NEWS

There are no events to display

SERVICES

This service analyses sets of email file in .eml format to identify the unsolicited ones (SPAM). Moreover, the service...

The service aims at offering a representation of the  Cybersecurity domain through the creation of a controlled...

This service identifies typical ransomware behaviours such as file ciphering. Differently from signature-based anti-...

The service analyzes a DNS request log and detects if there are domain names which can be generated by a Domain...

LATEST CVE

Published Description
CVE-2020-11595
06-04-2020 22:15:00
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and obtain the upload folder path that includes the hostname in a UNC path.
CVE-2020-11589
06-04-2020 22:15:00
An Insecure Direct Object Reference issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make a GET request to a certain URL and obtain information that should be provided to authenticated users only.
CVE-2020-11592
06-04-2020 22:15:00
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and get the columns of a specific table within the CIP database.
CVE-2020-11591
06-04-2020 22:15:00
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and obtain the full application path along with the customer name.
CVE-2020-11582
06-04-2020 21:15:00
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, launches a TCP server that accepts local connections on a random port. This can be reached by local HTTP clients, because up to 25 invalid lines are ignored, and because DNS rebinding can occur. (This server accepts, for example, a setcookie command that might be relevant to CVE-2020-11581 exploitation.)

Pages

LATEST EXPLOIT

Pages