
Auteur: VulDB

Open Ticket Request System up to 5.0.36/6.0.19/7.0.8 External Note information disclosure

A vulnerability was found in Open Ticket Request System up to 5.0.36/6.0.19/7.0.8. It has been declared as problematic. Affected by this vulnerability is an unknown part of the component External Note Handler. The manipulation with an unknown...
Auteur: VulDB

Zoho ManageEngine ADSelfService Plus up to 5.0.5 weak authentication

A vulnerability was found in Zoho ManageEngine ADSelfService Plus up to 5.0.5. It has been classified as critical. Affected is some unknown functionality. The manipulation with an unknown input leads to a weak authentication vulnerability. CWE...
Auteur: VulDB

Open Ticket Request System up to 5.0.36/6.0.19/7.0.7 Email privilege escalation

A vulnerability was found in Open Ticket Request System up to 5.0.36/6.0.19/7.0.7 (Ticket Tracking Software) and classified as critical. This issue affects an unknown functionality of the component Email Handler. The manipulation with an unknown...
Auteur: VulDB

Solarwinds Serv-U up to 15.1.6 on Linux privilege escalation

A vulnerability has been found in Solarwinds Serv-U up to 15.1.6 on Linux (File Transfer Software) and classified as critical. This vulnerability affects an unknown function. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

FreePBX 4.4.3 app/backup/index.php command injection

A vulnerability, which was classified as critical, was found in FreePBX 4.4.3. This affects some unknown processing of the file app/backup/index.php. The manipulation with an unknown input leads to a privilege escalation vulnerability (Command...
Auteur: VulDB
First45678910111213Last

Événements SSI

HACK IN PARIS

Pour sa 9ème édition la conférence Hack In Paris sur la sécurité IT se tient du 16 au 20 juin 2019 à Paris, Maison de la Chimie. Organisée par Sysdream.

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

Présentation par l'organisateur



Retour sur Les Assises 2018

La 18ème édition des Assises de la Sécurité à Monaco, c’est terminé ! Encore merci aux 2800 participants dont les 160 partenaires qui pendant trois jours se sont retrouvés pour faire vivre cet événement unique en France. Conférences, one-to-one, tables-rondes, ateliers, moments de networking… Par leur contenu, par la qualité des visiteurs et par la richesse des échanges, les Assises se positionnent plus que jamais comme le rendez-vous incontournable de tous les professionnels de la cybersécurité. A l’image du marché qui ne cesse d’évoluer, les Assises savent adapter leur offre afin de répondre au mieux aux attentes du secteur. Ainsi cette édition a-t-elle voulu mettre en avant les grands enjeux du moment en multipliant les prises de parole, les démonstrations et les retours d’expérience.

Rendez-vous maintenant pour la prochaine édition qui aura lieu du 9 au 12 octobre 2019

Plus d'informations sur le site dédié à l'événement.

RSS