NEWS

There are no events to display

SERVICES

The service aims at offering a representation of the  Cybersecurity domain through the creation of a controlled...

The service analyzes a DNS request log and detects if there are domain names which can be generated by a Domain...

The service offers a platform that allows Registrars to check for any performance and security problems present on...

This service identifies typical ransomware behaviours such as file ciphering. Differently from signature-based anti-...

LATEST CVE

Published Description
CVE-2020-11565
06-04-2020 01:15:00
An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa.
CVE-2020-11558
05-04-2020 20:15:00
An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by MP4Box. audio_sample_entry_Read in isomedia/box_code_base.c does not properly decide when to make gf_isom_box_del calls. This leads to various use-after-free outcomes involving mdia_Read, gf_isom_delete_movie, and gf_isom_parse_movie_boxes.
CVE-2020-11548
05-04-2020 00:15:00
The Search Meter plugin through 2.13.2 for WordPress allows user input introduced in the search bar to be any formula. The attacker could achieve remote code execution via CSV injection if a wp-admin/index.php?page=search-meter Export is performed.
CVE-2020-11547
05-04-2020 00:15:00
PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself (CPU usage, memory, Windows version, and internal statistics) via an HTTP request, as demonstrated by type=probes to login.htm or index.htm.
CVE-2020-11542
04-04-2020 22:15:00
3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authentication Bypass via CMD.HTM?CMD= because authentication depends on the client side's interpretation of the <KEY>MYKEY</KEY> substring.

Pages

LATEST EXPLOIT

Date Title Platform Author
01-04-2020
10Strike LANState 9.32 - 'Force Check' Buffer Overflow (SEH) windows Hodorsec
01-04-2020
DiskBoss 7.7.14 - Denial of Service (PoC) windows Paras Bhatia
31-03-2020
FlashFXP 4.2.0 Build 1730 - Denial of Service (PoC) windows Paras Bhatia
31-03-2020
SharePoint Workflows - XOML Injection (Metasploit) windows Metasploit
31-03-2020
DLINK DWL-2600 - Authenticated Remote Command Injection (Metasploit) hardware Metasploit

Pages