Voici la liste des derniers avis du CERT-Renater en 2019 :


27 Dec 2019STAT52
23 Dec 2019VULN429 (VMware : VMSA-2019-0023 VMware Workstation and Horizon View Agent updates address a DLL-hijacking issue (CVE-2019-5539))Systems running VMware Workstation versions 15.x
20 Dec 2019STAT51
20 Dec 2019VULN428MediaWiki : MediaWiki 1.33.2, 1.32.6 and 1.31.6 fixes security vulnerabilitiesSystems running MediaWiki versions prior to 1.33.2,
20 Dec 2019VULN427Joomla! : Path Disclosure and SQL injections fixed in Joomla 3.9.14Systems running Joomla versions prior to 3.9.14.
20 Dec 2019VULN426Cyrus IMAP : Cyrus IMAP 2.5.15, 3.0.13 fix privilege escalation vulnerabilitySystems running Cyrus IMAP versions prior to
20 Dec 2019VULN425Drupal core : Multiple Vulnerabilities fixed in Drupal core-
20 Dec 2019VULN424Atlassian : Confluence Server and Data Center - Atlassian Companion,Man-in-the-Middle - CVE-2019-15006Systems running Confluence Server, Confluence Data
20 Dec 2019VULN423Apache Tomcat : Local Privilege Escalation and Session fixation vulnerabilities fixedSystems running Apache Tomcat versions prior to
20 Dec 2019VULN422Apache Log4j : CVE-2019-17571 Deserialization of untrusted data in SocketServerSystems running Apache Log4j versions up to and
20 Dec 2019VULN421Django : Django security releases issued: 3.0.1, 2.2.9, and 1.11.27Systems running Django versions prior to 3.0.1,
18 Dec 2019VULN419Citrix : Citrix Hypervisor Security UpdateSystems running Citrix Hypervisor versions 8.0,
18 Dec 2019VULN420Citrix : Vulnerability in Citrix Application Delivery Controller and Citrix GatewaySystems running Citrix NetScaler,
18 Dec 2019VULN418Drupal : Multiple vulnerabilities fixed in Drupal pluginsSystems running Permissions by Term for Drupal,
17 Dec 2019VULN417Jenkins : Jenkins Plugins Security Advisory 2019-12-17Systems running Alauda DevOps Pipeline Plugin for
17 Dec 2019VULN416TYPO3: Vulnerabilities in multiple third party TYPO3 CMS extensionsSystems running MKSamlAuth for TYPO3,
17 Dec 2019VULN415TYPO3-CORE: Multiple vulnerabilities fixed in TYPO3-CORE versions 8.7.30, 9.5.12, 10.2.2Systems running TYPO3-CORE versions prior to
17 Dec 2019VULN414Apache Incubator Superset: Apache Incubator Superset medata data leak vulnerabilitiesSystems running Apache Incubator Superset versions
16 Dec 2019VULN413WordPress: WordPress 5.3.1 Security and Maintenance ReleaseSystems running WordPress versions prior to 5.3.1.
16 Dec 2019VULN412Apache SpamAssassin: SpamAssassin 3.4.3 fixes arbitrary system commands execution and DoS vulnerabilitiesSystems running Apache SpamAssassin versions prior
16 Dec 2019VULN411.1-2 (Dovecot: Dovecot 2.3.9.2 fix Critical vulnerability CVE-2019-19722Systems running Dovecot versions prior to 2.3.9.2.
16 Dec 2019VULN411Dovecot: CVE-2019-19722 Critical vulnerability in DovecotSystems running Dovecot versions prior to 2.3.9.2.
16 Dec 2019VULN410SPIP : Mises à jour CRITIQUE de sécurité SPIP 3.2.7 et SPIP 3.1.12Systems running SPIP versions prior to 3.2.7,
13 Dec 2019STAT50
11 Dec 2019VULN409Xen: Multiple Security Vulnerabilities fixed in XenSystems running Xen.
11 Dec 2019VULN405Adobe: Security update available for Adobe Acrobat and Reader APSB19-55Systems running Adobe Acrobat, Adobe Reader
11 Dec 2019VULN408Adobe: Security Updates Available for Brackets APSB19-57Systems running Adobe Brackets versions prior to
11 Dec 2019VULN406Adobe: Security updates available for Adobe Photoshop CC APSB19-56Systems running Photoshop CC versions prior to
11 Dec 2019VULN407Adobe: Security updates available for ColdFusion APSB19-58Systems running Adobe ColdFusion2018 versions prior
11 Dec 2019VULN404GitLab: GitLab Critical Security Release 12.5.4, 12.4.6, and 12.3.9Systems running GitLab CE/EE versions prior to
11 Dec 2019VULN403Git : New Git versions fix various security flawsSystems running Git versions prior to 2.24.1,
11 Dec 2019VULN402Google Chrome: Chrome Stable Channel Update 79.0.3945.79 for DesktopSystems running Google Chrome versions prior to
11 Dec 2019VULN401APPLE: APPLE-SA-2019-12-10-4 APPLE-SA-2019-12-10-8 watchOS 5.3.4 and 6.1.1watchOS 5.3.4, 6.1.1.
11 Dec 2019VULN400APPLE: APPLE-SA-2019-12-10-5 tvOS 13.3tvOS versions prior to 13.3.
11 Dec 2019VULN399APPLE: APPLE-SA-2019-12-10-7 Xcode 11.3Systems running Xcode versions prior to 11.3.
11 Dec 2019VULN398APPLE: APPLE-SA-2019-12-10-6 Safari 13.0.4Systems running Safari versions prior to 13.0.4.
11 Dec 2019VULN397APPLE: APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High SierraAPPLE macOS X versions prior to 10.15.2.
11 Dec 2019VULN396APPLE: APPLE-SA-2019-12-10-1 APPLE-SA-2019-12-10-2 iOS 13.3, 12.4.4 and iPadOS 13.3iOS versions prior to 13.3, 12.4.4,
11 Dec 2019VULN395Microsoft: Microsoft Security Update Summary for December 10, 2019Systems running Internet Explorer, Microsoft Edge,
10 Dec 2019VULN393Unbound: Arbitrary shell code execution vulnerability fixedSystems running Unbound versions 1.6.4 up to and
10 Dec 2019VULN394Samba: Vulnerabilities fixed in Samba 4.11.3, 4.10.11 and 4.9.17Systems running Samba version.
10 Dec 2019VULN392 (OpenSSL: rsaz_512_sqr overflow bug on x86_64 (CVE-2019-1551))Systems running OpenSSL versions 1.1.1, 1.0.2.
10 Dec 2019VULN390RabbitMQ : integer overflow vulnerability in librabbitmqSystems running librabbitmq.
10 Dec 2019VULN391OpenBSD: Authentication vulnerabilities in OpenBSDOpenBSD cersions 6.5, 6.6.
10 Dec 2019VULN389 (Computer Associates: CA20191209-01 Security Notice for CA Nolio (Release Automation))Systems running CA Nolio (Release Automation)
6 Dec 2019STAT49
6 Dec 2019VULN388AUTODESK: DLL preloading vulnerability in Autodesk Desktop ApplicationSystems running Autodesk Desktop Application
6 Dec 2019VULN387Trend Micro: Trend Micro Security (Consumer) DLL Hijacking VulnerabilitySystems running Trend Micro Antivirus+ Security 2020
6 Dec 2019VULN386Microsoft: Microsoft Guidance for cleaning up orphaned keys generated on vulnerable TPMs and used for Windows Hello for BusinessSystems running Windows Hello for Business.
6 Dec 2019VULN385Symantec: Critical System Protection Authentication BypassSystems running Critical System Protection versions
6 Dec 2019VULN384Symantec: Norton Password Manager Multiple IssuesSystems running Norton Password Manager versions
6 Dec 2019VULN383phpMyAdmin: phpMyAdmin bugfix and 4.9.2 Security releaseSystems running phpMyAdmin versions prior to 4.9.2.
6 Dec 2019VULN382VMware : VMware ESXi and Horizon DaaS updates address OpenSLP RCE vulnerability CVE-2019-5544Systems running VMware ESXi, VMware Horizon DaaS.
5 Dec 2019VULN381Mozilla: Security Vulnerabilities fixed in Thunderbird 68.3Systems running Mozilla Thunderbird versions prior
5 Dec 2019VULN380Wireshark : CMS dissector crashSystems running wireshark versions prior to 3.0.7,
5 Dec 2019VULN379.1Mozilla: Security Vulnerabilities fixed in Firefox versions 71 and ESR 68.3Systems running Firefox versions prior to 71,
4 Dec 2019VULN379Apache Olingo: XML External Entity, DoS and Deserialization vulnerabilities fixedSystems running Firefox versions prior to 71,
4 Dec 2019VULN377Kaspersky: Security vulnerabilities fixed in multiple Kaspersky productsSystems running Kaspersky Secure Connection,
4 Dec 2019VULN378Apache Olingo: XML External Entity, DoS and Deserialization vulnerabilities fixedSystems running Apache Olingo versions prior to
2 Dec 2019VULN376Django: Django security releases issued: 2.2.8 and 2.1.15Systems running Django versions prior to 2.2.8,
29 Nov 2019STAT48
28 Nov 2019VULN374Apache Atlas : CVE-2019-10070 Apache Atlas Stored XSS Vulnerability in the search functionalitySystems running Apache Atlas versions 0.8.3, 1.1.0.
28 Nov 2019VULN373Apache Cordova : CVE-2019-0219 Apache Cordova InAppBrowser Privilege EscalationSystems running Apache Cordova versions prior to
28 Nov 2019VULN375Apache Solr : CVE-2019-12409: Apache Solr RCE vulnerability due to bad config defaultLinux running Apache Solr versions 8.1.1, 8.2.0.
28 Nov 2019VULN372GitLab : GitLab Security Release: 12.5.2, 12.4.5, and 12.3.8Systems running GitLab CE/EE versions 11.9 and
26 Nov 2019VULN371Xen : Device quarantine for alternate pci assignment methodsSystems running Xen.
26 Nov 2019VULN370 (Redmine : Redmine 3.3.10 release (incl. security fix))Systems running Redmine versions prior to 3.3.10.
22 Nov 2019VULN369Asterisk : Multiple Vulnerabilities fixedSystems running Asterisk Open Source versions prior
21 Nov 2019VULN368Apache NiFi : Apache NiFi multiple VulnerabilitiesSystems running Apache NiFi.
21 Nov 2019VULN367Jenkins : Jenkins Security Advisory 2019-11-21Systems running Anchore Container Image Scanner
21 Nov 2019VULN366Cisco : Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution VulnerabilityCisco Adaptive Security Appliance Software,
21 Nov 2019VULN365Bind : CVE-2019-6477 TCP-pipelined queries can bypass tcp-clients limitSystems running Bind versions prior to 9.11.13,
19 Nov 2019VULN364Symfony : Multiple vulnerabilities fixed in SymfonySystems running Symfony versions prior to 4.2.12,
18 Nov 2019VULN363Moodle : Multiple vulnerabilities fixed in MoodleSystems running Moodle versions prior to 3.7.3,
15 Nov 2019STAT46
14 Nov 2019VULN362Squid : Multiple vulnerabilities fixed in Squid version 4.9Systems running Squid versions prior to 4.9.
13 Nov 2019VULN361Microsoft : Microsoft Security Update Summary for November 12, 2019Systems running
8 Nov 2019STAT45
7 Nov 2019VULN360Apache : Apache CXF DoS and authentication bypass vulnerabilitiesSystems running Apache CXF versions prior to 3.3.4,
7 Nov 2019VULN359US-CERT : Microsoft Office for Mac cannot properly disable XLM macrosMac OS X running Microsoft Office.
7 Nov 2019VULN354Cisco : Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Command Injection VulnerabilityCisco Small Business RV Series Routers versions
7 Nov 2019VULN358Cisco : Cisco Wireless LAN Controller HTTP Parsing Engine Denial of Service VulnerabilitySystems running Cisco Wireless LAN Controller
7 Nov 2019VULN357Cisco : Cisco Web Security Appliance Unauthorized Device Reset VulnerabilityCisco AsyncOS Software.
7 Nov 2019VULN353Cisco : Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution VulnerabilitySystems running Cisco PI Software versions prior to
7 Nov 2019VULN356Cisco : Cisco TelePresence Collaboration Endpoint, RoomOS and TelePresence Codec VulnerabilitiesSystems running Cisco TelePresence Collaboration
7 Nov 2019VULN355Cisco : Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution VulnerabilitiesSystems running Cisco Webex Meetings sites versions
6 Nov 2019VULN351Xen : Multiple vulnerabilities fixed in XenSystems running Xen.
6 Nov 2019VULN352Citrix Hypervisor : CTX263477 Citrix Hypervisor Security UpdateSystems running Citrix Hypervisor versions 8.0,
6 Nov 2019VULN350Joomla! :Joomla! Core CSRF and Path Disclosure vulnerabilities fixedSystems running Joomla! versions 3 prior to 3.9.13.
31 Oct 2019STAT44
30 Oct 2019VULN349Samba : Multiple vulnerabilities fixed in Samba 4.11.2, 4.10.10 and 4.9.15Systems running Samba versions prior to 4.11.2,
30 Oct 2019VULN348Elastic : Elastic Stack 7.4.1 and 6.8.4 security updatesSystems runnung Elastic Stack versions prior to
30 Oct 2019VULN347APPLE : APPLE-SA-2019-10-29-4 watchOS 6.1 and Additional informationwatchOS versions prior to 6.1.
30 Oct 2019VULN346APPLE : APPLE-SA-2019-10-29-3 tvOS 13.2tvOS versions prior to 13.2.
30 Oct 2019VULN345APPLE : iCloud for Windows 10.7 and 7.14 now availableWindows running iCloud versions prior to 10.7, 7.14.
30 Oct 2019VULN344APPLE : APPLE-SA-2019-10-07-2 iTunes for Windows 12.10.1Windows running iTunes versions prior to 12.10.1.
25 Oct 2019STAT43
30 Oct 2019VULN343APPLE : APPLE-SA-2019-10-29-5 Safari 13.0.3 and Additional informationSystems running Safari versions prior to 13.0.3.
30 Oct 2019VULN342APPLE : APPLE-SA-2019-10-29-2 macOS Catalina 10.15.1, Security Update 2019-001 Mojave, Security Update 2019-006 High SierraSystems running macOS versions prior to 10.15.1.
30 Oct 2019VULN341APPLE : APPLE-SA-2019-10-29-1 iOS 13.2 and iPadOS 13.2 and Additional informationiOS versions prior to 13.2, iPadOS versions prior
25 Oct 2019VULN340Go : Go 1.13.2 and Go 1.12.11 are releasedSystems running Go versions prior to 1.13.2,
25 Oct 2019VULN339PHP : Security Vulnerabilities fixed in PHP versions 7.1.33, 7.3.11, 7.2.24Systems running PHP versions prior to 7.1.33,
25 Oct 2019VULN338Mozilla : Security vulnerabilities fixed in - Thunderbird 68.2Systems running Thunderbird versions prior to 68.2.
25 Oct 2019VULN337US-CERT : Multiple D-Link routers vulnerable to remote command executionD-Link routers software.
25 Oct 2019VULN336 (VMware : VMware vCenter Server Appliance updates address sensitive information disclosure vulnerability in backup and restore functions (CVE-2019-5537, CVE-2019-5538))Systems running vCenter Server Appliance versions 6.
25 Oct 2019VULN335 (VMware : VMSA-2019-0019 - VMware ESXi, Workstation and Fusion updates address a denial-of-service vulnerability (CVE-2019-5536))Systems running VMware ESXi versions 6,
24 Oct 2019VULN334Jenkins : Jenkins Security Advisory 2019-10-23Systems running 360 FireLine Plugin for Jenkins,
24 Oct 2019VULN333Cisco : Cisco HyperFlex Software Command Injection VulnerabilitySystems running Cisco HyperFlex Software versions
23 Oct 2019VULN332Mozilla : Multiple vulnerabilities fixed in Firefox 70, ESR 68.2Systems running Firefox versions prior to 70,
21 Oct 2019VULN331MediaWiki : Security and maintenance release: 1.31.4 / 1.32.4 / 1.33.1Systems running MediaWiki versions prior to 1.33.1,
18 Oct 2019VULN330Cisco : Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution VulnerabilitiesCisco Series Analog Telephone Adapters and
18 Oct 2019VULN329Cisco : Cisco Small Business Smart and Managed Switches Cross-Site Request Forgery VulnerabilityCisco Series Smart Switches software,
18 Oct 2019VULN327Cisco : Cisco Aironet Access Points and Catalyst 9100 Access Points CAPWAP Denial of Service VulnerabilityCisco Aironet AP Software,
18 Oct 2019VULN326Cisco : Cisco Aironet Access Points Unauthorized Access and PPTP VulnerabilitiesCisco Aironet Access Points (APs) Software.
18 Oct 2019VULN328Cisco : Cisco Wireless LAN Controller Secure Shell Denial of Service Vulnerabilitysystems running Cisco WLC Software versions
18 Oct 2019VULN325BIND : BIND9 CVE-2019-6475 and CVE-2019-6476systems running BIND versions 9.14, 9.15 prior to
18 Oct 2019STAT42
18 Oct 2019VULN324Apache : Apache Thrift DoS and out-of-bounds read vulnerabilitysystems running Apache Thrift versions prior to
18 Oct 2019VULN323CA Technologies : CA20191015-01 Security Notice for CA Performance ManagementSystems running CA Performance Management versions
16 Oct 2019VULN322Jenkins : Jenkins Security Advisory 2019-10-16systems running Bumblebee HP ALM Plugin for Jenkins,
16 Oct 2019VULN319Adobe : Security updates available for Adobe Acrobat and Reader APSB19-49Systems running Adobe Acrobat, Adobe Reader
16 Oct 2019VULN320Adobe : Security updates available for Adobe Experience Manager Forms | APSB19-50Systems running Adobe Experience Manager Forms
16 Oct 2019VULN321Adobe : Security Updates Available for Adobe Download Manager APSB19-51Adobe Download Manager versions 2.0.0.363.
16 Oct 2019VULN318.1 (Vmware : VMSA-2019-0016 - VMware Cloud Foundation and VMware Harbor Container,Registry for PCF address broken access control vulnerability (CVE-2019-16919))Systems running VMware Cloud Foundation,
16 Oct 2019VULN318Oracle : October 2019 Critical Patch Update ReleasedSystems running VMware Cloud Foundation,
16 Oct 2019VULN317Oracle : October 2019 Critical Patch Update ReleasedSystems running Oracle Database Server,
15 Oct 2019VULN316WordPress : WordPress 5.2.4 Security ReleaseSystems running WordPress versions prior to 5.2.4.
15 Oct 2019VULN315Sudo : Potential bypass of Runas user restrictionsSystems running Sudo versions prior to 1.8.28.
14 Oct 2019VULN314US-CERT : iTerm2 with tmux integration is vulnerable to remote command execution VulnerabilitySystems running iTerm2 versions prior to 3.3.6.
14 Oct 2019VULN313APPLE : APPLE-SA-2019-10-11-1 Swift 5.1.1 for UbuntuAPPLE Systems running Swift 5.1.1 for Ubuntu.
11 Oct 2019STAT41
9 Oct 2019VULN312Citrix : Citrix Application Delivery Management (ADM) Console Security UpdateSystems running Citrix Application Delivery
9 Oct 2019VULN311OpenSSH : OpenSSH 8.1 fixes exploitable integer overflow bugSystems running OpenSSH versions prior to 8.1.
9 Oct 2019VULN310Microsoft : Microsoft Security Update Summary for October 8, 2019Systems running Internet Explorer, Microsoft Edge,
4 Oct 2019STAT40
4 Oct 2019VULN309tcpdump : Version 4.9.3 fixes multiple overflow-overread vulnerabilitiesSystems running tcpdump versions prior to 4.9.3.
4 Oct 2019VULN307vBulletin : vBulletin 5.5.X (5.5.2, 5.5.3, and 5.5.4) Security Patch Level 2Systems running vBulletin versions 5.5.X prior to
4 Oct 2019VULN308Apache Hadoop : CVE-2018-11768 HDFS FSImage CorruptionSystems running Apache Hadoop versions prior to
3 Oct 2019VULN306Zimbra : NEW Zimbra Patches 8.8.15 Patch 2 + 8.8.12 Patch 6 + 8.7.11 Patch 14Systems running Zimbra versions prior to
3 Oct 2019VULN305Google Chrome OS : Chrome OS fixes multiple security issuesChrome OS versions 3 prior to 77.0.3865.105.
3 Oct 2019VULN304PHP : Heap Buffer Overflow Could Allow Arbitrary Code ExecutionSystems running PHP versions 7.3 prior to 7.3.10.
3 Oct 2019VULN303Shibboleth IdP : Denial of service via External authentication flowsSystems running Shibboleth Identity Provider
3 Oct 2019VULN302GitLab : GitLab Critical Security Release: 12.3.3, 12.2.7, and 12.1.13Systems running GitLab versions prior to 12.3.3,
2 Oct 2019VULN301Exim : Heap-based buffer overflow in string_vformat, remote code execution seems to be possibleSystems running Exim versions 4.92 up to and
2 Oct 2019VULN298Cisco : Cisco Security Advisories Published on October 02, 2019Cisco ASA, Cisco FMC, Cisco FTD Software.
2 Oct 2019VULN300CA Technologies : CA20190930-01 Security Notice for CA Network Flow AnalysisSystems running CA Network Flow Analysis versions
2 Oct 2019VULN299Jenkins : Multiple vulnerabilities in Jenkins pluginsSystems running Dingding[钉钉] Plugin for Jenkins,
1 Oct 2019VULN297Cisco : Cisco Security Advisories Published on September 25, 2019Cisco IOS, Cisco IOS XE.
27 Sep 2019STAT39
25 Sep 2019VULN296Joomla! : Core - XSS in logo parameter of default templatesSystems running Joomla! versions 3 prior to 3.9.12.
24 Sep 2019VULN293Apache Tapestry : multiple vulnerabilities fixed in Apache Tapestry 5.4.5Systems running Apache Tapestry versions 5.4. prior
24 Sep 2019VULN292Libexpat : Release 2.2.8 Fix heap overflowSystems running Libexpat versions prior to 2.2.8.
25 Sep 2019VULN294Adobe : critical Security updates available for ColdFusionSystems running Adobe ColdFusion versions 2018,
25 Sep 2019VULN295VMware : VMware Cloud Foundation and VMware Harbor Container Registry for PCF address remote escalation of privilege vulnerabilitySystems running VMware Cloud Foundation,
24 Sep 2019VULN291Microsoft : Out-of-Band Security Updates fix RCE and DoS vulnerabilitiesSystems running Internet Explorer,
23 Sep 2019VULN288Apache JSPWiki : Multiple vulnerabilities fixed in Apache JSPWikiSystems running Apache JSPWiki versions prior to
23 Sep 2019VULN290Atlassian : Jira Server - Template injection in Jira Importers Plugin - CVE-2019-15001Systems running Jira Server versions prior to
23 Sep 2019VULN289Atlassian : Jira Service Desk Server and Jira Service Desk Data Center URL path traversal allows information disclosure - CVE-2019-14994Systems running Jira Service Desk Server, Jira
20 Sep 2019VULN287Moodle : Multiple vulnerabilities fixed in MoodleSystems running moodle versions prior to 3.7.2,
20 Sep 2019STAT38
20 Sep 2019VULN286 (VMware : VMSA-2019-0014 VMware ESXi, Workstation, Fusion, VMRC and Horizon Client updates address use-after-free and denial of service vulnerabilities. (CVE-2019-5527, CVE-2019-5535))Systems running VMware ESXi, VMware Workstation,
18 Sep 2019VULN285SPIP : Mise à jour CRITIQUE de sécurité - Sortie de SPIP 3.2.5 et SPIP 3.1.11Systems running SPIP versions prior to 3.2.5,
16 Sep 2019VULN284Aruba : Aruba Mobility Controller Multiple Remote Code Execution VulnerabilitiesArubaOS versions prior to 6.4.4.21, 6.5.4.13,
16 Sep 2019VULN283VMware : VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilitiesSystems running VMware vSphere ESXi (ESXi),
13 Sep 2019STAT37
13 Sep 2019VULN282hostapd and wpa_supplicant : AP mode PMF disconnection protection bypassSystems running hostapd, wpa_supplicant versions
12 Sep 2019VULN281Wireshark : wnpa-sec-2019-21 Gryphon dissector infinite loopSystems running Wireshark versions prior to 3.0.4,
12 Sep 2019VULN280Google Chrome : Chrome Stable Channel Update 77.0.3865.75 for DesktopSystems running Google Chrome versions prior
12 Sep 2019VULN279Citrix : Multiple denial of service vulnerabilities fixed in Citrix SD-WANSystems running Citrix SD-WAN versions prior to
12 Sep 2019VULN278Jenkins : Jenkins Security Advisory 2019-09-12Systems running Aqua Security Serverless Scanner
11 Sep 2019VULN277Adobe : Security Bulletin for Adobe Flash Player | APSB19-46Systems running Adobe Flash Player versions prior
11 Sep 2019VULN276Microsoft : Microsoft Security Update Summary for September 10, 2019Systems running Internet Explorer, Microsoft Edge,
11 Sep 2019VULN275OpenSSL : Multiple vulnerabilities fixed in OpenSSLSystems running OpenSSL versions prior to 1.1.1d,
11 Sep 2019VULN274curl : FTP-KRB double-free and TFTP small blocksize heap buffer overflowSystems running libcurl versions 7.19.4 up to and
10 Sep 2019VULN272LimeSurvey : Multiple vulnerabilities fixed in LimeSurveySystems running LimeSurvey versions prior to
10 Sep 2019VULN273Apache Solr : CVE-2019-12401 XML Bomb in Apache Solr versions prior to 5.0Systems running Apache Solr versions prior to 5.0.
9 Sep 2019VULN271Apache Traffic Control: CVE-2019-12405 Apache Traffic Control LDAP-based authentication vulnerabilitySystems running Apache Traffic Control versions 3
6 Sep 2019STAT36
6 Sep 2019VULN270Android: Android Security Bulletin—September 2019Android.
6 Sep 2019VULN269Computer Associates : CA20190904-01: Security Notice for CA Common Services Distributed Intelligence ArchitectureSystems running CA Client Automation 14 and later
6 Sep 2019VULN268Citrix License Server : CVE-2019-13609 - CRLF Vulnerability in Citrix License Server for Windows and VPXWindows running Citrix License Server versions
6 Sep 2019VULN267Asterisk : Remote Crash vulnerabilities fixedSystems running Asterisk Open Source versions
5 Sep 2019VULN266Apache Commons Compress : [CVE-2019-12402] Apache Commons Compress denial of service vulnerabilitySystems running Apache Commons Compress versions
5 Sep 2019VULN265Varnish Cache : VSV00003 DoS attack vectorSystems running Varnish Cache versions 6.1, 6.0 LTS
5 Sep 2019VULN264WordPress : WordPress 5.2.3 Security and Maintenance ReleaseSystems running WordPress versions prior to 5.2.3.
4 Sep 2019VULN263Exim : CVE-2019-15846 Exim - local or remote attacker can execute programs with root privilegesSystems running Exim versions prior to 4.92.2.
4 Sep 2019VULN262Samba : Combination of parameters and permissions can allow user to escape from the share path definitionSystems running Samba versions from 4.9.0 onwards,
3 Sep 2019VULN261Webmin and Usermin : Webmin 1.930 and Usermin 1.780 security releasesSystems running Webmin versions prior to 1.930,
2 Sep 2019VULN259Cisco : Cisco Unified Computing System Fabric Interconnect root Privilege Escalation VulnerabilityNX-OS running Cisco UCS Fabric Interconnect
2 Sep 2019VULN258Cisco : Cisco REST API Container for IOS XE Software Authentication Bypass VulnerabilityIOS XE running Cisco REST API Container.
2 Sep 2019VULN257Cisco : Cisco NX-OS Software multiple Denial of Service VulnerabilitiesCisco NX-OS Software.
2 Sep 2019VULN260Cisco : Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service VulnerabilityCisco FXOS, Cisco NX-OS.
2 Sep 2019VULN256US-CERT : Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacksSystems implementing Bluetooth BR/EDR Core versions
2 Sep 2019VULN255LibreOffice : Multiple vulnerabilities fixed in LibreOfficeSystems running LibreOffice versions prior to
2 Sep 2019VULN254Atlassian : Confluence Server and Confluence Data Center - Local File Disclosure - CVE-2019-3394Systems running Confluence Server and Confluence
2 Sep 2019VULN253GitLab : GitLab Security Release: 12.2.3, 12.1.8, and 12.0.8Systems running GitLab versions prior to 12.2.3,
30 Aug 2019STAT34.1
30 Aug 2019VULN251Kubernetes : Security release of Kubernetes v1.15.3, v1.14.6, v1.13.10 - CVE-2019-9512 and CVE-2019-9514Systems running Kubernetes versions prior to
30 Aug 2019VULN250Go : Go 1.12.8 and Go 1.11.13 address recently reported security issuesSystems running Go versions prior to 1.12.8,
30 Aug 2019VULN252PHP : PHP versions 7.3.9, 7.2.22, 7.1.32 security releasesSystems running PHP versions prior to 7.3.9,
30 Aug 2019VULN249WebKitGTK and WPE WebKit : Multiple vulnerabilities fixed in WebKitGTK and WPE WebKitSystems running WebKitGTK versions prior to 2.24.4,
30 Aug 2019VULN247ISC Kea DHCP : Denial of service vulnerabilities fixed in Kea DHCP serverSystems running Kea DHCP.
30 Aug 2019VULN248Irssi : Use after free when receiving duplicate CAPSystems running Irssi versions prior to 1.2.2.
29 Aug 2019VULN246Zimbra : NEW Zimbra Patches 8.8.15 Patch 1 + 8.8.12 Patch 5Systems running Zimbra.
29 Aug 2019VULN245 (nginx : nginx security advisory (CVE-2019-9511, CVE-2019-9513, CVE-2019-9516))Systems running nginx versions prior to 1.17.3,
29 Aug 2019VULN244Jenkins : Jenkins Security Advisory 2019-08-28Systems running Jenkins versions prior to weekly
29 Aug 2019VULN243Ruby : Multiple jQuery vulnerabilities in RDocSystems running Ruby versions prior to 2.6.4,
23 Aug 2019STAT34
16 Aug 2019STAT33
14 Aug 2019VULN242Microsoft : Microsoft Security Update Summary for August 13, 2019Systems running
9 Aug 2019STAT32
2 Aug 2019STAT31
1 Aug 2019VULN241PHP : heap buffer-overflow vulnerabilities fixed in 7.3.8, 7.2.21Systems running PHP versions prior to 7.3.8,
1 Aug 2019VULN240Cisco : Cisco Nexus 9000 Series ACI Mode Switch Software Link Layer Discovery Protocol Buffer Overflow VulnerabilityCisco NX-OS.
1 Aug 2019VULN239Django : Django security releases issued 2.2.4, 2.1.11 and 1.11.23Systems running Django versions prior to 2.2.4,
1 Aug 2019VULN238Apache Solr : [CVE-2019-0193] Apache Solr Remote Code Execution via DataImportHandlerSystems running Apache Solr versions prior to 8.2.0.
1 Aug 2019VULN237ICS-CERT : Multiple vulnerabilities in Wind River VxWorksSystems running Wind River VxWorks,
1 Aug 2019VULN236Apache VCL : SQL injections and improper form validation vulnerabilitiesSystems running Apache VCL versions 2.1 up to and
1 Aug 2019VULN235 (OpenSSL : Windows builds with insecure path defaults (CVE-2019-1552))Systems running OpenSSL versions 1.1.1, 1.1.0,
31 Jul 2019VULN234Google Chrome : Chrome 76 fixes Multiple vulnerabilitiesSystems running Google Chrome versions prior to 76.
31 Jul 2019VULN233Apache Storm : Multiple vulnerabilities fixed in Apache StormSystems running Apache Storm versions
31 Jul 2019VULN232Jenkins : Multiple vulnerabilities in Jenkins pluginsSystems running Amazon EC2 for Jenkins prior to
26 Jul 2019STAT30
26 Jul 2019VULN231Exim : CVE-2019-13917 Privilege escalation vulnerability fixedSystems running Exim versions 4.85 up to and
23 Jul 2019VULN230APPLE : APPLE-SA-2019-7-22-5 tvOS 12.4tvOS versions prior to 12.4.
23 Jul 2019VULN229APPLE : APPLE-SA-2019-7-22-4 watchOS 5.3watchOS versions prior to 5.3.
23 Jul 2019VULN228APPLE : APPLE-SA-2019-7-22-3 Safari 12.1.2Systems running Safari versions prior to 12.1.2.
23 Jul 2019VULN227APPLE : APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update,2019-004 High Sierra, Security Update 2019-004 SierramacOS versions prior to 10.14.6.
23 Jul 2019VULN226APPLE : APPLE-SA-2019-7-22-1 iOS 12.4iOS versions prior to 12.4.
19 Jul 2019STAT29
18 Jul 2019VULN221Wireshark : wnpa-sec-2019-20 · ASN.1 BER and related dissectors crashSystems running Wireshark versions prior to 3.0.3,
18 Jul 2019VULN225Drupal : Vulnerabilities fixed in Meta tags quick, ImageCache Actions, Custom PermissionsSystems running Meta tags quick for Drupal
18 Jul 2019VULN224Apache Roller : [CVE-2019-0234] Reflected Cross-site Scripting (XSS) Vulnerabiulity in Apache RollerSystems running Apache Roller versions prior to
18 Jul 2019VULN223Apache Kafka : CVE-2018-17196 Potential to bypass transaction/idempotent ACL checks in,Apache KafkaSystems running Apache Kafka versions prior to
18 Jul 2019VULN222Jenkins : Multiple vulnerabilities fixed in JenkinsSystems running Jenkins (core) versions prior to
18 Jul 2019VULN220Drupal : Drupal core - Critical - Access bypass - SA-CORE-2019-008Systems running Drupal core versions 8.7.4.
17 Jul 2019VULN219Cisco : Cisco FindIT Network Management Software Static Credentials VulnerabilitySystems running Cisco FindIT Network Management
17 Jul 2019VULN218Cisco : Cisco IOS Access Points Software 802.11r Fast Transition Denial of Service VulnerabilityCisco IOS Access Points Software.
17 Jul 2019VULN217Cisco : Cisco Vision Dynamic Signage Director REST API Authentication Bypass VulnerabilitySystems running Cisco Vision Dynamic Signage
17 Jul 2019VULN215LibreOffice : arbitrary script execution and remote bullet graphics retrieved in 'stealth mode'Systems running LibreOffice versions prior to
17 Jul 2019VULN214Oracle : July 2019 Critical Patch Update ReleasedSystems running Oracle Database Server,
16 Jul 2019VULN213Cisco : Cisco ASA and FTD Software Cryptographic TLS and SSL Driver Denial of Service VulnerabilityCisco ASA Software, Cisco FTD Software.
16 Jul 2019VULN212Google Chrome : Vulnerabilities fixed in Google Chrome 75.0.3770.142Systems running Google Chrome versions prior to
16 Jul 2019VULN211Moodle : Multiple vulnerabilities fixed in MoodleSystems running Moodle versions prior to 3.7.1,
16 Jul 2019VULN210Squid : Multiple vulnerabilities fixed in SquidSystems running Squid versions prior to 4.8.
16 Jul 2019VULN209Mozilla : Security vulnerabilities fixed in Thunderbird 60.8Systems running Thunderbird versions prior to 60.8.
16 Jul 2019VULN208minimagick : remote shell execution vulnerability fixed in minimagickSystems running minimagick versions prior to 4.9.4.
16 Jul 2019VULN207JIRA : Jira Server - Template injection in various resources - CVE-2019-11581Systems running Jira Server, Jira Data Center
12 Jul 2019STAT28
12 Jul 2019VULN206.1Jenkins : Jenkins Security Advisory 2019-07-11Systems running Caliper CI Plugin for Jenkins,
12 Jul 2019VULN206Jenkins : Caliper CI Plugin stores credentials in plain textSystems running Caliper CI Plugin for Jenkins,
12 Jul 2019VULN205Redis : Redis security vulnerabilities in HyperLogLog and a DoS fixedSystems running Redis versions prior to 5.0.4,
10 Jul 2019VULN204Joomla! : Core - Filter attribute in subform fields allows remote code executionSystems running Joomla! versions prior to 3.9.9.
10 Jul 2019VULN203Adobe : Security Updates Available for Adobe Bridge CC APSB19-37Systems running Adobe Bridge CC versions prior to
10 Jul 2019VULN202Adobe : Security update available for Adobe Dreamweaver | APSB19-40Systems running Adobe Dreamweaver direct download
10 Jul 2019VULN201 (VMware : ESXi patches address partial denial of service vulnerability in hostd process (CVE-2019-5528))Systems running VMware ESXi.
10 Jul 2019VULN200Microsoft : Microsoft Security Update Summary for July 9, 2019Systems running Internet Explorer, Microsoft Edge,
9 Jul 2019VULN199Xen : Linux No grant table and foreign mapping limitsAll versions of Linux.
9 Jul 2019VULN198Mozilla : Security vulnerabilities fixed in Firefox 68 and ESR 60.8Systems running Firefox versions prior to 68,
5 Jul 2019STAT27
3 Jul 2019VULN197 (VMware : VMware product updates address Linux kernel vulnerabilities in TCP SACK (CVE-2019-11477, CVE-2019-11478))Systems running Vmware products.
1 Jul 2019VULN196Django : CVE-2019-12781 Incorrect HTTP detection with reverse-proxy connecting via HTTPSSystems running Django versions prior to 2.2.3,
28 Jun 2019STAT26
21 Jun 2019STAT25
21 Jun 2019VULN195APPLE : APPLE-SA-2019-6-20-1 AirPort Base Station Firmware Update 7.8.1AirPort Base Station Firmware.
21 Jun 2019VULN194Apache Tomcat : CVE-2019-10072 Apache Tomcat HTTP/2 DoSSystems running Apache Tomcat versions prior to
20 Jun 2019VULN193BIND : CVE-2019-6471 Race condition when discarding malformed packets can cause DoSSystems running BIND versions prior to 9.11.8,
19 Jun 2019VULN192Oracle : Oracle Security Alert Advisory - CVE-2019-2729Systems running Oracle WebLogic Server versions
19 Jun 2019VULN191Samba : Samba AD DC denial of service vulnerabilitiesSystems running Samba versions prior to 4.9.9,
19 Jun 2019VULN190Mozilla : Security vulnerabilities fixed in Firefox 67.0.3 and Firefox ESR 60.7.1Systems running Firefox versions prior to
17 Jun 2019VULN188Mozilla : Security vulnerabilities fixed in Thunderbird 60.7.1Systems running Thunderbird versions prior to
18 Jun 2019VULN189Debian : linux security update fix multiple security vulnerabilitiesDebian versions prior to 4.9.168-1+deb9u3.
14 Jun 2019STAT24
12 Jun 2019VULN187Wampserver : CVE-2019-11517: CSRF in Wampserver 3.1.4-3.1.8Systems running Wampserver versions prior to 3.1.9.
12 Jun 2019VULN186Cisco : Cisco IOS XE Software Web UI Cross-Site Request Forgery VulnerabilityCisco IOS XE Software with HTTP Server feature
12 Jun 2019VULN185Mozilla : Security vulnerabilities fixed in Firefox 67.0.2Systems running Firefox versions prior to 67.0.2.
12 Jun 2019VULN184Jenkins : Multiple vulnerabilities in Jenkins pluginsSystems running ElectricFlow Plugin for Jenkins
12 Jun 2019VULN183Cyrus IMAP : Cyrus IMAP 3.0.10 and 2.5.13 fix buffer overrun vulnerabilitySystems running Cyrus IMAP versions prior to
12 Jun 2019VULN182MediaWiki : Security and maintenance release: 1.27.6 / 1.30.2 / 1.31.2 / 1.32.2Systems running MediaWiki versions prior to 1.32.2,
12 Jun 2019VULN181Adobe : Security Bulletin for Adobe Campaign APSB19-28Systems running Adobe Campaign versions prior to
12 Jun 2019VULN180Adobe : Security updates available for ColdFusion APSB19-27Systems running ColdFusion versions 2018, 2016, 11.
12 Jun 2019VULN179Adobe : Security Bulletin for Adobe Flash Player APSB19-30Systems running Adobe Flash Player versions prior
12 Jun 2019VULN178Joomla! : Core - CSV injection, XSS and ACL hardening vulnerabilities fixedSystems running Joomla! versions 3 prior to 3.9.7.
12 Jun 2019VULN177Microsoft : Microsoft Security Update Summary and Security Advisory Notification for June 11, 2019Systems running Internet Explorer, Microsoft Edge,
7 Jun 2019STAT22.1
6 Jun 2019VULN176VMware : New VMware Security Advisory VMSA-2019-0009Systems running VMware Tools versions prior to
6 Jun 2019VULN175Exim : CVE-2019-10149 possible remote exploit in Exim 4.87 to 4.91Systems running Exim versions 4.87 up to 4.91.
6 Jun 2019VULN174phpMyAdmin : Vulnerabilities fixed in phpMyAdminSystems running phpMyAdmin versions prior to 4.9.0,
4 Jun 2019VULN173Django :Django security releases issued: 2.2.2, 2.1.9 and 1.11.21Systems running Django versions prior to  2.2.2,
31 May 2019VULN164Jenkins : Jenkins Security Advisory 2019-05-31Systems running Gitea Plugin for Jenkins,
31 May 2019VULN169APPLE : APPLE-SA-2019-5-28-2 iCloud for Windows 7.12Windows running iCloud versions prior to 7.12.
31 May 2019VULN167Apache ZooKeeper : CVE-2019-0201 Information disclosure vulnerability in Apache ZooKeeperSystems running Apache ZooKeeper versions prior to
31 May 2019VULN166 (Apache Camel : CVE-2019-0188: Apache Camel-XMLJson vulnerable to XML external entity injection (XXE))Systems running Apache Camel versions prior to
31 May 2019VULN165Apache Hadoop : CVE-2018-8029 Apache Hadoop Privilege escalation vulnerabilitySystems running Apache Hadoop versions prior to
31 May 2019VULN172Wireshark : wnpa-sec-2019-19 · Wireshark dissection engine crashWireshark versions prior to 3.0.2, 2.6.9, 2.4.15.
31 May 2019VULN170APPLE : APPLE-SA-2019-5-28-1 iTunes for Windows 12.9.5Windows running iTunes versions prior to 12.9.5.
31 May 2019VULN171APPLE : APPLE-SA-2019-5-30-1 AirPort Base Station Firmware Update 7.9.1APPLE AirPort Base Station Firmware.
31 May 2019VULN168Apache Tomcat : CVE-2019-0221 Apache Tomcat XSS in SSI printenvSystems running Apache Tomcat versions prior to
31 May 2019STAT22
31 May 2019VULN163PHP : PHP 7.1.30, 7.2.19, 7.3.6 security releasesSystems running PHP versions prior to 7.1.30,
24 May 2019STAT21
22 May 2019VULN162OTRS : Security Updates for OTRS FrameworkSystems running OTRS versions 7.0.x, 6.0.x, 5.0.x
22 May 2019VULN161Mozilla : Security vulnerabilities fixed in Firefox 67 and ESR 60.7Systems running Mozilla Firefox versions prior to
22 May 2019VULN160Mozilla : Security vulnerabilities fixed in Thunderbird 60.7Systems running Mozilla Thunderbird versions prior
21 May 2019VULN156Jenkins : Jenkins Security Advisory 2019-05-21Systems running Credentials Plugin for Jenkins
21 May 2019VULN158Apache JSPWiki : Apache JSPWiki multiple Cross-site scripting vulnerabilitiesSystems running Apache JSPWiki versions prior to
21 May 2019VULN159Moodle : Multiple vulnerabilities fixed in MoodleSystems running Moodle versions prior to 3.7,
21 May 2019VULN157WebKitGTK and WPE WebKit : WebKitGTK and WPE WebKit Security Advisory WSA-2019-0003Systems running WebKitGTK, WPE WebKit versions
17 May 2019STAT20
16 May 2019VULN155Heimdal : Heimdal 7.6 security release announcementSystems running Heimdal versions prior to 7.6.
16 May 2019VULN154Cisco : Cisco Video Surveillance Manager Web-Based Management Interface Information Disclosure VulnerabilityCisco Video Surveillance Manager software running
16 May 2019VULN153Cisco : Cisco Small Business Series Switches Simple Network Management Protocol Denial of Service VulnerabilityCisco Small Business Series Switches software,
16 May 2019VULN152Cisco : Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers MPLS OAM Denial of Service VulnerabilityCisco IOS XR.
16 May 2019VULN151Cisco : Cisco IOS XR Software BGP MPLS-Based EVPN Denial of Service VulnerabilityCisco IOS XR.
16 May 2019VULN150Cisco : Cisco Prime Infrastructure and Evolved Programmable Network Manager RCE and SQL Injection VulnerabilitiesCisco PI Software versions prior to 3.4.1, 3.5,
16 May 2019VULN149Cisco : Cisco FXOS and NX-OS Software Simple Network Management Protocol Denial of Service VulnerabilityCisco FXOS, Cisco NX-OS.
16 May 2019VULN148Cisco : Cisco Webex Network Recording Player Arbitrary Code Execution VulnerabilitiesWindows running Cisco Webex Network Recording
15 May 2019VULN147Samba : Samba AD DC S4U2Self/S4U2Proxy unkeyed checksumSystems running Samba versions prior to 4.8.12,
15 May 2019VULN146Intel : Intel® CSME, Intel® SPS, Intel® TXE, Intel® DAL, and Intel® AMT 2019.1 QSR AdvisoryIntel® CSME, Intel® SPS, Intel® TXE, Intel® DAL,
15 May 2019VULN145Citrix : Remote Code Execution Vulnerability in Citrix Workspace app and Receiver for WindowsWindows running Citrix Workspace app,
15 May 2019VULN144INTEL : Microarchitectural Data Sampling AdvisoryINTEL firmware.
15 May 2019VULN143Adobe : Security bulletin for Adobe Acrobat and Reader | APSB19-18Systems running Acrobat DC, Acrobat Reader DC
15 May 2019VULN142Xen : Xen Security Advisory XSA-297 Microarchitectural Data Sampling speculative side channelSystems running Xen.
15 May 2019VULN141Adobe : Security Bulletin for Adobe Flash Player | APSB19-26Systems running Adobe Flash Player versions prior to
15 May 2019VULN140Citrix : Citrix Hypervisor Security UpdateSystems running Citrix XenServer, Citrix Hypervisor.
15 May 2019VULN139Microsoft : Microsoft Security Update Summary for May 14, 2019Systems running Internet Explorer, Microsoft Edge,
15 May 2019VULN138 (VMware : VMware product updates enable Mitigations for Microarchitectural Data Sampling (MDS) Vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091))Systems running VMware vCenter Server (VC)
,
15 May 2019VULN137 (VMware : VMware Workstation update addresses a DLL-hijacking issue (CVE-2019-5526))Systems running VMware Workstation.
14 May 2019VULN136Cisco : Cisco Secure Boot Hardware Tampering VulnerabilityCisco's proprietary Secure Boot implementation.
14 May 2019VULN135Cisco : Cisco IOS XE Software Web UI Command Injection VulnerabilityCisco IOS XE.
14 May 2019VULN130APPLE : APPLE-SA-2019-5-13-2 macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 SierramacOS X versions prior to 10.14.5.
14 May 2019VULN134APPLE : APPLE-SA-2019-5-13-6 Apple TV Software 7.3Apple TV Software versions prior to 7.3.
14 May 2019VULN132APPLE : APPLE-SA-2019-5-13-4 watchOS 5.2.1watchOS versions prior to 5.2.1.
14 May 2019VULN133APPLE : APPLE-SA-2019-5-13-3 tvOS 12.3tvOS versions prior to 12.3.
14 May 2019VULN131APPLE : APPLE-SA-2019-5-13-5 Safari 12.1.1systems running Safari versions prior to 12.1.1.
14 May 2019VULN129APPLE : APPLE-SA-2019-5-13-1 iOS 12.3iOS versions prior to 12.3.
10 May 2019STAT19
9 May 2019VULN128Cisco : Cisco Elastic Services Controller REST API Authentication Bypass Vulnerabilitysystems running Cisco Elastic Services Controller.
9 May 2019VULN127Drupal core : Drupal core - Moderately critical - Third-party libraries - SA-CORE-2019-007systems running Drupal core versions prior to
3 May 2019STAT18
2 May 2019VULN126Jenkins : Jenkins Security Advisory 2019-04-30systems running Ansible Tower Plugin for Jenkins,
2 May 2019VULN125Cisco : Cisco Application Policy Infrastructure Controller Privilege Escalation VulnerabilityCisco Application Policy Infrastructure Controller
2 May 2019VULN124Cisco : Cisco Firepower Threat Defense Software multiple DoS VulnerabilitiesCisco FTD Software.
2 May 2019VULN123Cisco : Cisco Umbrella Dashboard Session Management VulnerabilityCisco Umbrella Dashboard software.
2 May 2019VULN118Cisco : Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software multiple vulnerabilitiesCisco ASA Software, Cisco FTD Software.
2 May 2019VULN122Cisco : Cisco Small Business RV320 and RV325 Routers Session Hijacking VulnerabilityCisco Firmware versions prior to 1.4.2.20.
2 May 2019VULN121Cisco : Cisco Small Business Switches Secure Shell Certificate Authentication Bypass VulnerabilityCisco Small Business Switches Software.
2 May 2019VULN120Cisco : Cisco Adaptive Security Appliance Software Denial of Service and CSRF VulnerabilitiesSystems running Cisco ASA Software.
2 May 2019VULN119Cisco : Cisco Web Security Appliance Denial of Service and Privilege Escalation VulnerabilitiesCisco AsyncOS Software.
2 May 2019VULN117Cisco : Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure multiple VulnerabilitiesCisco NX-OS Software.
30 Apr 2019VULN116Citrix : Authentication Bypass vulnerability in XenMobile ServerSystems running Citrix XenMobile Server versions
26 Apr 2019STAT17
26 Apr 2019VULN115Atlassian Confluence : Confluence Security Advisory - 2019-04-17Systems running Atlassian Confluence versions prior
25 Apr 2019VULN114Apache Solr : CVE-2018-11802 Apache Solr authorization bug disclosureSystems running Apache Solr versions prior to 7.7.
25 Apr 2019VULN113ISC BIND : New security release versions of BIND are available 9.11.6-P1, 9.12.4-P1, and 9.14.1Systems running ISC BIND versions prior to
24 Apr 2019VULN112Google Chrome : Chrome version 74 fixes multiple vulnerabilitiesSystems running Google Chrome versions prior to 74.
24 Apr 2019VULN111Apache Pony Mail : CVE-2019-0218 Apache Pony Mail (incubating) Reflected XSSSystems running Apache Pony Mail versions prior to
24 Apr 2019VULN110Apache Qpid Proton : CVE-2019-0223 Apache Qpid Proton TLS Man in the Middle VulnerabilitySystems Apache Qpid Proton versions prior to
24 Apr 2019VULN109 (Apache Zeppelin : Issues fixed in previous releases of Apache Zeppelin 0.7.3 and 0.8.0 (CVE-2017-12619 CVE-2018-1317 CVE-2018-1328))Systems running Apache Zeppelin versions prior to
19 Apr 2019STAT16
19 Apr 2019VULN108Drupal : Multiple Vulnerabilities fixed in DrupalSystems Drupal versions prior to 8.6.15, 8.5.15,
19 Apr 2019VULN107Jenkins : Jenkins Security Advisory 2019-04-17Systems running GitLab Plugin for Jenkins,
19 Apr 2019VULN106Dovecot : CVE-2019-10691 JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering invalid UTF-8 charactersSystems running Dovecot versions 2.3 prior to
18 Apr 2019VULN105Cisco : Cisco Directory Connector Search Order Hijacking VulnerabilitySystems running Cisco Directory Connector software.
18 Apr 2019VULN104Cisco : Cisco Expressway Series and Cisco TelePresence Video Communication Server Denial of Service VulnerabilityCisco Expressway Series software,
18 Apr 2019VULN103Cisco : Cisco Aironet Series Access Points Development Shell Access VulnerabilityCisco AP-COS.
18 Apr 2019VULN102Cisco : Cisco Wireless LAN Controller Software Cross-Site Request Forgery VulnerabilitySystems running Cisco Wireless LAN Controller
18 Apr 2019VULN101OpenSSH : OpenSSH 8.0 released and fix CVE-2019-6111Systems running OpenSSH versions prior to 8.0.
17 Apr 2019VULN100Atlassian : March 2019 Sourcetree Advisory - Multiple Remote Code Execution VulnerabilitiesSystems running Atlassian Sourcetree versions prior
17 Apr 2019VULN099Atlassian : Atlassian - Confluence Security Advisory - 2019-03-20Systems running Atlassian Confluence Server,
17 Apr 2019VULN098US-CERT : WPA3 design issues and implementation vulnerabilities in hostapd and wpa_supplicantSystems running hostapd, wpa_supplicant
17 Apr 2019VULN097Oracle : April 2019 Critical Patch Update ReleasedSystems running Oracle Database Server,
17 Apr 2019VULN096US-CERT : VPN applications insecurely store session cookiesSystems running VPN applications.
17 Apr 2019VULN095GitLab : GitLab Critical Security Release: 11.9.7, 11.8.7, and 11.7.11Systems running GitLab versions prior to 11.9.7,
12 Apr 2019STAT15
12 Apr 2019VULN094WebKitGTK and WPE WebKit : WebKitGTK and WPE WebKit Security Advisory WSA-2019-0002Systems running WebKitGTK versions prior to 2.22.7,
12 Apr 2019VULN092Jenkins : Jenkins Security Advisory 2019-04-10Systems running Jenkins versions prior to
12 Apr 2019VULN093VMware : VMware ESXi, Workstation and Fusion updates address multiple out-of-bounds read vulnerabilitiesSystems running VMware ESXi versions 6,
11 Apr 2019VULN087Adobe : Security update available for Adobe Shockwave Player APSB19-20Systems running Adobe Shockwave Player versions
11 Apr 2019VULN086Adobe : Security Update Available for InDesign APSB19-23Systems running Adobe InDesign versions prior to
11 Apr 2019VULN089.1Adobe : Security Updates Available for Adobe XD APSB19-22Systems running Adobe XD versions prior to 17.0.12.
11 Apr 2019VULN091Apache : CVE-2019-0232 Apache Tomcat Remote Code Execution on WindowsSystems running Apache Tomcat versions prior to
11 Apr 2019VULN090Apache : CVE-2019-0216, CVE-2019-0229 vulnerabilities affecting Apache Airflow <= 1.10.2 webserver componentSystems running Apache Airflow versions prior to
11 Apr 2019VULN089Jenkins : Jenkins Security Advisory 2019-04-10Systems running Adobe XD versions prior to 17.0.12.
11 Apr 2019VULN088Adobe : Security update available for Adobe Dreamweaver APSB19-21Systems running Adobe Dreamweaver versions prior to
11 Apr 2019VULN085Adobe : Updates available for Adobe Flash Player APSB19-19Systems running Adobe Flash Player versions prior
10 Apr 2019VULN084Microsoft : Microsoft Security Update Summary for April 9, 2019Systems running Internet Explorer, Microsoft Edge,
10 Apr 2019VULN083Joomla : Multiple vulnerabilities fixed in Joomla 3.9.5Systems running Joomla versions prior to 3.9.5.
10 Apr 2019VULN082SPIP : Mise à jour CRITIQUE de sécurité Sortie de SPIP 3.1.10 et SPIP 3.2.4Systems running SPIP versions 3.1, 3.2 prior to
9 Apr 2019VULN081Wireshark : Multiple dissector and file parser vulnerabilities fixed in WiresharkSystems running Wireshark versions prior to 3.0.1,
8 Apr 2019VULN080Samba : Samba 4.10.2, 4.9.6 and 4.8.11 Security Releases AvailableSystems running Samba versions prior to 4.10.2,
5 Apr 2019STAT14
3 Apr 2019VULN079Apache httpd : Multiple vulnerabilities in Apache httpdSystems running Apache httpd versions prior to
3 Apr 2019VULN078Jenkins : Multiple vulnerabilities in Jenkins pluginsSystems running Jenkins plugins.
1 Apr 2019VULN077Apache Mesos : CVE-2019-0204 Some Mesos components can be overwritten making arbitrary code execution possibleSystems running Apache Mesos versions prior to
1 Apr 2019VULN076Dovecot : CVE-2019-7524 Buffer overflow when reading extension header from dovecot index filesSystems running Dovecot versions 2 prior to
29 Mar 2019STAT13
29 Mar 2019VULN075VMware : VMware ESXi, Workstation and Fusion updates address multiple security issuesSystems running VMware ESXi, VMware Workstation,
29 Mar 2019VULN074VMware : VMware vCloud Director for Service Providers update resolves, a Remote Session Hijack vulnerabilitySystems running VMware vCloud Director for Service
28 Mar 2019VULN073Cisco : Cisco Security Advisories Published on March 27, 2019Cisco IOS, Cisco IOS XE.
27 Mar 2019VULN070Jenkins : Jenkins Security Advisory 2019-03-25Systems running Pipeline: Groovy Plugin for Jenkins,
27 Mar 2019VULN072Apache Tomcat : CVE-2019-0199 Apache Tomcat HTTP/2 DoSSystems running Apache Tomcat versions 9, 8
27 Mar 2019VULN071Apache JSPWiki : Local File Inclusion and Cross-site scripting VulnerabilitiesSystems running Apache JSPWiki versions prior to
22 Mar 2019STAT12
20 Mar 2019VULN069Cisco : Cisco IP Phone 8800 Series and 7800 Series VulnerabilitiesCisco SIP software.
19 Mar 2019VULN068Moodle : Multiple vulnerabilities fixed in MoodleSystems running Moodle versions prior to 3.6.3,
18 Mar 2019VULN067VMware : VMware Horizon update addresses Connection Server information disclosure vulnerabilitySystems running VMware Horizon.
18 Mar 2019VULN066VMware : VMware Workstation update addresses elevation of ,privilege issuesSystems running VMware Workstation.
15 Mar 2019STAT11
13 Mar 2019VULN065Microsoft : Microsoft Security Update Summary for March 12, 2019Systems running Internet Explorer, Microsoft Edge,
11 Mar 2019VULN064PHP : PHP 7.1.27 Security ReleaseSystems running PHP versions prior to 7.1.27,
8 Mar 2019VULN063Google Chrome : Stable Channel for Desktop Updated to 72.0.3626.121Systems running Google Chrome versions prior to
8 Mar 2019STAT10
7 Mar 2019VULN062Cisco : Cisco Security Advisories Published on March 06, 2019Cisco FXOS, Cisco NX-OS.
7 Mar 2019VULN061Jenkins : Jenkins Security Advisory 2019-03-06Systems running AppDynamics Dashboard Plugin for
7 Mar 2019VULN060Apache Solr : CVE-2019-0192 Deserialization of untrusted data via jmx.serviceUrl in Apache SolrSystems running Apache Solr versions 5, 6 prior to
4 Mar 2019VULN059Apache Mesos : CVE-2018-11793 Mesos components might crash when parsing deeply nested JSON structuresSystems running Apache Mesos versions 1.4.0 to
4 Mar 2019VULN058Node.js : February 2019 Security ReleasesSystems running Node.js versions 6, 8, 10, 11.
4 Mar 2019VULN056Apache: Apache Qpid Broker-J Denial of Service due to malformed ,AMQP 0-8 to 0-10 commandsSystems running Apache Qpid Broker-J.
4 Mar 2019VULN057Apache JMeter : CVE-2019-0187 Apache JMeter Missing client auth for RMI connection when distributed test is usedSystems running JMeter versions 4.0, 5.0 prior to
1 Mar 2019STAT09
1 Mar 2019VULN055Asterisk : Remote crash vulnerability with SDP protocol violationSystems running Asterisk versions 15.x, 16.x prior
1 Mar 2019VULN054ikiwiki : Server-side request forgery via aggregate pluginSystems running ikiwiki versions prior to
28 Feb 2019VULN053Wireshark : Multiple dissector crashes vulnerabilities fixed in WiresharkSystems running Wireshark versions prior to 2.6.7,
25 Feb 2019VULN052Splunk : Splunk Enterprise and Splunk Light address one vulnerabilitySystems running Splunk Enterprise, Splunk Light,
25 Feb 2019VULN051Jenkins : Jenkins Security Advisory 2019-02-19Systems running Acunetix Plugin for Jenkins,
22 Feb 2019VULN050Drupal : Drupal core - Highly critical - Remote Code Execution - SA-CORE-2019-003Systems running Drupal core versions prior to
22 Feb 2019STAT08
18 Feb 2019VULN049Vmware : VMware product updates resolve mishandled file descriptor vulnerability in runc container runtimeSystems running VMware Integrated OpenStack with
15 Feb 2019VULN048Joomla! : Multiple vulnerabilities fixed in Joomla!Systems running Joomla! versions prior to 3.9.3.
15 Feb 2019STAT07
13 Feb 2019VULN047Apache Solr : CVE-2017-3164 SSRF issue in Apache SolrSystems running Apache Solr versions prior to
13 Feb 2019VULN046Microsoft : Microsoft Security Update Summary for February 12, 2019Systems running Internet Explorer, Microsoft Edge,
12 Feb 2019VULN045kubernetes : Runc and CVE-2019-5736Systems running Kubernetes.
12 Feb 2019VULN044Red Hat : Important docker security update for CVE-2019-5736Red Hat Enterprise Linux running docker.
12 Feb 2019VULN043Red Hat : Important runc security updateRed Hat Enterprise Linux running runc.
12 Feb 2019VULN042Docker : Docker 18.09.2 address a critical vulnerability in runcSystems running Docker Engine EE, Docker Engine CE
12 Feb 2019VULN041Cisco : Cisco Network Assurance Engine CLI Access with Default Password VulnerabilitySystems running Cisco Network Assurance Engine.
12 Feb 2019VULN040Django : Django security releases issued 2.1.6, 2.0.11 and 1.11.19Systems running Django versions prior to 1.11.19,
12 Feb 2019VULN039WebKit : WebKitGTK+ and WPE WebKit Security Advisory WSA-2019-0001Systems running WebKitGTK+ prior to 2.22.6,
8 Feb 2019VULN038curl : Out-of-bounds read and stack buffer overflow vulnerabilities fixedSystems running curl versions 7.34.0 up to and
8 Feb 2019STAT06
8 Feb 2019VULN037APPLE : APPLE-SA-2019-2-07-3 Shortcuts 2.1.3 for iOSiOS running Shortcuts versions prior to 2.1.3.
8 Feb 2019VULN036APPLE : APPLE-SA-2019-2-07-2 macOS Mojave 10.14.3 Supplemental UpdatemacOS Mojave versions up to and including 10.14.3.
8 Feb 2019VULN035APPLE : APPLE-SA-2019-2-07-1 iOS 12.1.4iOS versions prior to 12.1.4.
5 Feb 2019VULN034Dovecot : CVE-2019-3814 Suitable client certificate can be used to login as other userSystems running Dovecot versions prior to 2.2.36.1,
1 Feb 2019STAT05
31 Jan 2019VULN033PowerDNS : PowerDNS Security Advisories 2011-01 and 2019-02Systems running PowerDNS versions 4.1.x prior to
31 Jan 2019VULN032Cisco : Cisco Webex Network Recording Player Arbitrary Code Execution VulnerabilitiesSystems running Cisco Webex Network Recording
30 Jan 2019VULN031Google Chrome : Google Chrome 72 fix multiple vulnerabilitiesSystems running Google Chrome versions prior to 72.
30 Jan 2019VULN030US-CERT : Microsoft Exchange 2013 and newer are vulnerable to NTLM relay attacks,Vulnerability Note VU#465632Systems running Microsoft Exchange versions 2013
30 Jan 2019VULN029Mozilla : Mozilla Firefox 65, 60.5 and Thunderbird 60.5 fix multiple vulnerabilitiesSystems running Firefox versions prior to 65, 60.5,
30 Jan 2019VULN028Apache httpd : vulnerabilities fixed in Apache httpdSystems running Apache httpd versions prior to
30 Jan 2019VULN027Citrix : TLS Padding Oracle Vulnerability in Citrix Application Delivery Controller(ADC) and NetScaler GatewaySystems running Citrix ADC,
30 Jan 2019VULN026Apache Guacamole : CVE-2018-1340 Secure flag missing from Apache Guacamole session cookieSystems running Apache Guacamole versions prior to
29 Jan 2019VULN021APPLE : APPLE-SA-2019-1-22-1 iOS 12.1.3iOS versions prior to 12.1.3.
29 Jan 2019VULN022APPLE : APPLE-SA-2019-1-22-2 macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 SierramacOS versions prior to 10.14.3.
29 Jan 2019VULN023APPLE : APPLE-SA-2019-1-22-5 Safari 12.0.3Systems running Safari versions prior to 12.0.3.
29 Jan 2019VULN025APPLE : APPLE-SA-2019-1-22-4 tvOS 12.1.2tvOS versions prior to 12.1.2.
29 Jan 2019VULN024APPLE : APPLE-SA-2019-1-22-3 watchOS 5.1.3Systems running watchOS versions prior to 5.1.3.
29 Jan 2019VULN020APPLE : APPLE-SA-2019-1-24-1 iTunes 12.9.3 for WindowsWindows running iTunes versions prior to 12.9.3.
29 Jan 2019VULN018Apache Subversion : [CVE-2018-11803] Apache Subversion Denial of Service VulnerabilitySystems running Apache Subversion versions prior to
29 Jan 2019VULN019Apache Hadoop : CVE-2018-1296 Apache Hadoop HDFS Permissive listXAttr AuthorizationSystems running Apache Hadoop versions 3.0.0-alpha1
29 Jan 2019VULN017Jenkins : Vulnerabilities in multiple Jenkins PluginsSystems running Jenkins with
29 Jan 2019VULN016phpMyadmin : Arbitrary file read and SQL injection vulnerabilitiesSystems running phpMyAdmin versions prior to 4.8.5.
25 Jan 2019STAT04
21 Jan 2019VULN014Moodle: MSA-19-0001: Manage groups capability is missing XSS risk flag  
21 Jan 2019VULN013.1Moodle: MSA-19-0003: User full name is not escaped in the un-linked userpix page  
21 Jan 2019VULN015Moodle: MSA-19-0002: Blind SSRF Risk in /badges/mybackpack.php  
18 Jan 2019STAT03
18 Jan 2019VULN013Jenkins : Jenkins Security Advisory 2019-01-16Systems running Jenkins (core) versions prior to
17 Jan 2019VULN012Wireshark : Multiple dissector crash. Fixed in WiresharkSystems running wireshark versions prior to 2.6.6,
16 Jan 2019VULN011Oracle : January 2019 Critical Patch Update ReleasedSystems running Oracle Database Server,
16 Jan 2019VULN010Apache OpenOffice : CVE-2018-11790 Apache OpenOffice Arithmetic overflow and wrap around during string length calculationSystems running Apache OpenOffice versions prior to
16 Jan 2019VULN009Apache Roller : [CVE-2018-17198] Server-side Request Forgery (SSRF) and File Enumeration vulnerability in Apache RollerSystems running Apache Roller versions 5 prior to
16 Jan 2019VULN008Drupal : SQL Injection and Access bypass vulnerabilities fixed in Drupal extensionsSystems running Phone Field for Drupal versions
16 Jan 2019VULN007Drupal Core : Drupal Core - Multiple Vulnerabilities - SA-CORE-2017-003Systems running Drupal Core versions 7.x, 8.x prior
16 Jan 2019VULN006Joomla! : Core - Stored XSS issues fixedSystems running Joomla! versions prior to 3.9.2.
10 Jan 2019VULN005Microsoft : Microsoft Security Update Summary for January 8, 2019Systems running Internet Explorer, Microsoft Edge,
11 Jan 2019STAT02
8 Jan 2019VULN003Adobe : Security Bulletin for Adobe Acrobat and Reader | APSB19-02Systems running Adobe Acrobat and Reader versions
8 Jan 2019VULN004Jenkins : Sandbox Bypass in Script Security and Pipeline PluginsSystems running Pipeline: Declarative Plugin
8 Jan 2019VULN002Django : Django security releases issued: 2.1.5, 2.0.10, and 1.11.18Systems running Django versions prior to 2.1.5,
8 Jan 2019VULN001GitLab : GitLab Security Release: 11.6.1, 11.5.6, 11.4.13Systems running GitLab versions prior to 11.6.1,
4 Jan 2019STAT01




      
Conception & développement : D.O.S.I. - Dernière mise à jour : 10/01/2020