jeudi 12 décembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Yaws up to 2.0.3 HTTP_PROXY privilege escalation

A vulnerability, which was classified as critical, was found in Yaws up to 2.0.3. This affects an unknown functionality. Upgrading to version 2.0.4 eliminates this vulnerability.
Auteur: VulDB

Erlang up to 22.1 inets HTTP_PROXY privilege escalation

A vulnerability, which was classified as critical, has been found in Erlang up to 22.1. Affected by this issue is an unknown function of the component inets. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

JBoss KeyCloak login-status-iframe.html cross site scripting

A vulnerability classified as problematic was found in JBoss KeyCloak (affected version unknown). Affected by this vulnerability is some unknown processing of the file login-status-iframe.html. There is no information about possible...
Auteur: VulDB

CPAN Data::UUID 1.219 on Perl Symlink privilege escalation

A vulnerability classified as critical has been found in CPAN Data::UUID 1.219 on Perl. Affected is an unknown code block. Applying a patch is able to eliminate this problem.
Auteur: VulDB

kde-workspace up to 4.10.4 Plasma Desktop crypt() denial of service

A vulnerability was found in kde-workspace up to 4.10.4. It has been rated as problematic. This issue affects the function crypt() of the component Plasma Desktop. Upgrading to version 4.10.5 eliminates this vulnerability. A possible mitigation...
Auteur: VulDB

Katello API OAuth Authentication denial of service [CVE-2013-4120]

A vulnerability was found in Katello (the affected version is unknown). It has been declared as problematic. This vulnerability affects an unknown part of the component API OAuth Authentication. There is no information about possible...
Auteur: VulDB

Monkey HTTP Daemon privilege escalation [CVE-2013-2183]

A vulnerability was found in Monkey HTTP Daemon (the affected version unknown). It has been classified as critical. This affects some unknown functionality. Applying a patch is able to eliminate this problem.
Auteur: VulDB

python-keystoneclient 0.2.3/0.2.4/0.2.5 Memcache weak encryption

A vulnerability was found in python-keystoneclient 0.2.3/0.2.4/0.2.5 and classified as critical. Affected by this issue is an unknown functionality of the component Memcache Handler. Upgrading eliminates this vulnerability. A possible mitigation...
Auteur: VulDB

python-keystoneclient 0.2.3/0.2.4/0.2.5 Memcache weak encryption

A vulnerability has been found in python-keystoneclient 0.2.3/0.2.4/0.2.5 and classified as critical. Affected by this vulnerability is an unknown function of the component Memcache Handler. Upgrading eliminates this vulnerability. A possible...
Auteur: VulDB

Monkey HTTP Daemon auth.c weak authentication

A vulnerability, which was classified as critical, was found in Monkey HTTP Daemon (version unknown). Affected is some unknown processing of the file auth.c. Upgrading eliminates this vulnerability.
Auteur: VulDB

rubygem-openshift-origin-controller API cartridge_cache.rb URI.prase() command injection

A vulnerability, which was classified as critical, has been found in rubygem-openshift-origin-controller (unknown version). This issue affects the function URI.prase() of the file cartridge_cache.rb of the component API. There is no information...
Auteur: VulDB

openstack-utils openstack-db Password information disclosure

A vulnerability classified as problematic was found in openstack-utils (Cloud Software) (the affected version is unknown). This vulnerability affects an unknown code of the component openstack-db. There is no information about possible...
Auteur: VulDB

Mozilla Firefox up to 20.0a1 Frame Crash denial of service

A vulnerability classified as problematic has been found in Mozilla Firefox up to 20.0a1. This affects an unknown part of the component Frame Handler. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Ovirt Node Lock Screen privilege escalation [CVE-2013-0293]

A vulnerability was found in Ovirt Node (affected version not known). It has been rated as critical. Affected by this issue is some unknown functionality of the component Lock Screen. Applying a patch is able to eliminate this problem.
Auteur: VulDB

Microsoft Windows up to Server 2019 OLE privilege escalation

A vulnerability was found in Microsoft Windows (Operating System). It has been rated as critical. This issue affects an unknown code block of the component OLE. Applying a patch is able to eliminate this problem. A possible mitigation has been...
Auteur: VulDB

Microsoft Windows up to Server 2019 AppX Deployment Server privilege escalation

A vulnerability was found in Microsoft Windows up to Server 2019 (Operating System). It has been declared as critical. This vulnerability affects an unknown code of the component AppX Deployment Server. Applying a patch is able to eliminate this...
Auteur: VulDB

Microsoft Windows 7 SP1 Windows Media Player information disclosure

A vulnerability was found in Microsoft Windows 7 SP1 (Operating System). It has been classified as problematic. This affects an unknown part of the component Windows Media Player. Applying a patch is able to eliminate this problem. A possible...
Auteur: VulDB

Microsoft Windows 7 SP1 Windows Media Player information disclosure

A vulnerability was found in Microsoft Windows 7 SP1 (Operating System) and classified as problematic. Affected by this issue is some unknown functionality of the component Windows Media Player. Applying a patch is able to eliminate this problem....
Auteur: VulDB

Microsoft Windows 7 SP1/Server 2008 R2 SP1/Server 2008 SP2 COM Server privilege escalation

A vulnerability has been found in Microsoft Windows 7 SP1/Server 2008 SP2/Server 2008 R2 SP1 (Operating System) and classified as critical. Affected by this vulnerability is an unknown functionality of the component COM Server. Applying a patch...
Auteur: VulDB

Microsoft Windows 10 1809/Server 2019 Printer Service privilege escalation

A vulnerability, which was classified as critical, was found in Microsoft Windows 10 1809/Server 2019 (Operating System). Affected is an unknown function of the component Printer Service. Applying a patch is able to eliminate this problem. A...
Auteur: VulDB

Microsoft Windows up to Server 2019 AppX Deployment Service privilege escalation

A vulnerability, which was classified as critical, has been found in Microsoft Windows (Operating System). This issue affects some unknown processing of the component AppX Deployment Service. Applying a patch is able to eliminate this problem. A...
Auteur: VulDB

Microsoft Windows up to Server 2019 Kernel information disclosure

A vulnerability classified as problematic was found in Microsoft Windows (Operating System). This vulnerability affects an unknown code block of the component Kernel. Applying a patch is able to eliminate this problem. A possible mitigation has...
Auteur: VulDB

Microsoft Windows up to Server 2019 Kernel information disclosure

A vulnerability classified as problematic has been found in Microsoft Windows (Operating System). This affects an unknown code of the component Kernel. Applying a patch is able to eliminate this problem. A possible mitigation has been published...
Auteur: VulDB

Microsoft Windows up to Server 2019 Hyper-V information disclosure

A vulnerability was found in Microsoft Windows (Operating System). It has been rated as problematic. Affected by this issue is an unknown part of the component Hyper-V. Applying a patch is able to eliminate this problem. A possible mitigation has...
Auteur: VulDB

Microsoft Windows up to Server 2019 GDI information disclosure

A vulnerability was found in Microsoft Windows (Operating System). It has been declared as problematic. Affected by this vulnerability is some unknown functionality of the component GDI. Applying a patch is able to eliminate this problem. A...
Auteur: VulDB
First45678910111213Last

Événements SSI

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS