NEWS & EVENTS

SERVICES

This service analyses sets of email file in .eml format to identify the unsolicited ones (SPAM). Moreover, the service...

This service collects data related to public available exploits. The database is updated daily through the official...

The main goal of the tool is to provide a simple and quick tool for cyber risk self-assessment. The tool requires two...

This service identifies typical ransomware behaviours such as file ciphering. Differently from signature-based anti-...

LATEST CVE

Published Description
CVE-2018-18544
20-10-2018 21:29:00
There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16.
CVE-2018-18546
20-10-2018 21:29:00
ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable.
CVE-2018-18545
20-10-2018 21:29:00
Fiyo CMS 2.0.7 has XSS via the dapur\apps\app_user\edit_user.php name parameter.
CVE-2018-18541
20-10-2018 18:29:00
In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download packets.
CVE-2018-18540
20-10-2018 17:29:00
TeaKKi 2.7 allows XSS via a crafted onerror attribute for a picture's URL.

Pages