NEWS

There are no events to display

SERVICES

The service shows a 3D representation of network traffic related to attacks on a honeypot in Pisa. In addition, the...

The service offers a platform that allows Registrars to check for any performance and security problems present on...

The service offers a survey to check the compliance of an organization with the GDPR (General Data Protection...

This service shows statistics related to Tweets related to Cyber-Security, allowing to search them by keywords such as...

LATEST CVE

Published Description
CVE-2020-6619
08-01-2020 23:15:00
stb stb_truetype.h through 1.22 has an assertion failure in stbtt__buf_seek.
CVE-2019-17020
08-01-2020 22:15:00
If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet, the Content Security Policy will not be applied to the contents of the XSL stylesheet. If the XSL sheet e.g. includes JavaScript, it would bypass any of the restrictions of the Content Security Policy applied to the XML document. This vulnerability affects Firefox < 72.
CVE-2019-17021
08-01-2020 22:15:00
During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVE-2019-17022
08-01-2020 22:15:00
When pasting a &lt;style&gt; tag from the clipboard into a rich text editor, the CSS sanitizer does not escape &lt; and &gt; characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node's innerHTML, assigning it to another innerHTML, this would result in an XSS vulnerability. Two WYSIWYG editors were identified with this behavior, more may exist. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVE-2019-17014
08-01-2020 22:15:00
If an image had not loaded correctly (such as when it is not actually an image), it could be dragged and dropped cross-domain, resulting in a cross-origin information leak. This vulnerability affects Firefox < 71.

Pages

LATEST EXPLOIT

Date Title Platform Author
31-08-2018
Network Manager VPNC - Username Privilege Escalation (Metasploit) linux Metasploit
31-08-2018
Argus Surveillance DVR 4.0.0.0 - Privilege Escalation windows_x86 hyp3rlinx

Pages