NEWS & EVENTS

SERVICES

An onthology represents an important resource for the organisation of a domain's knowledge in a more detailed way by...

The service offers a survey to check the compliance of an organization with the GDPR (General Data Protection...

The main goal of the tool is to provide a simple and quick tool for cyber risk self-assessment. The tool requires two...

This service collects data related to public available exploits. The database is updated daily through the official...

LATEST CVE

Published Description
CVE-2020-8841
10-02-2020 21:56:00
An issue was discovered in TestLink 1.9.19. The relation_type parameter of the lib/requirements/reqSearch.php endpoint is vulnerable to authenticated SQL Injection.
CVE-2019-6744
10-02-2020 21:53:00
This vulnerability allows local attackers to disclose sensitive information on affected installations of Samsung Knox 1.2.02.39 on Samsung Galaxy S9 build G9600ZHS3ARL1 Secure Folder. An attacker must first obtain physical access to the device in order to exploit this vulnerability. The specific flaws exists within the the handling of the lock screen for Secure Folder. The issue results from the lack of proper validation that a user has correctly authenticated. An attacker can leverage this vulnerability to disclose the contents of the secure container. Was ZDI-CAN-7381.
CVE-2019-17517
10-02-2020 21:51:00
The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 5.0.4 for DA14580/1/2/3 devices does not properly restrict the L2CAP payload length, allowing attackers in radio range to cause a buffer overflow via a crafted Link Layer packet.
CVE-2019-17518
10-02-2020 21:51:00
The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 1.0.14.1081 for DA1468x devices responds to link layer packets with a payload length larger than expected, allowing attackers in radio range to cause a buffer overflow via a crafted packet. This affects, for example, August Smart Lock.
CVE-2019-17060
10-02-2020 21:51:00
The Bluetooth Low Energy (BLE) stack implementation on the NXP KW41Z (based on the MCUXpresso SDK with Bluetooth Low Energy Driver 2.2.1 and earlier) does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID (LLID) equal to zero. This allows attackers within radio range to cause deadlocks, cause anomalous behavior in the BLE state machine, or trigger a buffer overflow via a crafted BLE Link Layer frame.

Pages

LATEST EXPLOIT

Date Title Platform Author
05-09-2018
FUJI XEROX DocuCentre-V 3065 Printer - Remote Command Execution hardware vr_system
05-09-2018
Tenda ADSL Router D152 - Cross-Site Scripting hardware Sandip Dey
05-09-2018
FTPShell Server 6.80 - 'Add Account Name' Buffer Overflow (SEH) windows_x86 Luis Martínez
05-09-2018
Microsoft people 10.1807.2131.0 - Denial of service (PoC) windows_x86-64 L0RD
04-09-2018
PHP File Browser Script 1 - Directory Traversal php AkkuS

Pages