NEWS & EVENTS

SERVICES

The service detects malicious signatures in analysed files, by scanning it with 57 different commercial anti-malware....

This service shows statistics related to Tweets related to Cyber-Security, allowing to search them by keywords such as...

This service identifies typical ransomware behaviours such as file ciphering. Differently from signature-based anti-...

An onthology represents an important resource for the organisation of a domain's knowledge in a more detailed way by...

LATEST CVE

Published Description
CVE-2020-7602
15-03-2020 22:15:00
node-prompt-here through 1.0.1 allows execution of arbitrary commands. The "runCommand()" is called by "getDevices()" function in file "linux/manager.js", which is required by the "index. process.env.NM_CLI" in the file "linux/manager.js". This function is used to construct the argument of function "execSync()", which can be controlled by users without any sanitization.
CVE-2019-2089
15-03-2020 22:15:00
In app uninstallation, there is a possible set of permissions that may not be removed from a shared app ID. This could lead to a local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10 Android ID: A-116608833
CVE-2020-10587
14-03-2020 22:15:00
antiX and MX Linux allow local users to achieve root access via "persist-config --command /bin/sh" because of the Sudo configuration.
CVE-2020-10574
14-03-2020 20:15:00
An issue was discovered in Janus through 0.9.1. janus.c tries to use a string that doesn't actually exist during a "query_logger" Admin API request, because of a typo in the JSON validation.
CVE-2020-10575
14-03-2020 20:15:00
An issue was discovered in Janus through 0.9.1. plugins/janus_videocall.c in the VideoCall plugin mishandles session management because a race condition causes some references to be freed too early or too many times.

Pages

LATEST EXPLOIT

Date Title Platform Author
11-02-2019
VA MAX 8.3.4 - Authenticated Remote Code Execution php Cody Sixteen
11-02-2019
River Past Video Cleaner 7.6.3 - Local Buffer Overflow (SEH) windows crash_manucoot
11-02-2019
Webiness Inventory 2.3 - 'email' SQL Injection php Mehmet EMIROGLU
06-02-2019
Skia - Incorrect Convexity Assumptions Leading to Buffer Overflows multiple Google Security Research
06-02-2019
osCommerce 2.3.4.1 - 'products_id' SQL Injection php Mehmet EMIROGLU

Pages