|
This service analyses sets of email file in .eml format to identify the unsolicited ones (SPAM). Moreover, the service... |
This service identifies typical ransomware behaviours such as file ciphering. Differently from signature-based anti-... |
This service collects data related to public available exploits. The database is updated daily through the official... |
The service offers a survey to check the compliance of an organization with the GDPR (General Data Protection... |
| Published | Description | |
|---|---|---|
| CVE-2020-5398 |
17-01-2020 00:15:00 |
In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input. |
| CVE-2019-15742 |
17-01-2020 00:15:00 |
A local privilege-escalation vulnerability exists in the Poly Plantronics Hub before 3.14 for Windows client application. A local attacker can exploit this issue to gain elevated privileges. |
| CVE-2019-3997 |
16-01-2020 23:15:00 |
Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.0-1.3 allows a local, unauthenticated attacker to pair a rogue keypad to an armed system. |
| CVE-2020-7039 |
16-01-2020 23:15:00 |
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code. |
| CVE-2019-5145 |
16-01-2020 22:15:00 |
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. |
| Date | Title | Platform | Author |
|---|---|---|---|
|
05-11-2019 |
html5_snmp 1.11 - 'Remark' Persistent Cross-Site Scripting | php | cakes |
|
05-11-2019 |
thejshen Globitek CMS 1.4 - 'id' SQL Injection | php | cakes |
|
05-11-2019 |
html5_snmp 1.11 - 'Router_ID' SQL Injection | php | cakes |
|
05-11-2019 |
thrsrossi Millhouse-Project 1.414 - 'content' Persistent Cross-Site Scripting | php | cakes |
|
05-11-2019 |
FileOptimizer 14.00.2524 - Denial of Service (PoC) | windows | SYANiDE |
Italiano
English