NEWS & EVENTS

SERVICES

This service collects data related to public available exploits. The database is updated daily through the official...

The service offers a survey to check the compliance of an organization with the GDPR (General Data Protection...

This service analyses sets of email file in .eml format to identify the unsolicited ones (SPAM). Moreover, the service...

The service analyzes a DNS request log and detects if there are domain names which can be generated by a Domain...

LATEST CVE

Published Description
CVE-2020-12762
09-05-2020 18:15:00
json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.
CVE-2020-12637
09-05-2020 17:15:00
Zulip Desktop before 5.2.0 has Missing SSL Certificate Validation because all validation was inadvertently disabled during an attempt to recognize the ignoreCerts option.
CVE-2020-12755
09-05-2020 16:15:00
fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. This may lead to unintended KWallet storage of a password.
CVE-2020-11532
08-05-2020 21:15:00
Zoho ManageEngine DataSecurity Plus prior to 6.0.1 uses default admin credentials to communicate with a DataEngine Xnode server. This allows an attacker to bypass authentication for this server and execute all operations in the context of admin user.
CVE-2020-11531
08-05-2020 21:15:00
The DataEngine Xnode Server application in Zoho ManageEngine DataSecurity Plus prior to 6.0.1 does not validate the database schema name when handling a DR-SCHEMA-SYNC request. This allows an authenticated attacker to execute code in the context of the product by writing a JSP file to the webroot directory via directory traversal.

Pages

LATEST EXPLOIT

Pages