|
This service analyses sets of email file in .eml format to identify the unsolicited ones (SPAM). Moreover, the service... |
The service aims at offering a representation of the Cybersecurity domain through the creation of a controlled... |
This service identifies typical ransomware behaviours such as file ciphering. Differently from signature-based anti-... |
The service analyzes a DNS request log and detects if there are domain names which can be generated by a Domain... |
| Published | Description | |
|---|---|---|
| CVE-2020-11595 |
06-04-2020 22:15:00 |
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and obtain the upload folder path that includes the hostname in a UNC path. |
| CVE-2020-11589 |
06-04-2020 22:15:00 |
An Insecure Direct Object Reference issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make a GET request to a certain URL and obtain information that should be provided to authenticated users only. |
| CVE-2020-11592 |
06-04-2020 22:15:00 |
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and get the columns of a specific table within the CIP database. |
| CVE-2020-11591 |
06-04-2020 22:15:00 |
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and obtain the full application path along with the customer name. |
| CVE-2020-11582 |
06-04-2020 21:15:00 |
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, launches a TCP server that accepts local connections on a random port. This can be reached by local HTTP clients, because up to 25 invalid lines are ignored, and because DNS rebinding can occur. (This server accepts, for example, a setcookie command that might be relevant to CVE-2020-11581 exploitation.) |
| Date | Title | Platform | Author |
|---|---|---|---|
|
06-04-2020 |
WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting | multiple | Gal Weizman |
|
06-04-2020 |
UltraVNC Viewer 1.2.4.0 - 'VNCServer' Denial of Service (PoC) | windows | chuyreds |
|
06-04-2020 |
Memu Play 7.1.3 - Insecure Folder Permissions | windows | chuyreds |
|
06-04-2020 |
Bolt CMS 3.7.0 - Authenticated Remote Code Execution | php | r3m0t3nu11 |
|
06-04-2020 |
pfSense 2.4.4-P3 - 'User Manager' Persistent Cross-Site Scripting | freebsd | Matthew Aberegg |
| Published | Title | URL |
|---|---|---|
| 19-03-2020 | Vulnerabilità multiple in Cisco SD-WAN Solution | CERT LINK |
| 19-03-2020 | Aggiornamento di sicurezza per Google Chrome (18 marzo 2020) | CERT LINK |
| 18-03-2020 | Aggiornamenti di sicurezza per Acrobat, Reader, Photoshop e altri prodotti Adobe | CERT LINK |
| 17-03-2020 | Aggiornamenti di sicurezza per prodotti VMware | CERT LINK |
| 16-03-2020 | Aggiornamenti di sicurezza per Moodle (marzo 2020) | CERT LINK |
Italiano
English