NEWS & EVENTS

SERVICES

The service offers a platform that allows Registrars to check for any performance and security problems present on...

The service shows a 3D representation of network traffic related to attacks on a honeypot in Pisa. In addition, the...

An onthology represents an important resource for the organisation of a domain's knowledge in a more detailed way by...

This service offers the possibility of searching public domain information related to known security hardware and...

LATEST CVE

Published Description
CVE-2020-11508
07-04-2020 19:15:00
An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for WordPress allows logged-in users with minimal permissions to create or replace existing pages with a malicious page containing arbitrary JavaScript via the wp_ajax_core37_lp_save_page (aka core37_lp_save_page) AJAX action.
CVE-2020-6647
07-04-2020 19:15:00
An improper neutralization of input vulnerability in the dashboard of FortiADC may allow an authenticated attacker to perform a cross site scripting attack (XSS) via the name parameter.
CVE-2020-9286
07-04-2020 19:15:00
An improper authorization vulnerability in FortiADC may allow a remote authenticated user with low privileges to perform certain actions such as rebooting the system.
CVE-2020-6974
07-04-2020 18:15:00
Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Honeywell has released a firmware update to address the problem.
CVE-2015-9545
07-04-2020 18:15:00
An issue was discovered in xdLocalStorage through 2.0.5. The receiveMessage() function in xdLocalStorage.js does not implement any validation of the origin of web messages. Remote attackers who can entice a user to load a malicious site can exploit this issue to impact the confidentiality and integrity of data in the local storage of the vulnerable site via malicious web messages.

Pages

LATEST EXPLOIT

Pages