The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Airbus Stormshield Data Security

weakness announce CVE-2019-1559

OpenSSL 1.0.2: information disclosure via 0-byte Record Padding Oracle

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via 0-byte Record Padding Oracle of OpenSSL 1.0.2, in order to obtain sensitive information.
Severity: 2/4.
Creation date: 26/02/2019.
Identifiers: bulletinapr2019, bulletinjul2019, CERTFR-2019-AVI-080, CERTFR-2019-AVI-132, CERTFR-2019-AVI-214, CERTFR-2019-AVI-325, cpuapr2019, cpujul2019, cpuoct2019, CVE-2019-1559, DLA-1701-1, DSA-4400-1, FEDORA-2019-00c25b9379, ibm10876638, ibm10886237, ibm10886659, JSA10949, openSUSE-SU-2019:1076-1, openSUSE-SU-2019:1105-1, openSUSE-SU-2019:1173-1, openSUSE-SU-2019:1175-1, openSUSE-SU-2019:1432-1, openSUSE-SU-2019:1637-1, RHBUG-1683804, RHBUG-1683807, RHSA-2019:2304-01, RHSA-2019:2471-01, SB10282, SSA:2019-057-01, SSB-439005, STORM-2019-001, SUSE-SU-2019:0572-1, SUSE-SU-2019:0600-1, SUSE-SU-2019:0658-1, SUSE-SU-2019:0803-1, SUSE-SU-2019:0818-1, SUSE-SU-2019:1362-1, SUSE-SU-2019:14091-1, SUSE-SU-2019:14092-1, SUSE-SU-2019:1553-1, SUSE-SU-2019:1608-1, SYMSA1490, TNS-2019-02, USN-3899-1, VIGILANCE-VUL-28600.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass access restrictions to data via 0-byte Record Padding Oracle of OpenSSL 1.0.2, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2019-3822

libcurl: buffer overflow via NTLM Type-3

Synthesis of the vulnerability

An attacker can trigger a buffer overflow via NTLM Type-3 of libcurl, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Creation date: 06/02/2019.
Identifiers: bulletinjan2019, bulletinoct2019, cpuapr2019, cpujul2019, CVE-2019-3822, DLA-1672-1, DSA-4386-1, FEDORA-2019-43489941ff, openSUSE-SU-2019:0173-1, openSUSE-SU-2019:0174-1, RHSA-2019:3701-01, SSA:2019-037-01, STORM-2019-002, SUSE-SU-2019:0248-1, SUSE-SU-2019:0249-1, SUSE-SU-2019:0249-2, SUSE-SU-2019:0339-1, USN-3882-1, VIGILANCE-VUL-28444.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can trigger a buffer overflow via NTLM Type-3 of libcurl, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

weakness CVE-2018-16890

libcurl: out-of-bounds memory reading via NTLM Type-2

Synthesis of the vulnerability

An attacker can force a read at an invalid address via NTLM Type-2 of libcurl, in order to trigger a denial of service, or to obtain sensitive information.
Severity: 2/4.
Creation date: 06/02/2019.
Identifiers: bulletinjan2019, cpuapr2019, cpujul2019, CVE-2018-16890, DLA-1672-1, DSA-4386-1, FEDORA-2019-43489941ff, K03314397, openSUSE-SU-2019:0173-1, openSUSE-SU-2019:0174-1, RHSA-2019:3701-01, SSA:2019-037-01, STORM-2019-002, SUSE-SU-2019:0248-1, SUSE-SU-2019:0249-1, SUSE-SU-2019:0249-2, SUSE-SU-2019:0339-1, USN-3882-1, VIGILANCE-VUL-28443.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a read at an invalid address via NTLM Type-2 of libcurl, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer weakness announce CVE-2018-16842

libcurl: out-of-bounds memory reading via Warning Message

Synthesis of the vulnerability

An attacker can force a read at an invalid address via Warning Message of libcurl, in order to trigger a denial of service, or to obtain sensitive information.
Severity: 2/4.
Creation date: 31/10/2018.
Identifiers: bulletinoct2018, CVE-2018-16842, DLA-1568-1, DSA-2019-114, DSA-4331-1, FEDORA-2018-298a3d2923, FEDORA-2018-69bac0f51c, FEDORA-2018-7785911c9e, FEDORA-2018-fdc4ca8675, openSUSE-SU-2018:3699-1, openSUSE-SU-2018:3706-1, RHSA-2019:2181-01, SSA:2018-304-01, STORM-2019-002, SUSE-SU-2018:3624-1, SUSE-SU-2018:3681-1, SUSE-SU-2019:0339-1, USN-3805-1, USN-3805-2, VIGILANCE-VUL-27650.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a read at an invalid address via Warning Message of libcurl, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

cybersecurity alert CVE-2018-16839

libcurl: buffer overflow via Curl_auth_create_plain_message

Synthesis of the vulnerability

An attacker can generate a buffer overflow via Curl_auth_create_plain_message() of libcurl, in order to trigger a denial of service, and possibly to run code.
Severity: 2/4.
Creation date: 31/10/2018.
Identifiers: bulletinoct2018, CVE-2018-16839, DLA-1568-1, DSA-4331-1, FEDORA-2018-298a3d2923, FEDORA-2018-69bac0f51c, FEDORA-2018-7785911c9e, FEDORA-2018-fdc4ca8675, openSUSE-SU-2018:3706-1, SSA:2018-304-01, STORM-2019-002, SUSE-SU-2018:3624-1, SUSE-SU-2019:0339-1, SUSE-SU-2019:0996-1, USN-3805-1, VIGILANCE-VUL-27648.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a buffer overflow via Curl_auth_create_plain_message() of libcurl, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer weakness alert CVE-2018-1000300

curl: buffer overflow via FTP Shutdown Response

Synthesis of the vulnerability

An attacker can generate a buffer overflow via FTP Shutdown Response of curl, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Creation date: 16/05/2018.
Identifiers: cpujan2019, cpuoct2018, CVE-2018-1000300, FEDORA-2018-9dc7338487, FEDORA-2018-fa01002d7e, openSUSE-SU-2018:1624-1, SSA:2018-136-01, STORM-2019-002, USN-3648-1, VIGILANCE-VUL-26142.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a buffer overflow via FTP Shutdown Response of curl, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

threat bulletin CVE-2018-1000122

curl: out-of-bounds memory reading via RTSP RTP

Synthesis of the vulnerability

An attacker can force a read at an invalid address via RTSP RTP of curl, in order to trigger a denial of service, or to obtain sensitive information.
Severity: 2/4.
Creation date: 14/03/2018.
Identifiers: bulletinapr2018, cpujan2019, cpujul2019, cpuoct2018, CVE-2018-1000122, DLA-1309-1, DSA-2019-114, DSA-4136-1, FEDORA-2018-66c96e0024, FEDORA-2018-8877b4ccac, JSA10874, openSUSE-SU-2018:0794-1, RHSA-2018:3157-01, RHSA-2018:3558-01, SSA:2018-074-01, STORM-2019-002, SUSE-SU-2018:1323-1, USN-3598-1, USN-3598-2, VIGILANCE-VUL-25547.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a read at an invalid address via RTSP RTP of curl, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2018-1000121

curl: NULL pointer dereference via LDAP URL

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via LDAP URL of curl, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 14/03/2018.
Identifiers: bulletinapr2018, cpujan2019, cpujul2019, cpuoct2018, CVE-2018-1000121, DLA-1309-1, DSA-2019-114, DSA-4136-1, FEDORA-2018-66c96e0024, FEDORA-2018-8877b4ccac, JSA10874, openSUSE-SU-2018:0794-1, RHSA-2018:3157-01, RHSA-2018:3558-01, SSA:2018-074-01, STORM-2019-002, SUSE-SU-2018:1323-1, USN-3598-1, USN-3598-2, VIGILANCE-VUL-25546.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via LDAP URL of curl, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

cybersecurity threat CVE-2018-1000120

curl: memory corruption via FTP URL

Synthesis of the vulnerability

An attacker can generate a memory corruption via FTP URL of curl, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Creation date: 14/03/2018.
Identifiers: bulletinapr2018, cpujan2019, cpujul2019, cpuoct2018, CVE-2018-1000120, DLA-1309-1, DSA-2019-114, DSA-4136-1, FEDORA-2018-66c96e0024, FEDORA-2018-8877b4ccac, JSA10874, openSUSE-SU-2018:0794-1, RHSA-2018:3157-01, RHSA-2018:3558-01, SSA:2018-074-01, STORM-2019-002, SUSE-SU-2018:1323-1, USN-3598-1, USN-3598-2, VIGILANCE-VUL-25545.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a memory corruption via FTP URL of curl, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

threat note CVE-2017-8816 CVE-2017-8817 CVE-2017-8818

curl: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of curl.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 29/11/2017.
Identifiers: bulletinapr2018, bulletinoct2018, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, DLA-1195-1, DSA-4051-1, FEDORA-2017-0c062324cd, FEDORA-2017-45bdf4dace, HT208465, HT208692, JSA10874, openSUSE-SU-2018:0161-1, RHSA-2018:3558-01, STORM-2019-002, USN-3498-1, USN-3498-2, VIGILANCE-VUL-24564.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of curl.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Airbus Stormshield Data Security: