NEWS & EVENTS

SERVICES

The service detects malicious signatures in analysed files, by scanning it with 57 different commercial anti-malware....

The service analyzes a DNS request log and detects if there are domain names which can be generated by a Domain...

This service shows statistics related to Tweets related to Cyber-Security, allowing to search them by keywords such as...

The main goal of the tool is to provide a simple and quick tool for cyber risk self-assessment. The tool requires two...

LATEST CVE

Published Description
CVE-2020-26192
09-02-2021 22:15:00
Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A non-admin user with either ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH may potentially exploit this vulnerability to read arbitrary data, tamper with system software or deny service to users. Note: no non-admin users or roles have these privileges by default.
CVE-2020-26195
09-02-2021 22:15:00
Dell EMC PowerScale OneFS versions 8.1.2 – 9.1.0 contain an issue where the OneFS SMB directory auto-create may erroneously create a directory for a user. A remote unauthenticated attacker may take advantage of this issue to slow down the system.
CVE-2020-35125
09-02-2021 22:15:00
A cross-site scripting (XSS) vulnerability in the forms component of Mautic before 3.2.4 allows remote attackers to inject executable JavaScript via mautic[return] (a different attack method than CVE-2020-35124, but also related to the Referer concept).
CVE-2020-26193
09-02-2021 22:15:00
Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. A user with the ISI_PRIV_CLUSTER privilege may exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application.
CVE-2020-26194
09-02-2021 22:15:00
Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrect Permission Assignment for a Critical Resource vulnerability. This may allow a non-admin user with either ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges to exploit the vulnerability, leading to compromised cryptographic operations. Note: no non-admin users or roles have these privileges by default.

Pages

LATEST EXPLOIT

Date Title Platform Author
02-11-2020
Quick N Easy FTP Service 3.2 - Unquoted Service Path windows yunaranyancat
02-11-2020
Monitorr 1.7.6m - Remote Code Execution (Unauthenticated) php Lyhin\'s Lab
02-11-2020
Monitorr 1.7.6m - Authorization Bypass php Lyhin\'s Lab
02-11-2020
Apache Flink 1.9.x - File Upload RCE (Unauthenticated) java bigger.wing
30-10-2020
Citadel WebCit < 926 - Session Hijacking Exploit multiple Simone Quatrini

Pages